The computer forensics are basically a practice of analysing, collecting as well as reporting the digital information which is stored in a way which is legally admissible. This can be used for storing evidence of any criminal activity or preventing any other dispute. |
Uses There are very few areas of dispute or crime where computer forensics cannot be used. The law enforcement agencies are one of the heaviest and the earliest users of the computer forensics and consequently have offered forefront in the development of this field. The computers might constitute the scene of crime for instance computer hacking. The dispute in such cases can include denial of the service attacks. They can hold the evidence in the form of emails, documents, internet history or other files which can be relevant to crimes such as kidnapping, drug trafficking and fraud. The interesting point in this aspect is that not only the content of these emails or documents is related to the investigation however; the ‘meta data’ of these files is also concerned with the case. It is the job of Computer forensic Experts to find out when the file was last time edited, saved or printed out by an individual and which user has done these actions.
Nowadays, there are various commercial organisations which are employing computer forensics for benefitting themselves in a variety of cases such as
• Regulatory compliance • Internet or inappropriate email use in the workplace • Bankruptcy investigations • Matrimonial issues • Forgeries • Fraud investigations • Employment disputes • Industrial espionage • Intellectual property theft
Guidelines According to the law there are basically four guidelines which are supposed to be followed in this field • No action must be taken which can change or edit the data in storage media or computer. • In a circumstance where the user has access to the original data, he must competent to do so, and should be able to provide evidence for his actions. • A record and audit trail of all the processes which apply to the electronic evidence should be made and preserved. • The person who is in charge of investigation has the overall responsibility to preserve the digital evidence.
In summary we can say that no changes should be made to the original data.
Author Bio: The author has an educational background in computer forensics and is one of computer forensic experts and has a good experience in this field , for more information visit http://www.cclgroupltd.com
Related Articles -
Computer Forensics, Computer Forensic Experts,