What is computer forensics?
Computer forensics is the acquisition, preservation, identification, extraction, interpretation, and documentation of information on computers and similar technologies. This process includes the rules of evidence, legal processes, integrity of evidence, factual reporting of the information found, and providing expert opinion in a court of law or other legal proceeding as to what was found.
What is the goal of computer forensics?
The basic goal of computer forensics is to use proven software and procedures to gather and analyze data to create reproducible results, typically in the interest of figuring out what happened, when it happened, how it happened, and who was involved. This data may include Internet history, email history (both Outlook and web-based), keyword searches, encrypted files, user passwords, and information about when files were created, modified, accessed, or deleted, along with many other kinds of information. A computer forensics examination can assist in the electronic evidence discovery process. RMA's certified examiners have the expertise and knowledge necessary to perform a thorough investigation to enhance and preserve evidence. As a third party expert, we have conducted criminal, civil and administrative computer forensic assessments in cases involving homicide, pornography, disclosure of trade secrets, and disclosure of confidential and proprietary information.
Who uses computer forensics?
Risk Management Associates receives computer forensics requests from attorneys in both civil and criminal cases, law enforcement agencies, private and corporate investigators, human resource managers, and private individuals.
How can I determine if I will benefit from computer forensics?
Risk Management Associates is available to consult with clients and attorneys regarding all aspect s of computer forensics and electronic evidence discovery, both as Individual services and as parts of larger investigations.
Investigative Process
Comprehensive forensic investigations are conducted with strict attention to detail, as well as cooperation with law enforcement and attorneys, to ensure legality issues are considered. For an overview of the process, please see our blog entry on computer forensics.
Selecting an Examiner
When selecting a computer forensics examiner, certifications, experience, and references are crucial. A competent computer forensics examiner should have a current certification, license, or degree in computer forensics. Computer forensics examiners at Risk Management Associates possess CISSP, CISM, and EnCE certifications. |
