LCI Learning

Share on Facebook

Share on Twitter

Share on LinkedIn

Share on Email

Share More


(Guest)

Guide for computer-based electronic evidence

 

Good Practice Guide for Computer-Based Electronic Evidence

 
https://www.7safe.com/electronic_evidence/ACPO_guidelines_computer_evidence.pdf

The traditional “pull-the-plug” approach overlooks 
the vast amounts of volatile (memory-resident and 
ephemeral) data that will be lost. Today, investigators 
are routinely faced with the reality of sophisticated 
data encryption, as well as hacking tools and malicious 
software that may exist solely within memory. Capturing 
and working with volatile data may therefore provide 
the only route towards finding important evidence. 
Thankfully, there are valid options in this area and 
informed decisions can be made that will stand the 
scrutiny of the court process.

The guide also considers network forensics pertaining 
to “information in transit” i.e. as it passes across 
networks and between devices, on a wired and 
wireless basis. As forensic investigators, we need to 
take into consideration, where legally permitted, the 
flow of data across networks. This type of approach 
can prove critical when analysing and modelling 
security breaches and malicious software attacks. 
7Safe advocates best practice in all dealings with 
electronic evidence. By publishing this guide in 
conjunction with ACPO, our aim is to help ensure
that procedural problems do not arise during 
investigations or in the court room and that the very 
highest of standards are achieved and maintained
by those working in the electronic evidence arena.


Learning

 0 Replies


Leave a reply

Your are not logged in . Please login to post replies

Click here to Login / Register