Digital technology is growing rapidly, and thus has become an integral part of our everyday life. With the rise of Digital Forensic technology there has been a steady rise in digital crimes such as unauthorized fund transferring, identity fraud, financial fraud, and intellectual thievery. Thus to fight against these digital crimes, Digital Forensics plays a significant role. “Digital Forensics involves acquiring and investigating digital information for use as evidence in various courts (Pipkin, 2000)”. It generally investigates data which is unethically copied from digital hard drives or any other digital storage devices in accordance to standard policies and procedures to determine if those devices have been used by unauthorized contact or not. Digital Forensics Investigators investigate the fraud and conduct the forensic analysis in a team by using various tools and Methods to guarantee that the digital network system is protected in an organization. The laws of the country mandate that business organizations maintain a strict record of all their monetary transactions. The reasons for this include; curbing tax evasion measures to ensuring that a company does not present a false success story in the hopes of some quick profit (McDermott, 2001). The role that a forensic accountant plays is crucial here, and it is upon their shoulders that the responsibility of ensuring that a business or individual is being honest in their annual tax filings (Kelly, 2005). An experienced Digital Forensic Investigator is usually adept with various laws and regulations related to digital crimes in their country along with this the investigator also need to be Familiar with the various computer operating systems. There are two categories of Digital Forensics Investigations – the public investigator and the private investigator. Public investigations are usually employed by government agencies, and private investigations are contracted by private digital forensic personnel’s (Anderson, 2003). In this report, as a head of Information protection department, I have been informed that in the previous 4 days, there have been four incidences of fund transfers to unauthorized beneficiaries. I have been given the details of the department where the money transfers had happened and also specific instruction were given not to involve anyone from that particular department. I was also given consent to employ law enforcement agencies if requried. Generally, information protection department plays a very crucial in organisation. Information is an asset for every firm and hence, protecting it is the primary duty of every employee. Every employee intends to safeguard the confidential information of the firm and prevents it from leaking (Venter, 2003). Data and information management isn’t the responsibility of the IT department but everyone plays a crucial role and it impacts everyone in organisation. By definition, data and information protection refers to the development, execution and supervision of practices and plans to protect and deliver. Also, data and information protection enhance the value of information. In this report, we will look at the appraisal of the situation, demonstrate the strategy to conduct the investigation, relevant steps taken in forensic investigation and developing a plan to enhance weak security measures.
To investigate the mentioned case, the digital forensic investigation should be carried out in the manner cited below:
Objective of the investigation: To determine if the cause and recipient of the unauthorized fun transfers
Operating system: Microsoft®Windows® 7.
Case Investigator: X
Assessment1. Documentation provided by the Senior Vice President of Human Resources investigator was reviewed.
The investigation of the laptops investigated resulted in the recovery of 372 files of analytical importance and evidential significance
The recovered files included: Several files and documents which contained the name and personal details of the suspect, the document text also included corporate unauthorized checks and forged documents. The collected evidential data also included graphics files, illustrating accounting information, corporate unauthorized checks, currency information (Vacca, 2012).
Upon investigation the HTML files recovered brought across several Hotmail and Gmail email addresses, which stated the interaction between the suspect and an unidentified individual. Whereas the Graphic files Recovered, when investigated brought to notice the scanned images of account details as well NEFT transfers, including currency details.
Out of the two encrypted files- one was found to be a word document whereas the other one was an untitled notepad document. The word document contained a list of personal and confidential details about several individuals – the names, birth date, bank information account information, place of residence were all clearly mentioned. The untitled notepad document included the transfer information.
According to the information discovered by the digital forensic investigators, many new theories of evidence were found.
The Digital Forensic investigation along with an appraisal should be done by following proper methodology and a fixed strategy. To obtain optimal results through investigation, it is essential that the investigation is not carried out in a haphazard manner (Spagnoletti, 2008). The given case was investigated using Digital Forensic investigation methodology, the strategy followed is mentioned below. The digital forensic investigation strategy is a process which is an accepted and authorized systematic and forensic process which is used in the digital forensics investigations. The investigative process is mainly used in computer and mobile forensic investigations, they basically consist of three components namely finding, investigation and reporting. The strategy used to investigate, depends and varies according to the types of cases and frauds (Williams et al 2013). One of the most commonly used strategies is the eight step methodology developed by Rob lee. This strategy is designed in a way to help the agent to remain on the right working direction and guarantees appropriate production of digital data legal procedures and the required penalizing trials, etc. Furthermore, it is also good starting point in while staring an investigation a new case. The principle of these eight steps is to take action methodically to digital forensic investigations and to find out the real fraud. It is also is imperative to understand that a digital forensic investigation works in sync with the digital fraud management (Kiountouzis, 2010).
Verification: The first step used at the beginning of an investigation is verification. It basically involves verification of an incident which has been reported has happened in reality. It is also includes determining the extent and range of the event and evaluate the case. Questions like What, How, Where and when should be asked about the situation. Along with the nature and the specifications of the case should be verified. This is the beginning step and is essentially significant because it will assist in influencing the description of the event and thus stating the top method to discover and gather information (Harris, 2008).
System Description: The next step is the System Description which involves collecting data about the particular event (Mayer & Aubert, 2014, September). It is essential to start by making notes and recounting the system which is going to be analyzed, where, what and how the system has a role in the institute along with the network. It also includes creating an outline of the operating system and its broad-spectrum constitution such as disk format, RAM etc.
Acquiring Evidence: This step involves identifying the potential source of data, obtain unstable and stable data, verifying the reliability of the data and guarantee sequence of supervision. Throughout this step it is also essential that to give priority to the evidence collected and appoint the concerned party to establish the implementation and effect of selected methodologies, because unstable data changes from time to time, thus the sequence in which the information was collected should be maintained. The digital Media which is withheld for investigation is usually called an “exhibit” in official language. It is important to note that as a part of the analysis and investigation, the next step should carry on in sync to ensure that the investigation can be carried out smoothly (Taylor, 2012).
Timeline Analysis: The next step following the evidence acquirement is analyzing and investigating the evidence in the forensics lab. It should begin by doing a timeline analysis. This is a vital stage and extremely functional since it comprises of data like when the files were customized, accessed, transformed or formed. The data which is collected by using a wide range of methods should be arranged in order to be analyzed. During the analysis it is important to be careful and patient and it thus assist to have systematic file and functioning system.
Media Analysis: In this step basically involves analyzing all the media related information that has been gathered. Investigators must be proficient to respond to queries regarding the programs which were effected, what information and data were downloaded, which were selected, registries were checked, which deleted etc.
A specified technique should be implemented to decrease the information sets are to recognize files recognized to be superior and the files which are to be not so good. The timeline which has been incorporated several times compresses into a single file. Thus it is essential to have information of file systems, and directory artefacts to take benefit of this system that will diminish the quantity of information to be analyzed (Lim, 2009).
Byte search: This step usually consists of adopting methods that will search the Byte untreated imagery. It is basically used to find something specific. The tools and techniques which search for byte signs are known as magic cookies it also allows to the investigators to find the relevant information in accordance to the specific case.
Data Recovery: Data Recovery is one of the most important and most widely used steps in any investigation. Investigators are known to utilize several the scientific tools and software to recover digital data to hold or invalidate. There are many private software applications available in the market which helps in recovering data from the system. The recovered data is always essential information to find hidden links and clues. Analyzing the empty space as well as the unallocated disk memory is an important step in investigation. An in-depth system recovery and system investigation is an important part of investigation to gain essential information.
Reporting Results: The Last step of any investigation consists of reporting the entire analysis of the investigation. It includes recounting the procedures taken, determining what further actions which need to be performed. It also includes suggesting improvements to security policies, strategy, actions, methods, and other characteristics of the digital forensic procedure.
Thus reporting the observation is a major and vital part of any enquiry. It should be written in a way that reproduce the usage of systematic methodology and evidence which can be proved. Adapting the reporting style usually depends on the audience; the investigators should be equipped for the report to be used as proof in legal for lawfully or governmental reasons.
Every forensic investigation case is different and must be dealt with complete precision. Forensic investigators can’t apply same steps to every case since every issue is different and it might require different methods to solve it (Schlienger, 2003). However, there are some general steps which can be customised as per every case.
1. Scheduling a meeting with client: First step for collecting data is scheduling a meeting with client. At this step, investigators personally interact with client to know the case in-hand completely. Many times, there are some minute details which don’t get reveal over the phone or in documents. At this stage, all such details are revealed and hence, it is crucial to collect data.
2. Carrying out initial investigation: Once the investigator has met with the clients, he heads towards initial investigation. This investigation is carried with an aim to look for prospective evidences. It is crucial to carry out a preliminary analysis to get the outline of the issue and requirement of client. Besides outlining the issue, this stage will help in subsequent planning to be based on upon entire understanding of the issue.
This is a series of steps involved in the collection of data which ultimately helps a forensic investigator to solve the case (Yang et al 2013). Although these are general steps followed in most of the forensic investigation cases, there can be chances that the steps taken in any case may be entirely different. It always depends upon the severity of the issue/case. A competent forensic investigator has to use his experience and skills to solve the case and get into the bottom of the case to determine what exactly is going on. As a forensic investigator, the primary goal remains that all the systems remains in his control at the site (CBS, 2010).
In order to ensure that incidents such as the one described in the case above don’t repeat, some effective steps have to be taken. These steps should enhance the weak security and prevent the incident from occurring in the future (Whitman & Mattord, 2013). The plan must aim at developing robust procedures, policies, systems in place to protect the sensitive information of the organisation (Parawesh, 2004). The plan for data security and preventing such incidents in future can be:
Developing an information system strategy: Now days, IT has evolved and it continues to evolve in every direction. Hence, it is crucial for organisation to develop an information system strategy. Data protection shouldn’t be concern only for legal or IT department but it should matter to every employee (Alhawari et al 2012). Data protection is strategic concern and hence, it should be addressed at highest levels of the company (Whitman & Mattord, 2011). This can only be achieved by formulating a comprehensive strategy. The strategy should include the goals to be achieved, practices to be adopted and people to be contacted in case any such fraud is sensed by any employee.
Enforcing overall information security strategy: During the implementation of information security strategy, the duty of senior management is primary (Tohidi, 2011). Their role is to create a reporting structure for information security so that people can be held responsible for it. It is a continuous process so all the errors, failures and follow ups have to be reported regularly (Mayer et al 2013). Information security must be included in the vision and mission of the organisation so that every employee can understand its employee (Salvendy, 2012).
Providing training to employees: Employees are required to be trained so that they can handle sensitive data carefully. The training can include learning sessions on retaining crucial information for long, disposing off sensitive information and devices. This can also include interacting sessions with top management so that they can continue communicating with the mid and low level employees about handling sensitive data (Kelly, 2005).
Putting data security models in practice: In order to implement the information security data plans, it is crucial to develop models (Peltier, 2013). This can include developing external and internal firewalls to ensure no information in leaked. In many companies, employees can’t access social networking sites or any other websites for their personal use (Tang & Musa, 2011). This is a security measure being taken by the firms.
These are some of the steps that can be adopted to enhance information security and ensure that such incidents don’t occur in future.
MyAssignmenthelp.com is the pioneer of providing top-quality essay help at an affordable price. With the strength of 3000+ qualified and experienced experts, we are competent of providing best quality essay assistance in more than 100 subjects. Students, who wonder, 'who can help me with my essay' find our online essay help services beneficial and useful. Contact our 24x7 live customer support team to get high-quality essay writing help at an affordable price.
You are required to write a researched argument essay that convinces persuades the reader of your position / stance. This is an academic, researched and referenced document that demonstrates your understanding of the objectives of the course. The structure of the argument will follow the TOULMIN METHOD of argumentation.Read More
Executive Summary The purpose of this report is to elaborate the factors which are considered by individuals before selecting an occupation. Choosing an occupation is indeed a major decision of everyone’s life and it does give a shape to where he would be heading in the course if time. The report begins with a list of various occupations which have been going since the human civilization started though it has indeed changed its form to...Read More
Introduction With the increase enhancement in the field of technology, it has been considered essential by the businesses to implement such technology in their business processes. Further, the increasing demand from the customers regarding the better quality of products and services delivered to their doorstep has also necessitated for the businesses to implement the e-business strategy in their business processes. E-business which is common...Read More
Executive Summary In a merger & acquisition, role of an HR has emerged as a very critical function. At each stage of merger and acquisition process, HR plays a strategic role. The importance of role of HR part in integration of the merged companies should not be taken lightly and should be handled very carefully and with due planning. At pre acquisition stage, due diligence should be taken before the start of the process and HR must carve ou...Read More
Introduction In this competitive business environment where every business organization is trying to attract the customers of each other, it becomes essential for these organizations to remain competitive by innovating new ideas and thoughts, so that value added products and services can be provided to the customers. The motive of such organization in providing value added services to their customers, require their employees to be quite effect...Read More