Within the realms of digital forensics analysts traditionally performed
analysis on static data, either from a core dump, bit to bit imaging etc.
Recently we have seen an increased focus directed at the live forensics
environment. As users rely more on mobile and other remote devices to access
data on demand; data possibly held in some manner of cloud environment,
investigators will have to adapt their mode of investigations to suit.
I recall reading a marketing pitch a while aback where some vendor claimed
that an advantage of Cloud Computing is, an ability to conduct live forensics
without disrupting mission critical systems. How effective this claim may be,
is subject to examination.
According to Brian Carrier - "The only difference between a live and a dead
analysis is the reliability of the results; a live analysis techniques use
software that existed on the sys... (more)
I've been asked quite a few times, "when will it be a good time to get into
cloud computing?" by potential clients. My answer is typically it depends...
I know, I know.... not much direction there, but really it all depends. Why ?
Well, some may state, "we all know of the much beaten security concerns, and
we will ensure that systems on our end are secured and synced to work in
tandem with the vendors' security."
Can one ensure some degree of monitoring by the implementation of an
Intrusion Detection System (IDS) residing within the system hosting the
gateway into the cloud?
Proponents of the cloud ecosystem touts its "vastness, flexibility and
scalability as advantages for the implementation of cloud services. However,
from a digital point of view this can be a veritable forensic challenge as we
view the cloud in terms of its scope and diversity.
According to Dr. Stephen Wolthusen "Digital forensics (also referred to at
times as computer forensics) encompasses approaches and techniques for
gathering and analyzing traces of human and computer-generated activity in
such a way that it is suitable in a court of law."
A key challenge to a digital inve... (more)
As we become more technology dependent, more so in today's "cloud"-driven
environment, IT security needs to evolve from the traditional sense of
We should see the advent and acceptance of a more holistic, flexible and
adaptive model of security that focuses more on managing information
security, people and processes in a natural evolution from the traditional
model of implementation, monitoring and updating.
According to Teubner and Feller  "Governance is understood as securing a
responsible corporate management, having its roots in value-based
Digital Forensics is not an elephant, it is a process and not just one
process, but a group of tasks and processes in investigation. Examiners now
perform targeted examinations using forensic tools and databases of known
files, selecting specific files and data types for review while ignoring
files of irrelevant type and content. Despite the application of
sophisticated tools, the forensic process still relies on the examiner's
knowledge of the technical aspects of the specimen and understanding of the
case and the law - Mark Pollitt.
As has been established from articles by var... (more)