There are very few areas of dispute or crime where computer forensics
cannot be used. The law enforcement agencies are one of the heaviest
and the earliest users of the computer forensics and consequently have
offered forefront in the development of this field. The computers might
constitute the scene of crime for instance computer hacking. The dispute
in such cases can include denial of the service attacks. They can hold
the evidence in the form of emails, documents, internet history or other
files which can be relevant to crimes such as kidnapping, drug
trafficking and fraud. The interesting point in this aspect is that not
only the content of these emails or documents is related to the
investigation however; the 'meta data' of these files is also concerned
with the case. It is the job of Computer forensic Experts to find out
when the file was last time edited, saved or printed out by an
individual and which user has done these actions.Overall, we can say
that an individual can easily confuse between these two. This is true
especially in today's scenario when most of the vendors market
themselves under ediscovery umbrella. However, by close inspection we
can see the differences between two.
Digital forensics is a wide field however it is also important for an individual to understand its difference from E discovery. Here are some important differences which make them different from each other.
Nowadays, there are various commercial organisations which are employing computer forensics for benefitting themselves in a variety of cases such as
Regulatory compliance
Internet or inappropriate email use in the workplace
Bankruptcy investigations
Matrimonial issues
Forgeries
Fraud investigations
Employment disputes
Industrial espionage
Intellectual property theft
Guidelines.
According to the law there are basically four guidelines which are supposed to be followed in this field
No action must be taken which can change or edit the data in storage media or computer.
In a circumstance where the user has access to the original data, he must competent to do so, and should be able to provide evidence for his actions.
A record and audit trail of all the processes which apply to the electronic evidence should be made and preserved.
The person who is in charge of investigation has the overall responsibility to preserve the digital evidence.The digital forensics is basically a terminology which is employed when the digital artefacts are taken from the computer system in a forensically sound manner. This includes the spreadsheets, documents, pictures, emails, PDA or any other device with a storage capability. The operation of the digital forensic can be done even if the previous data was erased. The data can be completely tracked down in order to gain the information regarding its creation or installation. However, if we talk about E discovery, it is simply a process of gathering data. The data which is gathered is readily available and is found in a storage device such as computer, iPhone, iPad or server.
In summary we can say that no changes should be made to the original data.
Digital forensics is a wide field however it is also important for an individual to understand its difference from E discovery. Here are some important differences which make them different from each other.
Nowadays, there are various commercial organisations which are employing computer forensics for benefitting themselves in a variety of cases such as
Regulatory compliance
Internet or inappropriate email use in the workplace
Bankruptcy investigations
Matrimonial issues
Forgeries
Fraud investigations
Employment disputes
Industrial espionage
Intellectual property theft
Guidelines.
According to the law there are basically four guidelines which are supposed to be followed in this field
No action must be taken which can change or edit the data in storage media or computer.
In a circumstance where the user has access to the original data, he must competent to do so, and should be able to provide evidence for his actions.
A record and audit trail of all the processes which apply to the electronic evidence should be made and preserved.
The person who is in charge of investigation has the overall responsibility to preserve the digital evidence.The digital forensics is basically a terminology which is employed when the digital artefacts are taken from the computer system in a forensically sound manner. This includes the spreadsheets, documents, pictures, emails, PDA or any other device with a storage capability. The operation of the digital forensic can be done even if the previous data was erased. The data can be completely tracked down in order to gain the information regarding its creation or installation. However, if we talk about E discovery, it is simply a process of gathering data. The data which is gathered is readily available and is found in a storage device such as computer, iPhone, iPad or server.
In summary we can say that no changes should be made to the original data.
No comments:
Post a Comment