Computer forensics brings more robust security

Elizabeth Millard, The Daily Record Newswire

It’s time to shift focus to your firm’s networks.

Computer forensics has become an increasingly important component of certain types of litigation. In areas like employment law and intellectual property disputes, digital forensics is a vital part of most cases, and the strategy is likely to come into many types of legal proceedings in the future, believes Michele Lange, director of discovery at Kroll Ontrack, an Eden Prairie-based provider of data recovery and legal technologies.
“We’re seeing more judges involved in the details of e-discovery, and there’s an increase in cases addressing procedural protocol like cooperation and search procedure,” she says. “This is a trend that will continue.
Courts will have higher expectations going forward.”

For many law firms, computer forensics tend to be outward — used for cases and clients — but turning those tools inward toward a firm’s own networks can also be a useful way to increase security.

Computer forensics basics

In a very basic sense, computer forensics (sometimes known as digital forensics, because mobile technology is covered) involves searching through digital assets, and if there’s a court case involved, the results of that search become e-discovery.

Although both are geared toward finding information that’s relevant to a lawsuit, the strategy can be used even when there’s no litigation. Forensic investigators follow every data-based rabbit hole in an organization and look for evidence of wrongdoing, depending on a client’s main concern.

For example, a law firm’s partner might be worried about associates forwarding offensive “jokes” to other departments, creating fertile ground for harassment claims. A computer forensics specialist can find those email threads, even if they’ve been deleted, and pinpoint the source of the issue. Or there may be concerns about whether a network issue has exposed customer information, including credit card data or enterprise banking information.

Using highly sophisticated tools and detection methods, computer forensic professionals can ferret out usage logs and even determine what company information has passed onto thumb drives, cloud-based data storage applications and home computers.

Focus on internal threats

Increasingly, companies are recognizing the value of using computer forensics as a preventive measure rather than damage control. Law firms, which are already well versed with forensics procedures, can be a step ahead by knowing the intricacies of e-discovery, but they may not think to use those same strategies within the firm to minimize internal issues.

“Sometimes, there’s just concern about a certain piece of intellectual property, like a design for a particular product,” says Paul Luehr, managing director of the Minneapolis office of Stroz Friedberg, a digital risk management firm headquartered in New York. “By looking for any communication or data about that design, we can discover whether it’s been leaked or could be.”

In doing those types of investigations, computer forensic specialists are often able to find security flaws within a system. That insight can be invaluable for a law firm, adds Jeremy Wunsch, CEO at Minneapolis-based LuciData, a computer forensic services company.

“If you don’t have the right safeguards in place, especially for internal threats, it can be an expensive security risk,” he says. “We’re seeing a big push in that direction, with companies asking us to come in and look at their systems to detect any intellectual property movement from inside to outside the organization.”

Internal threats can be a firm’s greatest liability. Many enterprises worry about security risks like hackers, when they should be more concerned about whether an employee is taking home files on a thumb drive. Computer forensics helps to minimize these risks, Wunsch says, because an investigation can detect that sort of activity and install the security to keep it from happening again.

Calling in the experts

Although computer forensics can help a company to prevent issues that lead to lawsuits, the most common application is when a suit is actually in progress. The benefit to using a specialty firm like LuciData, Stroz Friedberg or Minnetonka-based Computer Forensic Services comes with interpretation of search results, says Luehr.

“Forensics isn’t just firing a tool at a hard drive and coming up with a magical result,” he says. “You also need someone with extensive experience in presenting evidence in court and who understands issues like evidence preservation.”

Because so much data is going toward a digital format, Lange predicts there may come a time in the near future when technology is used for almost all court documentation. That’s bad news for office supply companies, perhaps, but good news for computer forensics and e-discovery specialists.

“Three to five years from now, document review will look very different than it does now, even in small law firms,” Lange says. “Technology-assisted review is about to explode.”

“There’s a great deal of value that businesses can get from computer forensic services — from employment protection to data security,” Luehr says.

—————

Elizabeth Millard writes about technology. Formerly senior editor at ComputerUser, her work has appeared in Business 2.0, eWeek, Linux Magazine and TechNewsWorld.