In the past, documentary evidence was primarily limited to paper
documents. Copies were made with carbon paper or through the use of a photocopy
machine. Most documents today are stored on computer hard disk drives, floppy
diskettes, zip disks, and other types of removable computer storage media. This
is where potential computer evidence may reside, and it is up to the computer
forensics specialist to find it using sophisticated computer forensics tools
and computer-evidence-processing methodologies. Paper documents are no longer
considered the best evidence.
Computer
forensics has become a buzz word in today’s world of increased concern for security. It seems that any
product that can remotely be tied to network or computer security is
quickly labeled as a “forensics” system. This phenomenon makes designing clear
incident response plans and corporate security plans
that support computer forensics difficult. Today’s corporate climate of
increased competition, cutbacks and layoffs, and outsourcing makes it essential
that corporate security policy
and practices support the inevitability of future litigation. This chapter is
intended to raise awareness of the different types of computer forensics
systems and to identify crucial questions for corporate planning in support of
computer forensics. Answering the questions raised in this chapter will assist
managers in creating sound corporate security policies
and practices that support the following computer forensics systems.
No comments:
Post a Comment