Your SlideShare is downloading. ×
  • Like
File000168
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

File000168

  • 92 views
Published

 

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
92
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
7
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Module LV - Computer Forensics and Legal Compliance
  • 2. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: Computer Forensics Specialist Is Able to Disprove a Claim Involving Improper Use of Data As more and more business is conducted electronically, the legal community has become aware of the need to properly archive data that might be required as evidence in litigation. Computer forensics investigation certainly plays a key role in the electronic discovery process. As Boston attorney Michael J. McHugh recently learned, however, computer forensics specialists like Ispirian's Tom Smith, a forensic scientist and a member of the American College of Forensic Examiners Institute of Forensic Science, can also aid companies and their legal counsel in addressing claims regarding the improper use or destruction of data. “We often use IT people for litigation support. Usually it boils down to how you produce electronic files under the new federal rules for electronic discovery,” McHugh said. “I had the privilege of working with Tom recently and seeing how he can actually re-create what had occurred inside a computer with a particular set of data over a period of time. This was the first time that the actual inner workings of the computer were relevant to an issue that I had in a case. “I had a general idea of what takes place inside a computer but I had never had the need to retain someone like Tom who could prepare a report that detailed it step by step.” In electronic discovery, computer forensics ensures that digital evidence isn’t corrupted or contaminated from a legal standpoint. However, the same techniques can be used to prove — or, in this case, disprove — that computer devices have been used for improper or illegal activities. Source: http://www.hgexperts.com/
  • 3. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • Compliance and Computer Forensics • Information Security Compliance Assessment • Principle of Legal Compliance • Elements of an Effective Compliance Program • Compliance Program Structure • Creating Effective Compliance Training Program • Copyright Protection • Copyright Licensing • Criminal Prosecution • Due Diligence • Evidence Collection and Preservation • Fraud, Waste, and Abuse This module will familiarize you with:
  • 4. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow Compliance and Computer Forensics Elements of an Effective Compliance Program Principle of Legal Compliance Copyright LicensingCopyright Protection Creating Effective Compliance Training Program Compliance Program Structure Information Security Compliance Assessment Criminal Prosecution Due DiligenceFraud, Waste, and Abuse Evidence Collection and Preservation
  • 5. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Legal Compliance
  • 6. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Regulatory Compliance and Computer Forensics Private and confidential information used and shared without authorization, increases the possibility of identity theft and other unauthorized usage The Regulatory compliance refers to systems or departments at corporations and public agencies to ensure that personnel are aware of and take steps to comply with relevant laws and regulations Acts for compliance with information security: • Sarbanes Oxley Act • Gramm-Leach Bliley (GLB) Act • HIPPA Act • California SB 1386 Act
  • 7. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Legal and Liability Issues Failure to follow proper legal procedure will result ruling out the evidence in the court The confidence of the public in law enforcement may be lost, if the investigator fails to behave in ethical manner The tension between privacy rights and law enforcement’s need to search and seize digital evidence may cause problem in investigation
  • 8. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Information Security Compliance Assessment • Laws and regulations help in preparing the project plan • It guides through collecting, analyzing and presenting the information Step 1: Find out related laws and regulations • The plan provides schedule, task, and objective of the project Step 2: Prepare the project plan • This step includes document review, asset identification, and meeting with the management Step 3: Collect information and identify assets • In this step, information collected is integrated for risk analysis Step 4: Perform risk analysis Information security compliance assessment is a unified approach that uses efficient and consistent method to achieve and maintain the information’s security
  • 9. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Information Security Compliance Assessment (cont’d) • The report contains threats and vulnerabilities found in the risk analysis process • The report includes particular portion or section of applicable security regulations to demonstrate due diligence Step 5: Document all findings and recommendations • It includes the procedure for selecting security system sellers and installing security tools Step 6: Set-up the implementation plan for safeguards that are identified in the risk analysis • It safeguards against known or potential risks Step 7: Test and modify the information security program periodically
  • 10. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Legal Compliance Program
  • 11. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Principles of Legal Compliance Program • To create an effective legal compliance program, there must be a commitment among the local voted members, senior management, and staff • Local authority’s commitment to compliance should be publicly recorded in an apparent and clear-cut manner Commitment: • Legal compliance and the processes which support it are to be owned by all persons within the local authority • There must be changeable roles and responsibilities for different people within the local authority Ownership: • The legal compliance program should be discussed in an open council, prior to adoption Demonstration:
  • 12. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Principles of Legal Compliance Program (cont’d) • Legal compliance processes should hold legislation and case law as well as a obviously defined ambit of other standards, codes of practice, or other authoritative pronouncements: • Act of parliaments such as public act, private act, etc. • Local authority by-laws Comprehensive: • There must be a systematic approach to sustain and maintain legal compliance activities • It should be embedded into the existing management systems Systematic: • It ensures that the goal and objective of legal compliance remain applicable and effective Ongoing Development:
  • 13. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Elements of an Effective Compliance Program • Clear and unequivocal senior management support is the foundation of a successful compliance program • Senior management plays an important role in establishing a climate of respect within the company towards the Act Senior management support: • Development of good compliance policies and procedures tailored to the organization’s business operations are critical to the success of the compliance program • Laws and policies need to be regularly updated to reflect changes in the organization’s operations Relevant policies and procedures: A successful compliance program contains the following fundamental elements:
  • 14. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Role of Senior Management in Compliance Program • Responsible for receiving periodic operation report of the compliance program from those who have primary responsibility for operating it • Responsible for finding reasonable oversight regarding the implementation and efficiency of the program Directors: • Senior management’s main responsibility is to ensure that an organization has useful compliance program • Responsible for accountability and effectiveness of the compliance program Senior management: • Responsible for day-to-day implementation of the compliance program • Responsible for reporting to the senior management about the effectiveness of the compliance program Designated individuals: There are multiple layers of management involved in the compliance program
  • 15. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Compliance and Ethics Programs Compliance and ethics programs provide a structural foundation to the organization which helps to reduce illegal conduct Prevention and detection of criminal conduct as facilitated by an successful compliance program helps an organization in encouraging ethical conduct and in complying fully with all valid and related laws It helps organizations in restricting public liability arising due to misconduct or illegal activities of employees
  • 16. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Benefits of Compliance Program Educates employee and senior management about the needs of the Act and the existing enforcement policies Reduces the exposure of directors and employees, and the organization itself, to criminal and civil liability Develops valuable internal procedures to ensure compliance with regulations, payment policies, and coding rules Reduces costs associated to litigation, penalties, and disruption to operations resulting from investigations and court hearings Increases the consciousness of probable anti-competitive conduct by competitors, suppliers, or customers and thereby increases the probability of achieving a suitable remedy
  • 17. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Best Practices for Successful Implementation of a Compliance Program Determine the goals and expected budget • Determine training goals • Determine the expected training budget Gather the members and meet with program team/steering committee Create a code of conduct for employees Decide the compliance training program plan for three to five years Determine technology, development strategy, and preferences Perform system integration and design communication plan Start training initiative and drive completion rates
  • 18. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Compliance Program Checklist Checklist to assess whether the organization is in need of effective compliance program: • Does the organization implement due diligence to prevent and detect criminal or illegal conduct? • Does the organization promote its culture that supports ethical conduct and assurance compliance with law? • Does the management put a high priority on safety, loss prevention, and other regulatory compliance requirements? • Has an organization set up and published ‘code of conduct’ document and distributed copies to employees? • Does organization hold all the required resources to effectively develop and maintain a good safety compliance program? • Are organization employees involved in safety and health effort?
  • 19. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Compliance with Consent Decrees Consent decree is a judicial decree by the judge that expresses a voluntary agreement by participants in a suit Sometimes terms written in consent decree cannot ensure compliance because most of them may not effectively communicate with the employee Organization faces problems while dealing with the cases where an employee disobeys the organization’s policy It is vital for organization with a continuing decree to make certain that it communicates the particular term of the order to all employee who might be impacted Organization needs to establish a procedure that prevents violation of a policy which may lead to violation of regional law
  • 20. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Memoranda of Understanding/ Agreement (MOU/MOA) A memorandum of understanding (MoU) is a document describing a bilateral or multilateral agreement between parties It expresses a convergence between the parties, indicating an intended common line of action A memorandum of agreement (MOA) is a document written between parties to cooperatively work together on an agreed upon project or meet an agreed upon objective The MOA can also be a legal document that is binding and hold the parties responsible to their commitment
  • 21. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Enterprise Compliance and Risk Analysis Customer interactions are a valuable asset to enterprise information, but they can also be a liability to an organization The risk of capturing customer interactions is growing exponentially, especially as they are now being targeted for legal compliance and investigation Organization needs to monitor voice, email, and chat interaction of the customer to meet compliance, governance, and liability requirements Organization needs to use advanced monitoring, recording, and analysis techniques that automate the storage and retrieves speech information for compliance and litigation processes
  • 22. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Creating Effective Compliance Training Program The effective compliance training program is one that motivates its employee and senior management to live by a code of business conduct that supports organization’s business values such as integrity, respect, and fairness It safeguards the organization’s ethical culture • Be familiar with the compliance program and standard code of conduct • Identify potential compliance issues and conditions requiring guidance from the compliance department It helps the employee to:
  • 23. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Responsibilities of Senior Systems Managers • Provides architectural analysis and design support for implementing technical capabilities that satisfy functional requirements • Establishes effective communication systems and management structures • Engage the workforce in the promotion and achievement of legal practices in ethical way • Access and follow competent advice, and monitor, report and review performance Senior System Manager:
  • 24. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Legal Compliance to Prevent Fraud, Waste, and Abuse Legal compliance provide guidance and policy advice to the organizations and employees It helps to protect the organizations from fraud and abuse from the external sources Legal compliance also helps to prevent the unwanted waste of human resources and energy
  • 25. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Terms Related to Legal Compliance
  • 26. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Copyright Protection • It refers to a collection of exclusive rights conferred by the copyright acts in relation to the original works Copyright: • It is the protection of exclusive rights conferred by the copyright acts to original works of authorship fixed in any tangible medium of expression for a certain period of time • Work of authorship includes: • Literary works • Musical works • Broadcasts • Artistic works • Sound recordings etc. Copyright Protection:
  • 27. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Copyright Licensing Copyright Licensing is an agreement in which the owner of a work (“licensor”) permits the other person (“licensee”) to use his copyright protected work • The time period of the licensing agreement • Allocation of rights to derivative works • Specifications for sublicensing • Provision for changed circumstances • Price and payment terms • Provisions respecting bankruptcy during the contract period Copyright licensing agreements include:
  • 28. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Criminal Prosecution Victim may contact law-enforcement personnel or law-enforcement agency, if someone has taken its private information without permission Prior to starting the criminal investigation, law-enforcement agency prosecutor examines the crime scene Prosecutor examines the following things about the crime: • If any laws have been broken • Seriousness of the crime • Availability of the trained investigators • Probability of the conviction After examining the crime scene, if law enforcement agency believe that the crime is properly investigated by the Federal government, they suggest the victim to contact Federal authorities
  • 29. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Due Diligence Due diligence is a process of investigating and examining the business, legal, and financial operations of an organization in advance of litigation, investment, commercial transaction, or other business activity Due diligence report is a detailed and methodological examination of the organization in all its aspects It has three constituent components: • Financial/Commercial due diligence: • Audit of an organization to determine its financial situation • Legal due diligence: • Review of the legislation establishing the organization and the provisions for its governance • Human resources due diligence: • Detailed examination of the employee s’ commitment towards the organization at all levels
  • 30. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Evidence Collection and Preservation Forensics investigators face many challenges while collecting and preserving the evidence Digital evidence is fragile in nature and it can be altered intentionally or unintentionally without leaving any clear signs of alteration During the investigation, it is important for the investigator to collect the evidence in a forensically sound manner and preserve it in a proper way Evidence can be collected while examining digital storage media, monitoring the network traffic, or making the duplicate copies of digital data found during forensics investigation
  • 31. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Evidence Collection Evidence helps the forensics investigator to uncover believable links between the attacker, victim, and computer crime scene • For example, at the time of crime, if information from an victim computer is stored on the server or system itself, investigator can easily get that information by examining log files, Internet browsing history etc. It determines the scope of investigation and the course of action Proper evidence collection is important for legal compliance to show the evidence for or denial of a crime
  • 32. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Importance of Evidence Preservation Evidence preservation ensures the integrity of the evidence It involves protection of the collected evidence from damages due to physical access, magnetic field, and other factors to ensure that the evidence is maintained in its original state Evidence preservation is important in order to present it in the court as a proof for any legal compliance issue
  • 33. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Summary Regulatory compliance refers to systems or departments at corporations and public agencies to ensure that personnel are aware of and take steps to comply with relevant laws and regulations Compliance program reduces the exposure of organization directors and employees, and the organization itself, to criminal and civil liability The effective compliance training program is one that motivates its employee and senior management to live by a code of business conduct that supports organization business values such as integrity, respect, and fairness Due diligence is a process of investigating and examining the business, legal, and financial operations of an organization in advance of litigation, investment, commercial transaction, or other business activity
  • 34. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
  • 35. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited