Introduction
Forensics investigations that require the analyzation and processing of digital evidence can be influenced both positively and negatively by a number of outside sources. In this paper, we will explore how physical security plays a role in forensics investigations activities. We will start by examining how physical and environmental security might impact the forensics investigation process. Next, we will discuss the role that physical and logical security zones play in supporting effective forensics activities. We will illustrate how centralized and decentralized physical and environmental security affects the forensics professional’s approach toward the investigation. Lastly, we will evaluate some potential areas of risk related to the physical security of our case study organization, Widget Factory, identified in Attachment 1.
Physical and Environmental Security Impact on Forensics Investigations
Physical and environmental security programs are generally considered to be a collection of mechanisms and controls put into place that help ensure the availability of information technology capabilities. These programs protect an organization from fire, flood, theft, power failure, intentional, and even unintentional damage through negligence. Implementation of these programs at the organizational level can take place in a number of ways but most organizations choose to follow the application of a body of standards, usually set forth by an organization such as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Once such body of standards put forth by ISO/IEC is 27002, Information technology – Security techniques – Code of practice for information secur...
... middle of paper ...
...al security factors make continued operations in these remote location extremely risky.
Summary
Physical security plays an important role in the digital forensics process. Implementation of a good physical and environmental security program can help digital forensics investigators perform their jobs more accurately and effectively. In this paper we explored just how those physical and environmental security programs impacted forensics activities. We explored the role of security zones including how the zones function together during the investigative process. Additionally, we showed how centralized and decentralized physical and environmental security impacts forensics evidence gathering. Finally, we evaluated some of the potential risks to physical security in our case study organization in an attempts to improve the security posture of that organization.
This project must meet the requirements of DoD security policies and standards for delivery of the technology services. The first requirement we are to discuss is Federal Information Security Management Act (FISMA) which is a United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. FISMA assigned the National Institute of Standards and Technology (NIST), the responsibility of defining standards and security procedures to be followed and must be complied. There are nine processes NIST outlines to be in compliance with FISMA:
National Institute of Standards and Technology (NIST): Risk Management Guide for Information Technology Systems. Special Publication 800-30, 2002.
Digital Forensic is the process of uncovering and interpreting electronic data that can be used in a court of law. It requires a set of standards to show how the information that is gathered, preserve, and analyzed is strictly followed. The analysts need to understand the evolution of the current technology and how it will impact how they gather their information. The investigator is able to uncover evidence and analyze it to gain the understanding of the motives, crime, and the criminal’s identity to help solve the crime. As computers and technology continue to become a part of our everyday lives, the cyber realm contains a growing realm for evince in all types of criminal investigations (Cummings, 2008) Digital forensics is a way to connect information security and law enforcement. It ensures that the digital evidence is collected in a way that it can make it into the courts in an unhampered or uncontaminated way (Dlamini, M., Eloff, J. & Eloff, M., 2009).
On 5 October 2009, computer equipment from a network data closet was stolen from BCBST. The items stolen were 57 unencrypted hard drives which contained over 300,000 video recording and over one million audio recordings. According to Whitman & Mattord (2010), confidentiality, integrity, and availability makes up the C.I.A triangle which is the basis of Committee on National Security model for information security, an industrial standard, (Whitman & Mattord, 2010). Confidentiality can be a synonym for encryption but also means only the people with the correct permission can access the information. One of the major security issue is the hard drives were not encrypted. The hard drives should be encrypted to prevent people from reading the information the computer. Software can be purchased which will encrypt files on hard drive with such as Folder Lock, SensiGuard, Secure IT, and more. There are open source encrypting software which are free for use which could have been used. If the hard drives were not needed, the data should hav...
The criminal justice system has changed a lot since the good old days of the Wild West when pretty much anything was legal. Criminals were dealt with in any fashion the law enforcement saw fit. The science of catching criminals has evolved since these days. We are better at catching criminals than ever and we owe this advancement to forensic science. The development of forensic science has given us the important techniques of fingerprinting and DNA analysis. We can use these techniques to catch criminals, prove people's innocence, and keep track of inmates after they have been paroled. There are many different ways of solving crimes using forensic evidence. One of these ways is using blood spatter analysis; this is where the distribution and pattern of bloodstains is studied to find the nature of the event that caused the blood spatter. Many things go into the determination of the cause including: the effects of various types of physical forces on blood, the interaction between blood and the surfaces on which it falls, the location of the person shedding the blood, the location and actions of the assailant, and the movement of them both during the incident. Another common type of forensic evidence is trace evidence. This is commonly recovered from any number of items at a crime scene. These items can include carpet fibers, clothing fibers, or hair found in or around the crime scene. Hairs recovered from crime scenes can be used as an important source of DNA. Examination of material recovered from a victim's or suspect's clothing can allow association to be made between the victim and other people, places, or things involved in the investigation. DNA analysis is the most important part of forensic science. DNA evidence can come in many forms at the crime scene. Some of these forms include hair; bodily fluids recovered at the crime scene or on the victim's body, skin under the victim's fingernails, blood, and many others. This DNA can be the basis of someone's guilt or innocence; it has decided many cases in the twentieth century. As the times continue to change and the criminals get smarter we will always need to find new ways to catch them. Forensic science is the most advanced method yet, but is only the beginning. As the field of science grows so will the abilities of the
Rape, murder, theft, and other crimes almost always leave a devastating mark on the victim. More often than not, it would be impossible to identify the perpetrator a crime without forensic science and the technology it uses. Forensic science allows investigators to unmask the secrets of the crime scene. Evidence gathered at the crime scene helps to identify the guilty party, murder weapon, and even the identity of the victim (Harkawy, 1991: 276). The new technologies enables the forensic experts to have better and faster access to accumulated information, to be more accurate in the identification of victims or delinquents, and minimizes the possibility of wrongful accusations. New technology has improved the methods and techniques that forensic scientists and law enforcement investigators use, in order to provide a safer environment for other people. Information technology is one of the most important aspects in forensic science. It is very important for the forensic experts to receive the undisturbed evidence, such as fingerprints left at the crime scene, as quickly as possible, for more accurate readings. Thus using space technology, such as satellite communication, enables the forensic experts to "gather and digitize evidence at the crime scene, enter it into an on-site computer, and beam the data to a crime lab for swift analysis" (Paula, 1998: 12). Therefore, due to the use of this technology, forensic experts in laboratories can examine the evidence in short time, and the possibility of damage or unlawful manipulation of the evidence before the trial is minimal (Paula, 1998: 12). More often than not, "criminals" wear gloves at the time of the crime, thus to obtain a fingerprint...
The information gathered in this report will show the methodology and tools used to forensically examine any files or images stored in relation to the investigation claim of Bobby Joe. While the examination is being conducted I will show how the chain of custody of evidence is kept, what evidence was discovered in the file image, and identify and examine the devices used. It will also show what steps Bobby Joe took to store information on the claim against him. The results of this investigation will then be used to determine if any offences he may have committed according to the State laws. The report will also provide a summary of the information for a jury to examine and understand. USB flash drive without any security function causes
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Forensic Science, recognized as Forensics, is the solicitation of science to law to understand evidences for crime investigation. Forensic scientists are investigators that collect evidences at the crime scene and analyse it uses technology to reveal scientific evidence in a range of fields. Physical evidence are included things that can be seen, whether with the naked eye or through the use of magnification or other analytical tools. Some of this evidence is categorized as impression evidence2.In this report I’ll determine the areas of forensic science that are relevant to particular investigation and setting out in what method the forensic science procedures I have recognized that would be useful for the particular crime scene.
Evaluation of the forensic tools identified UFED Physical Analyzer as the ideal choice. A cost-benefit analysis between the two tools and UFED had favorable results by mitigating the cost of training. Furthermore, extensive testing by the author and software tests performed by the U.S. Department of Homeland Security’s (DHS) Computer Forensics Tool Testing (CFTT) program determined UFED supports more mobile devices without reporting errors. In addition, the most important feature a mobile forensics tool has is the ability to retain integrity. This is especially true if a criminal case used the mobile device as evidence. UFED has been found to do this extremely well, where OFS falls short due to installing a program on the original device.
The transitional growth in the forensic science sector has not been without challenges. Though the world has experienced increased capabilities and scientific knowledge, which has led to faster investigations and results, many forensic experts have argued that forensic laboratory testing, in the light of 21st century technological advancements, is yet to meet the expected rate in quick available testing and analysis (Mennell & Shaw, 2006). This is with respect to the growing rate of crime and the high demand of quick crime scene testing and analysis. In the science of crime scene, analysis and interpretation of evidence is majorly dependent on forensic science, highlighting the change in the role of forensic sciences (Tjin-A-Tsoi, 2013). In the business of forensic science, time is beginning to play important role in the evidence testing and analysis which is becoming crucial in reducing ...
No matter what the case, forensic science has monumentally changed criminal investigation. From computer technology to fingerprint analysis, forensic science has played a key role in thousands of cases. The partnership between the law and forensic sciences has changed the justice system like no other investigative tool: the intelligence provided by this technology is instrumental for both exonerations and convictions alike.
Robert Moore’s Cybercrime: Investigating High-Technology Computer Crime is an informative text that supplies the reader with basic understandable knowledge of increasing cybercrimes and strategies that law enforcement are taking in order to catch cyber criminals. Moore’s work has a total of thirteen chapters that are full of information that help the reader better understand the different cybercrime threats such as, hacking, identity theft, child pornography, and financial fraud. Moore also goes into detail on different law enforcement tactics that help catch cyber criminals such as, the seizing of digital evidence, executing search warrants for digital evidence, computer forensics, and cybercriminology. Moore’s main goal is to help the reader grasp a better understanding of cybercrime that faces the world today. Through reading this book, I can validly say that Moore’s thorough work, perspectives, and examples helped me better understand high-technology computer crime and investigative strategies as well.
Forensic science has now been recognized as an important part of the law enforcement team to help solve crimes and cold cases. The advances in technology are being used each day and we must continue to strive to develop better advances in this field. The recent discovery of using DNA in criminal cases has helped not only positively identify the suspect, but it has helped exonerate hundreds of innocent individuals. “With new advances in police technology and computer science, crime scene investigation and forensic science will only become more precise as we head into the future.” (Roufa, 2017) Forensic science and evidence helps law enforcement officials solve crimes through the collection, preservation and analysis of evidence. By having a mobile crime laboratory, the scene gets processed quicker and more efficiently. Forensic science will only grow in the future to be a benefit for the criminal justice
Live acquisition: The future of data acquisitions is shifting toward live acquisitions because of the use of disk encryption with newer operating systems (OSs). In addition to encryption concerns, collecting any data that’s active in a suspect’s computer RAM is becoming more important to digital investigations. The processes and data integrity requirements for static and live acquisitions are the same. The only shortcoming with live acquisitions is not being able to perform repeatable processes, which are critical for collecting digital evidence.