SlideShare is now on Android. 15 million presentations at your fingertips.  Get the app

  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content

Building an enterprise forensics response service

by on Nov 15, 2010


What issues are enterprises facing that require digital forensics? ...

What issues are enterprises facing that require digital forensics?

• In-depth technical issues within the IT environment
o Complex attack / virus analysis
o Packet analysis
o Complex environment investigation coordination (VMWare)

• Separation of duties / transparency issues with IT staff
o Integrity and audit-ability issues from regulators and common due diligence requirements

• System Audit Functionality verification
o Audit System Investigation / Recovery

• Ensure systems are preserved for forensic investigation*
o Banking Standards
o NIST Standards
o US State Laws

• Legal issues such as eDiscovery
o Prepare, Preserve & Produce electronically stored information

• Privacy issues from legislation, regulation and clients
o “DNA Forensics” – Identification for good & evil

• Records Management issues
o Historical Data Retrieval
o Data reconstruction

• Human Resources issues / employee investigations
o Inappropriate Use
o Harassment / Workplace Safety
o Loss management issues / evidence verification
o Theft / Fraud investigation support
o Sabotage
What is an Enterprise Forensics Response Service?

• Enables business owners to actively enforce corporate policy and protect and preserve digital assets through the use of forensic methods.

• Handles investigation requests from many different parts of the organization
o IT (Network / Applications)
o Internal Audit / Compliance
o Legal
o Privacy
o Records Management
o Human Resources / Employee Managers
o Loss Management / Physical Security
• An Enterprise Architectural Perspective of an EDF Service (Overview)
o Conceptual linkages to the business & information security strategy
o Logical service definition, examples of peer services
o Physical mechanisms that the EDF service is comprised of
o Examples of components that the EDF service utilizes

- What does the presentation cover?
• Identification & definition of required forensic services
• Review of common service mechanisms and components
• Considerations for implementing & service management in the enterprise



Total Views
Views on SlideShare
Embed Views



5 Embeds 11 4 4 1 1 1



Upload Details

Uploaded via SlideShare as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Post Comment
Edit your comment

Building an enterprise forensics response service Building an enterprise forensics response service Presentation Transcript