Subscribe
About
  • Home
  • /
  • Security
  • /
  • Forensics software a vital tool in fight against computer crime

Forensics software a vital tool in fight against computer crime

South African companies that want to protect their businesses against computer-related crimes such as fraud and data theft should invest in enterprise forensic software tools that allow them to investigate security breaches and acquire evidence against wrongdoers that will stand up in court.

That`s the word from Derek Street, product manager at SecureData Security. He says companies face a range of business risks around their data and IT infrastructure, including theft of intellectual property, white-collar crimes such as fraud, human resources violations, and employees using enterprise computers for illegal or immoral activities.

One of the enterprise`s most effective tools against the risks of employees abusing corporate data and computers is offer them the certainty that they will be caught and punished for their actions. Companies therefore need to be able to uncover who was responsible for criminal acts or transgressions against corporate policy and provide solid evidence that can be used to prosecute them or dismiss them.

Says Street: "All around the world, companies are beginning to understand the importance of self-policing policies and investigation capabilities that allow them to respond to security breaches. Legislation such as the US`s Sarbanes-Oxley has highlighted how important it is that companies put in place an incident response and internal investigation capability that can provide forensically sound evidence that can be handed to law enforcement or legal counsel when needed."

One challenge lies in the fact that collecting evidence is usually a time-consuming process, which means that investigations can be delayed, deadlines may be missed, and work might be disrupted while evidence is gathering from workstations, says Street. In addition, investigators need access to tools that ensure evidence is gather in a forensically sound manner and that can demonstrate to a court that computer and data are not tampered with.

To address these challenges, companies should look for network-based forensics solutions that provide complete network visibility, and comprehensive, forensic-level analysis of servers and workstations anywhere on a network, Street adds. Such a solution should be able to securely investigate/analyse many machines simultaneously over the LAN/WAN at the disk and memory level without disrupting operations, causing downtime, or alerting the target that he or she is under investigation.

It should also as far as possible, automate time-consuming investigative processes, incident response and eDiscovery. These tools can provide detailed information across the lifecycle of a document, such as who accessed, created or edited a document, whether it was printed or emailed (and by who), and much more, often even if the user has deleted information in a bid to cover his or tracks.

One of the important things to look for in a forensics tool is a track record with courts and law enforcers around the world, proving its ability to acquire data in a forensically sound manner, says Street.

Concludes Street: "Companies have a due to their shareholders to be able to acquire any evidence necessary against those who commit fraud, steal company intellectual property or abuse company systems and information in any other way. A good forensics solutions is an important element of the technology infrastructure they need to do so."

Share

SecureData Security

SecureData is a specialist, value-added distributor of perimeter, application, network, endpoint, storage and identity information security solutions and risk management solutions for the African sub-continent and Indian Ocean islands. A cross-section of the available solutions from SecureData illustrates wide coverage of the following information security and risk management domains: business continuity, security appliances and devices, hardware authentication, identity and access management, security and vulnerability management, secure content management, threat management and security services. SecureData`s information security and risk management solutions include best-of-breed solutions, devices and appliances for the perimeter, data centres, applications, network, endpoints, messaging and Web. In addition, as a value-add to vendor, channel and customer, SecureData also provides a full complement of support, pre-sales and professional services around the solutions positioned in each discrete security vertical.

Editorial contacts

Derek Street
SecureData
dereks@securedata.co.za