3 Things You Should Know About the Security of Your Corporate Data

Digital Forensics is the application of analytical techniques on digital media. Forensic investigations can cover all areas of computer use and misuse including internet and email activity, file access, digital document destruction, fraud, and most all other activity and action taken on digital media. Here are three ways HR departments can identify policy gaps and implement a digital forensics strategy as part of their overall internal operating procedures.

1.      Audit and Enforcement of Computer Use Policies

Most all corporations and government agencies have some type of Computer Use Policy, but few are effectively monitoring and enforcing it.  For example consider this paragraph that would be commonly found in any Computer Use Policy:


Employees should not bring personal computers or data storage devices (such as floppy disks, CDs/DVDs, external hard drives, flash drives, smartphones,tablets, or similar devices, mobile computing devices, or other data storage media) to the workplace or connect them to Company electronic systems unless expressly permitted to do so by the Company. Any employee bringing a personal computing device, data storage device, or image-recording device onto Company premises thereby gives permission to personnel of the Company’s choosing to inspect the personal computer, data storage device, or image-recording device at any time, and to analyze any files, other data, or data storage devices or media that may be within or connectable to the personal computer or image-recording device in question. Employees who do not wish such inspections to be conducted on their personal computers, data storage devices, or imaging devices should not bring such items onto Company premises.


The intent of the example is to deter employees from bringing personal electronic devices to the workplace, thus preventing them from being connected to corporate computer systems. It does this by threat of examination of the personal device(s) to determine if any corporate assets or confidential information reside on it. Although this may be an effective deterrent, the company may not know if a personal electronic device was connected to a corporate computer system. Only upon visually identifying a device that is suspected to be personal, does the company require an inspection.  Additionally, general inspection techniques would be unable to confirm if corporate data was accessed -or if it was accessed and deleted from the device prior to the company’s inspection.

While this policy example can suffice, it would be more effective if it were founded on Digital Forensics techniques. Adding the use of Digital Forensics to the Human Resources toolkit would evolve basic ‘Use’ policies into the digital age. Here is an enhancement to the above policy example:

“The Company reserves the right to conduct random and targeted digital forensic audits of all computer systems to determine if any non-corporate storage devices were connected to corporate computer systems or if any other corporate data was copied to any physical or logical (cloud or email) device or sent to an unauthorized party.”

The addition of the statement gives the corporation and HR department a much stronger policy on which to protect corporate data and computer systems. The company and HR has disclosed that not only will visual detection of a device result in an inspection, but the company will also proactively audit computers to determine if any physical media were attached to a given computer at any time, and obtain relevant information about the media (i.e. serial number, port it was attached to, and the date and time it was used). The company would also be able to identify any files that may have been copied to a device, without having the actual device in hand.

2.      Protection Against Departing Employees

Corporations are at risk of data security breaches when any employee departs. Upon an employee termination, corporate data, intellectual property, customer contact information, and corporate policies and procedures can be stolen unbeknownst to the company. Another serious threat is the destruction of data from files and hard drives, as well as sharing corporate information with competitors. Whether the departure is initiated by the employee or the employer, each situation creates a unique risk to the company. Human Resources departments that implement effective departing employee strategies based on Digital Forensics practices are positioned to quantify and mitigate risk and prepare for potential future litigation.

You can learn how to recognize and protect your company from this very real threat by reading our article “Protecting Confidential Information from the Dangers of Departing Employees.”

http://www.optimo-it.com/blog/protecting-confidential-information-against-the-dangers-posed-by-departing-employees/

3.      Preparing for Potential HR-Related Litigation

In the Departing Employee section and the article referenced above, we discussed the risks of departing employees in the context of information assurance. There is also a need to prepare for HR-related litigation with both departed and active employees. Many HR departments have been involved in some type of legal action related to breach of contract, harassment, discrimination, unlawful activity, wrongful termination, or trade secret misappropriation. Often, a Digital Forensic investigation is a necessary response to such litigation. A Digital Forensic investigation can yield relevant facts and evidence by looking for digital clues related to the alleged activity. However, we have seen examples of companies receiving the notice of pending litigation after computers have been internally recycled to another user, at which point, critical digital evidence is lost. Implementing a sound policy based on Digital Forensics practices will ensure data is preserved proactively either at the first sign of employee misconduct or immediately upon knowledge of a departing employee situation. Closely monitoring when valuable company information is accessed and by whom will help HR departments identify if questionable employee activity is occurring before permanent damage can be done. Digital Forensics can also be used to retrieve data surrounding employee communication within the context of a harassment or discrimination charge. These practices will help corporations be prepared for potential litigation and better yet, gather critical information to avert litigation before it happens.

 

In this article we’ve discussed the various ways HR departments can implement policies and practices that are supported by Digital Forensics to establish a foundation of Information Security. Any company which allows employees access to its computer system and sensitive information must be aware of the risks to its data and how to prevent misuse and destruction.

 

About the Authors:

Michael Miguelez is the CEO of OPTiMO Information Technology LLC and OPTiMO Digital Forensics. He can be reached at mmiguelez@optimo-it.com or 877-564-8552 x701.

Heather Stenglein is the Director of HR at OPTiMO Information Technology LLC.  She can be reached at hstenglein@optimo-it.com.

© 2014 OPTiMO Information Technology LLC, All Rights Reserved

8 Steps to Using Digital Evidence in Legal Matters

1. Call the Experts

Call us toll free at 877-564-8552 ext 3. And call us often. The digital-forensics experts at OPTiMO Information Technology have enough experience to know that the sooner you call and ask questions, the more winning cases we can deliver to you. When you call, our specialists will furnish you with prompt, game-changing advice about how cutting-edge technology and digital evidence can help you and your clients win your cases.

As pioneers in the field who bring twenty years’ experience to OPTiMO IT, we witness countless instances in which technology, digital evidence and forensics specialists can and should be used in legal cases. The experts at OPTiMO are qualified to offer advice regarding such times, what technology could be used to help your specific case, and a budget range for firm and client review and approval.

2. Develop a Strategy

OPTiMO can help you craft Pleadings and Discovery requests that best position your client’s case. OPTiMO can also help your clients prepare for and respond to discovery orders.

3. Navigate the Legal Process

OPTiMO can help you through the various legal processes to subpoena electronic devices and seek court orders requiring the same.

4. Collect and Safeguard the Data

Leveraging twenty years of trial experience, our special acquisition team is highly skilled at properly and legally retrieving electronic evidence so it is safeguarded, protected and preserved for full evidentiary use at trial.

5. Find the Evidence

We specialize in analyzing electronic devices and media and securely safeguarding the evidence from collection to production. Our proprietary process, controls and capabilities ensure evidentiary integrity and security. Our advanced technology enables OPTiMO to deliver results two to three times faster than our competitors.

6. Analyze and Present Findings

Our proprietary process distills millions of data sets into concise, easy-to-read reports designed to quickly assist our clients with preparations to use the electronic evidence in strategy, pleadings and trials. Our concise, comprehensive reports assemble the findings, timelines, infographics and other data presentations showcasing the best ways the data can support the client. Plus, we are readily available to quickly discuss the findings, strengths and weaknesses of the evidence and the application of the findings to the case.

7. Testify / Expert Witness

When it matters most – at depositions and trials – OPTiMO experts provide the maximum client value as our experts’ 20-plus years of trial experiences calmly deliver convincing testimony and facts in support of case-critical evidence in a court of law better than any firm in the nation.

8. Capability Marketing

OPTiMO’s team meets and coordinates with your firm’s marketing team to give you every tool necessary to showcase our unique digital forensics capabilities to existing and prospective clients in order to attract interest, discussion – and more cases to win. So call OPTiMO for free. No obligation.