The latest industry news, articles and events
What is Computer Forensics? It is a specialist process that involves the analysis of Electronically Stored Information (ESI) that is stored on electronic devices, such as desktop computers, laptops and external hard drives. The analysis is executed via a methodical approach to verify factual information within civil or criminal matters. The process is reliant on strict adherence to the ACPO Guidelines so that the integrity of the data evidence is admissible in court.
The Association of Chief Police Officers (ACPO) publish guidelines for handling electronic evidence and it is paramount that these are strictly adhered to when investigating computers or digital evidence.
The four main principles from this guide are as follows:
A computer forensic investigator is not an IT technician. Years of training and ongoing development is standard, as deciphering binary and metadata on a computer can be as complex and precise as understanding human DNA. To have a computer involved in an investigation should be viewed as an absolute asset. As the quantity, variety, and potential value of data stored on the hard drive can be invaluable.
However, if best practice guidelines are not followed, and forensic experts are not deployed, evidence can be lost. It can also become inadmissible in court or at tribunals.
Forensic ‘Imaging’ is an exact forensic replica of digital media stored on the hard drive of an electronic device, such as a computer. The process is also the first stage of a computer forensic investigation. This preserves the data as an exhibit for further investigations and court proceedings, allowing the original evidence on the hard drive to be protected and remain intact. This is especially useful in covert operations, where information is required without the knowledge of the investigated party(s).
Computer forensics can cover a vast range of cases within commercial, civil and criminal investigations, such as;
London: 0207 438 2045
Manchester: 0161 797 8123