The Mysteries of Computer Forensics
A significant shift that I noticed at last month's InsideCounsel SuperConference was the increase in topics on technology and its effects on GCs. For years, GCs have primarily focused on the law and protection of an organization from a legal standpoint, but now a GC also has to be somewhat...
May 31, 2007 at 08:00 PM
9 minute read
The original version of this story was published on Law.com
A significant shift that I noticed at last month's InsideCounsel SuperConference was the increase in topics on technology and its effects on GCs. For years, GCs have primarily focused on the law and protection of an organization from a legal standpoint, but now a GC also has to be somewhat of an expert on an organization's networks and technology–whether we like it or not. GCs need to have some understanding of network security, how to protect your organization's networks and what to do if network violations occur. The area of computer forensics can be an important component of this protection, and it is important for GCs to be aware of its many aspects.
An area previously reserved for IT professionals, this column addresses key facets of computer forensics, including what computer forensics is, why it is important to a GC and reasons for engaging an experienced computer forensics examiner when appropriate.
What is computer forensics?
Computer forensics is the discipline of combining elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications and storage devices in a way that is admissible as evidence in court. A thorough computer forensic investigation can uncover hidden data or files that may not be viewable in a directory listing of the hard drive. Also computer forensics often can recover evidence in files that were accidentally or intentionally destroyed.
Because it is a relatively new discipline, there is little consistency or standardization with respect to computer forensics across IT, legal professions or the courts. As we've all seen, the number of corporate investigations continues to rise, creating more awareness of computer forensics and the wide range of computer crimes and misuses, including illegal internet activity, trade secret theft, fraud, sexual harassment, embezzlement and destruction of intellectual property. Awareness of the legal and technical facets of computer forensics helps to attain crucial information if your network is compromised and helps to prosecute a case if an intruder is caught.
What GCs need to know about computer forensics
Protecting company data is critical to organizations. Recent legislation such as HIPPA and SOX make it possible to hold organizations both civilly and criminally liable if customer or employee data is not properly protected. GCs should make IT professionals aware of how technical actions can be affected by existing laws, including legal ramifications for using security monitoring tools and having proper authorization before monitoring and collecting information related to a computer intrusion. Violations during computer forensics investigations could constitute a federal felony punishable by a fine and/or imprisonment. If computer evidence is collected, it must be collected in a way that is legally protected and admissible in court. You risk destroying vital evidence or risk having forensic evidence ruled inadmissible if computer forensics is handled improperly. Should an intrusion lead to a court case, an organization with computer forensics capability will be at a distinct advantage. Knowing key areas of computer forensics helps GCs protect company data, which in turn protects the company as a whole.
The value of an experienced computer forensics examiner.
A knowledgeable computer forensics professional can ensure that a subject computer or network system is carefully handled so evidence is not destroyed, damaged or compromised by the procedures used in the investigation. They also ensure that a computer virus is not brought in by a subject computer or device during the analysis process and maintain and establish chain of custody. Experienced examiners will also make sure that if business operations are affected that it is only for a limited amount of time.
Computer forensics experts use technology and techniques to conduct powerful searches of data for collection and presentation in a legally acceptable format. Keyword searches and password decryption can be performed to locate a “smoking gun” or vital information that can be used as evidence in a case. Experienced examiners can also provide expert testimony on computer forensics, including activity on individual computers and complex network systems. They can perform data recovery services and analyze hard drives for various types of user activity, including Web sites visited, files downloaded and the types and length of time that external/removable devices were attached to a PC. Working with an experienced computer forensics professional provides benefits on both a technical and legal level. Importantly, it also ensures protection against viruses during an investigation, limits business operational downtime, protects client-attorney information and even offers expert testimony if necessary.
GCs are now required to protect their organization's networks and work with IT professionals to ensure network security. Understanding what computer forensics is, why it is important to a GC and when to use a computer forensics professional are areas in which GCs now need to be informed in order to provide the utmost legal protection to their organization.
———-
A significant shift that I noticed at last month's InsideCounsel SuperConference was the increase in topics on technology and its effects on GCs. For years, GCs have primarily focused on the law and protection of an organization from a legal standpoint, but now a GC also has to be somewhat of an expert on an organization's networks and technology–whether we like it or not. GCs need to have some understanding of network security, how to protect your organization's networks and what to do if network violations occur. The area of computer forensics can be an important component of this protection, and it is important for GCs to be aware of its many aspects.
An area previously reserved for IT professionals, this column addresses key facets of computer forensics, including what computer forensics is, why it is important to a GC and reasons for engaging an experienced computer forensics examiner when appropriate.
What is computer forensics?
Computer forensics is the discipline of combining elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications and storage devices in a way that is admissible as evidence in court. A thorough computer forensic investigation can uncover hidden data or files that may not be viewable in a directory listing of the hard drive. Also computer forensics often can recover evidence in files that were accidentally or intentionally destroyed.
Because it is a relatively new discipline, there is little consistency or standardization with respect to computer forensics across IT, legal professions or the courts. As we've all seen, the number of corporate investigations continues to rise, creating more awareness of computer forensics and the wide range of computer crimes and misuses, including illegal internet activity, trade secret theft, fraud, sexual harassment, embezzlement and destruction of intellectual property. Awareness of the legal and technical facets of computer forensics helps to attain crucial information if your network is compromised and helps to prosecute a case if an intruder is caught.
What GCs need to know about computer forensics
Protecting company data is critical to organizations. Recent legislation such as HIPPA and SOX make it possible to hold organizations both civilly and criminally liable if customer or employee data is not properly protected. GCs should make IT professionals aware of how technical actions can be affected by existing laws, including legal ramifications for using security monitoring tools and having proper authorization before monitoring and collecting information related to a computer intrusion. Violations during computer forensics investigations could constitute a federal felony punishable by a fine and/or imprisonment. If computer evidence is collected, it must be collected in a way that is legally protected and admissible in court. You risk destroying vital evidence or risk having forensic evidence ruled inadmissible if computer forensics is handled improperly. Should an intrusion lead to a court case, an organization with computer forensics capability will be at a distinct advantage. Knowing key areas of computer forensics helps GCs protect company data, which in turn protects the company as a whole.
The value of an experienced computer forensics examiner.
A knowledgeable computer forensics professional can ensure that a subject computer or network system is carefully handled so evidence is not destroyed, damaged or compromised by the procedures used in the investigation. They also ensure that a computer virus is not brought in by a subject computer or device during the analysis process and maintain and establish chain of custody. Experienced examiners will also make sure that if business operations are affected that it is only for a limited amount of time.
Computer forensics experts use technology and techniques to conduct powerful searches of data for collection and presentation in a legally acceptable format. Keyword searches and password decryption can be performed to locate a “smoking gun” or vital information that can be used as evidence in a case. Experienced examiners can also provide expert testimony on computer forensics, including activity on individual computers and complex network systems. They can perform data recovery services and analyze hard drives for various types of user activity, including Web sites visited, files downloaded and the types and length of time that external/removable devices were attached to a PC. Working with an experienced computer forensics professional provides benefits on both a technical and legal level. Importantly, it also ensures protection against viruses during an investigation, limits business operational downtime, protects client-attorney information and even offers expert testimony if necessary.
GCs are now required to protect their organization's networks and work with IT professionals to ensure network security. Understanding what computer forensics is, why it is important to a GC and when to use a computer forensics professional are areas in which GCs now need to be informed in order to provide the utmost legal protection to their organization.
———-
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
GC Conference Takeaways: Picking AI Vendors 'a Bit of a Crap Shoot,' Beware of Internal Investigation 'Scope Creep'
8 minute read
Why ACLU's New Legal Director Says It's a 'Good Time to Take the Reins'
'Utterly Bewildering': GCs Struggle to Grasp Scattershot Nature of Law Firm Rate Hikes
GCs Jettisoning Zero-Based Budgeting in Quest to Be Nimble, More Efficient
3 minute readTrending Stories
- 1Gibson Dunn Sued By Crypto Client After Lateral Hire Causes Conflict of Interest
- 2Trump's Solicitor General Expected to 'Flip' Prelogar's Positions at Supreme Court
- 3Pharmacy Lawyers See Promise in NY Regulator's Curbs on PBM Industry
- 4Outgoing USPTO Director Kathi Vidal: ‘We All Want the Country to Be in a Better Place’
- 5Supreme Court Will Review Constitutionality Of FCC's Universal Service Fund
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
