Your SlideShare is downloading. ×

Avoiding Cybertraps

204
views

Published on

A presentation that I gave to the San Diego Country Schools Risk Management JPA on October 29, 2013.

A presentation that I gave to the San Diego Country Schools Risk Management JPA on October 29, 2013.

Published in: Education, Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
204
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Avoiding Cybertraps Incident Response, Computer Forensics, and Risk Management Frederick S. Lane San Diego County Office of Ed. JPA San Diego, CA 29 October 2013 www.FrederickLane.com Cybertraps.wordpress.com
  • 2. Background and Expertise • Attorney and Author of 7 Books • Computer Forensics Expert -- 15 years • Over 100 criminal cases • Lecturer on ComputerRelated Topics – 20+ years • Computer user (midframes, desktops, laptops) – 35+ years • 10 yrs on Burlington VT School Board www.FrederickLane.com Cybertraps.wordpress.com
  • 3. Lecture Overview Headache-Inducing Headlines Common Types of Incidents Electronic Evidence Is Everywhere Preparing for the Inevitable Risks for Administrators and Teachers • A Quick Intro to Computer Forensics • • • • • www.FrederickLane.com Cybertraps.wordpress.com
  • 4. Headache-Inducing Headlines • “Parents Sue School District After Their 13-Year-Old's Suicide Following Sexting Bullying” – Hillsborough Cty., Florida • “Parents sue Lockhart school district after teacher charged with sexual assault” – Lockhart, TX • “School Cyberbullying Victims Fight Back In Lawsuits” – WV, PA, GA • “School Employees Sue Cyberbullying Students” – TX, PA www.FrederickLane.com Cybertraps.wordpress.com
  • 5. A Tangled Mobile Web www.FrederickLane.com Cybertraps.wordpress.com
  • 6. Common Types of Incidents • Employment Issues • Harassment/Hostile Work Environment • Disciplinary Issues • Student Misconduct • Cyberbullying & Cyberharassment • Sexting • Teacher/Student Misconduct • Student Attacks on Teachers • Inappropriate Relationships www.FrederickLane.com Cybertraps.wordpress.com
  • 7. E-Evidence Is Everywhere • Inventory Possible Devices • • • Computers (Desktops, Laptops, Servers) Mobile Devices (Phones, Tablets) Peripherals (USBs, CDs, external drives, etc.) • Inventory Possible Types of Data • • • • • • Communication (E-Mail, IMs, Texts, etc.) Social Media (Facebook, Twitter, etc.) Web Activity (URLs, cookies, bookmarks, etc.) Network Logs and Access Data Cloud Storage (Dropbox, Flickr, Boxy, etc.) Deleted Data www.FrederickLane.com Cybertraps.wordpress.com
  • 8. Whose Data Is It Anyway? • Where Did the Incident Occur? • • On-Campus vs. Off-Campus Zone of District Responsibility Is Growing • Who Owns and Uses the Device? • • Misconduct Using School-Owned Equipment Misconduct Using Privately-Owned Equipment • Who Runs the Service? • • • Evidence Hosted by District Evidence Created by Teachers/Students Evidence Hosted by 3rd Parties www.FrederickLane.com Cybertraps.wordpress.com
  • 9. Pre-Incident Preparation • Policies and Procedures • • • District Decisions re Access, Services, Storage AUPs for Staff and Students Data Handling and Response Protocols • Professional Development for Teachers and Staff • • • Typically First Responders Potential Legal Risks Technology Is Continually Changing • Student Education • Critical Component of K-12 Curricula www.FrederickLane.com Cybertraps.wordpress.com
  • 10. Response to Civil Litigation • Preservation of Potentially Relevant Evidence • Adherence to Established Policies for Handling Data • Notice of Litigation or Reasonable Anticipation of Litigation • Discovery Requests • Privacy Concerns • Burdensomeness of Requests • Production of Data Held by 3rd Parties www.FrederickLane.com Cybertraps.wordpress.com
  • 11. Response to Criminal Activity • Anticipate Prosecution and/or Disciplinary Proceedings • Adherence to Policy/Process Is Critical • Involve Law Enforcement ASAP • Protect and Preserve Data • Restrict Access to Potentially Relevant Data • Hire a Computer Forensics Expert? • Some Evidence Is Radioactive www.FrederickLane.com Cybertraps.wordpress.com
  • 12. Risks for Admins. & Teachers • Good Intentions, Bad Outcome • “Sherlock Holmes” Syndrome • Forwarding Content for Advice • The Cover-Up Is Always Worse • Trying to Protect Colleagues and Friends • Desire to Protect District by Handling InHouse • “Delete” Is a Myth www.FrederickLane.com Cybertraps.wordpress.com
  • 13. A Cautionary Tale www.FrederickLane.com • Ting-Yi Oei, now 64 • Assistant Principal at Freedom HS in So. Riding, VA (Loudoun County) • Told to investigate rumors of sexting at HS • “Inappropriate” image was forwarded to Oei’s cellphone, then computer • Charged with “failure to report,” then contributing to delinquency of a minor • Charges ultimately dismissed Cybertraps.wordpress.com
  • 14. Computer Forensics 101 • Field Previews • Acquisition & Mirror Images • Some Data Are More Fragile Than Others • Speed Is Of the Essence • Powerful Forensics Tools • Data Recovery and Analysis • IP Addresses Link to Real World • 4th Amendment and Privacy Concerns www.FrederickLane.com Cybertraps.wordpress.com
  • 15. Current Projects • Cybertraps for Educators (2014) • Safe Student and School Employee Relationships (2014) • Cybertraps.wordpress.com • CPCaseDigest.com • MessageSafe.com • Informational Web Sites: • www.FrederickLane.com • www.ComputerForensicsDigest.com • www.CybertrapsfortheYoung.com www.FrederickLane.com Cybertraps.wordpress.com
  • 16. Contact Information • E-Mail: • FSLane3@gmail.com • Telephone: • 802-318-4604 • Twitter • @Cybertraps, @FSL3 • LinkedIn: • www.linkedin.com/in/fredericklane/ • SlideShare.net • www.slideshare.net/FSL3 www.FrederickLane.com Cybertraps.wordpress.com
  • 17. Avoiding Cybertraps Incident Response, Computer Forensics, and Risk Management Frederick S. Lane San Diego County Office of Ed. JPA San Diego, CA 29 October 2013 www.FrederickLane.com Cybertraps.wordpress.com