When unfortunate circumstances give rise to the dismissal, unexpected
resignation or investigation of an employee, a series of automated
responses engage as a precaution to mitigating risks.
Perhaps the most immediate and instinctive measures taken by Human
Resource and Corporate Security are the retrieval of and denial of
service to any and all corporate assets. This is especially true for
network services, laptops, workstations and BlackBerry devices.
While due diligence may appear at this point to be reasonably satisfied, a large potential risk STILL exists! Surprisingly enough, little or no attention is ever paid to the actual contents of the computer assets. In many cases, user accounts are simply deleted and the computer is quickly put back into circulation.
- What steps does
your organization take to verify that company secrets or client
information have not been disclosed, accessed, altered or deleted?
- Are you not
concerned about e-mail messages or Internet history activity that might
reveal dialogue with key competitors or the exchange of confidential
information?
- Did you know that computer forensics can recover deleted files which can date as far back as years?
- Did you also
know that as much as 80-90% of a computer's hard drive is not
accessible by the average user (including IT staff) and contains a
wealth of information that may be easily recovered? Could this
information be damaging to the organization in any way?
Computer forensics is the best means to recover essential information in a manner that not only conforms to the recognized rules of evidence,
but ensures that corporate decision makers have all the facts before
acting and that evidence will be accepted by a court of law. |
|
It’s
time to consider Computer Forensics as a top priority in any employee
dismissal, resignation or investigation. Here are essential DO’s and
DON’Ts that I.T. and corporate staff must know:
- DON'T ever peruse,
remotely access or log onto the computer if it is on. This will change
time stamps and overwrite data. More importantly, it will jeopardize
the integrity and admissibility of evidence in court.
- DON’T power down
the computer using the operating system. Simply unplug the power cord
from the back of the box. For SERVER computers or virtual RAIDs do
nothing. Call us!
- DON’T install or run software of any kind! Doing so will alter the drive.
- DO store the asset in a secure and dry location and maintain a continuity log along with detailed notes.
- DO mitigate risk from the onset by following the above steps.
- DO give us a call for an expert examination of the assets. We will prepare a comprehensive and court acceptable forensic report.
- DON'T delegate forensic responsibilities to untrained persons! Your company's financial position and reputation are at risk!
* Our computer forensic investigator is a former police officer that
has been court qualified as an expert witness on numerous occasions and
has over 17 years of criminal investigative experience. His experience
and confidence in the courtroom has contributed to successful outcomes
in every case to date.
|
CORPORATE SERVICES (ONE PAGE AD)
