mobile digital evidence and forensics
DESCRIPTION
CY4ORs Laboratory Manager John Young discusses the challenges and opportunities concerning mobile enterprise and the disclosure of electronic evidence.TRANSCRIPT
E Radar Mobile Enterprise Summit
Mobile Digital Evidence
cy4or.co.uk 3 March 2014
Agenda
Understanding the goals of forensic readiness
Magnitude of information
Preservation of evidence
cy4or.co.uk 3 March 2014
Understanding the goals of
forensic readiness
cy4or.co.uk 3 March 2014
To gather admissible evidence legally and without interfering
with business processes
cy4or.co.uk 3 March 2014
To gather evidence targeting the potential crimes and
disputes that may adversely impact the organisation
cy4or.co.uk 3 March 2014
To allow an investigation to proceed at a cost in proportion
to the incident
cy4or.co.uk 3 March 2014
To minimise interruption to the business from any
investigation and to ensure that evidence makes a positive impact on the outcome of any
legal action
cy4or.co.uk 3 March 2014
The magnitude of information
cy4or.co.uk 3 March 2014
• A4 sheet with 1” margin contains 3600 characters at 12pt
• 500sheets of A4 80gsm = 2.25”• 500 x 3600 = 1.8M bytes• ~1Mbytes = 1.25” (2.25/1.8)• 40GB = 4,166ft high (40x1000x1.25”)
1062
.9 f
eet
cy4or.co.uk 3 March 2014
‘Big Data’
Every time we travel with smartphones, make card
purchases online and use social media we contribute to 'big data'
cy4or.co.uk 3 March 2014
Where is data stored?
cy4or.co.uk 3 March 2014
EDRM
Source: www.edrm.net
cy4or.co.uk 3 March 2014
Preservation of evidence
cy4or.co.uk 3 March 2014
Detecting computer misuse
cy4or.co.uk 3 March 2014
What is digital evidence?
cy4or.co.uk 3 March 2014
Incident response – do’s and don’ts
cy4or.co.uk 3 March 2014
Thank you for your timeAny questions?
www.cy4or.co.uk www.cy4or.co.uk/news