It shouldn't happen to an IT consultant
Spend your time doing business, not IT.
Friday 12 December 2008, 12:49 AM
Compliance - 2b Forensic readiness planning, really, you need to do this.
Most businesses are aware of the need to keep personal and other data secure, and to have a disaster recovery plan in place, but haven't even heard of, let alone considered a forensic readiness plan. The Information Assurance Advisory Coucil’s Directors’ and Corporate Advisors’ Guide to Digital Investigations and Evidence Written as it is by Prof. Peter Sumner, it is an authoritative easy to read guide to creating one.
As Sumner points out, “…much more common than the catastrophic event is the one where there is a threatened legal outcome. Examples include disputed transactions, suspected fraud, employee problems, complaints of negligence, “smaller” cyber attacks, theft of data. These may be comparatively low impact but they are also high frequency events; most organisations will experience some form of them over the period of just a few months and some may expect them daily.
Common to all of them is the need for evidence, usually in digital form, to support the organisation’s position. Hence the need for a Forensic Readiness Plan, a sibling of the Disaster Recovery Plan.”
There is considerable overlap between the two, preserving and recovering damaged data in the event of a disaster requires similar digital forensics skills as those needed to defend (or pursue) a court case (which can itself result from a disaster). As the size of data storage grows and the pervasiveness of the digital world increases it becomes increasingly likely that everything from insurance claims to employee fraud demand an awareness of digital forensics.
As well as providing a basic grounding in the technical side Sommer succinctly provides an excellent overview of the legal issues and the planning process itself. I highly recommend giving this guide a read and implementing its recommendations.
As Sumner points out, “…much more common than the catastrophic event is the one where there is a threatened legal outcome. Examples include disputed transactions, suspected fraud, employee problems, complaints of negligence, “smaller” cyber attacks, theft of data. These may be comparatively low impact but they are also high frequency events; most organisations will experience some form of them over the period of just a few months and some may expect them daily.
Common to all of them is the need for evidence, usually in digital form, to support the organisation’s position. Hence the need for a Forensic Readiness Plan, a sibling of the Disaster Recovery Plan.”
There is considerable overlap between the two, preserving and recovering damaged data in the event of a disaster requires similar digital forensics skills as those needed to defend (or pursue) a court case (which can itself result from a disaster). As the size of data storage grows and the pervasiveness of the digital world increases it becomes increasingly likely that everything from insurance claims to employee fraud demand an awareness of digital forensics.
As well as providing a basic grounding in the technical side Sommer succinctly provides an excellent overview of the legal issues and the planning process itself. I highly recommend giving this guide a read and implementing its recommendations.
Previous
