Page 83 - Veritas
P. 83

FEATURE ARTICLES






           ful network intrusion or system hack. The rapidly expanding field of digital
           forensics includes numerous branches related to databases, malware, fire-

           walls, mobile devices, cloud and network forensics.



           Use of Digital F
           Use of Digital Forensics in an Investigation:
                                orensics in an Investigation:
           For your digital evidence to be admissible in the court of law, it is necessary
           that the materials gathered are handled in a certain manner so that the
           evidence may not be tampered with. Most people think that the scope of

           digital forensics and incident response are only applicable for organizations
           that function in the most security-conscious fields.



           However, it is not true because awareness about the digital world and of the

           best cybersecurity practices is always beneficial. Regardless of the type or
           size of your organization, it is always important that your IT security team

           or those responsible for handling your security always follow an informed,
           structured, and effective process when a security incident happens.


           The general steps that are involved in an investigation of digital forensics

           are:



           1. Planning -
           1. Planning -
           The first phase of any successful endeavour is planning. In the digital world,

           where events occur quickly, you need to plan your approach. Pinpoint and
           prioritize your targets so you can obtain relevant and useful evidence.

           Make plans to follow every relevant and regulatory policy. To gather your
           evidence on time, you may miss out on some legal requirements which will

           render your evidence to be dismissible in the court of law. So always keep
           it legal.



           2. Identification and Preservation -
           2. Identification and Preservation -
           The next step is to identify the evidence. Ensure that all the data gathered
           have not been tampered with. Don’t work on the original copies, make

           duplicates so that the integrity of the original data is preserved. To be on
           the safer side, isolate and preserve the original copy. This involves stopping

           people from manipulating the evidence.







  68 VERITAS
   78   79   80   81   82   83   84   85   86   87   88