|
Incident Response: |
|
Incident response is the immediate mobilisation of resources to deal with a situation that could prove damaging to a business or private entity. When would you need our incident response service ?, the list is extremely long, however, we have explained some of the more common incidents here on this page. |
| Intellectual Property Theft |
|
One of the most common scenarios we
encounter is that of Intellectual Property Theft,
where an individual (or group thereof) uses company property for their own
personal gain. Common targets for IP theft are lists
of customers, designs for new products, company secrets or other
valuable documentation. It is amazingly easy for an employee to take a copy of the aforementioned types of information, be this by using a CD drive capable of writing to blank CDs, a USB Memory stick, a floppy disk, an external hard disk drive or by E-Mailing the information as an attachment. Most IP theft leaves behind a series of hidden artefacts (tracks) on the computer used to steal the information, our investigators can locate and present these artefacts, leaving the suspect with a number of questions to answer, in the face of overwhelming evidence. We offer a consultancy service advising your business of ways it can reduce the risk of IP theft, please contact us for more information. |
| Computer Virus Infections |
|
The prospect of a computer virus infection alone
is a
headache for even the most competent I.T department manager, a
deliberate infection by a disgruntled or negligent employee
is perhaps their worst nightmare. Tracing the source of an infection, be it internally or externally contracted is paramount to ensuring that actions can be taken to avoid further infection and reduce system downtime to a minimum. It is usually possible to determine which particular computer is responsible for a virus outbreak, and in the majority of cases, the computer users actions in the lead up to the infection can be analysed to assist with the ensuing 'clean up' operation. A report produced by our investigators allows disciplinary hearings to carried out in an effective manner, and should the incident be reported to a law enforcement agency, our investigators report can be used as evidence in a court of law. |
| Inappropriate Use Of Privileges |
|
System Administrators (usually the 'guardians'
of computer systems) are entrusted with much more than
general maintenance and data backup duties. Duties of
an administrator include the protection of the company's
computers from attack from the outside
world, and ensuring that particular employees are granted or
denied access to sensitive data. In certain cases it is the system administrator that is under investigation, for acts such as granting unauthorised employees access to sensitive data, or using their 'access all areas' privileges to acquire information that they are not authorised to view (related to IP theft, discussed previously). Our investigators are able to 'audit' the level of access each computer user in your business has been granted, something which is often never documented and produces startling results when presented to senior management.
|
| Accidental/Deliberate Deletion Of Data |
|
The deletion of data be it deliberate or
accidental is a scenario where an instant response is
necessary, it is an often overlooked fact that the more time that passes after the deletion
has taken place, the lower the
probability that the deleted data can be recovered. Our investigators use a combination of industry leading software programs to recover your data, and their own investigative skills when these fail. These
skills include the ability to 'stitch' together fragments of files
(documents) that
have been partially overwritten (only part of the deleted
data is available for recovery) to present as much of the
deleted data as possible. This level of recovery goes
far beyond the capabilities of any 'automated' process and
although time consuming, maximises the likelihood of file
recovery. |
