ALL >> Legal >> View Article
Digital Forensics Data Collections: Acquisition Methods
This article outlines some of the digital forensics data acquisition methods used on a regular basis to preserve metadata and ensure defensibility.
This article outlines some of the digital forensics data acquisition methods used on a regular basis to preserve metadata and ensure defensibility.
Digital forensics data acquisition methods can broadly be broken down into two categories overt and covert. Quite simply an overt approach is one in which the subject is aware of the data collection, conversely a covert approach is one in which the subject is unaware. The method used will depend on the requirements of the investigation; in the vast majority of cases an overt approach is adopted, particularly for disclosure as part of civil litigation where a duty to preserve exists often long before collection. In general an overt approach is easier, takes less effort and is therefore the cheaper option. Although sometimes, the situation is such that a covert approach is the only option.
When it comes to covert digital forensics data acquisition we have two options: dead-box or remote ...
... acquisition. Dead-box involves physically taking possession of the device and acquiring data directly, then returning it before the absence is noted. Historically this has been the favoured approach, especially at a time when most users had desktop computers left in offices overnight. Nowadays the majority of users have laptops which are, more often than not, taken home at night. In addition, mobile phones are becoming ever more relevant and are rarely, if ever, parted from their owners for any great length of time.
The mobility of devices presents us with a challenge: how can we covertly acquire data when the user is never parted from their devices? The solution is to work alongside in-house IT teams to use the local IT infrastructure to our advantage. It is possible to remotely acquire data from devices with no tangible access to them. By deploying what is essentially a Trojan to the devices (a Trojan which is secure and fully under our control), we are able to access and acquire data from user devices without their knowledge. This has proved particularly useful in investigations where the suspects were home workers and a covert approach was required.
Whatever digital forensics data acquisition approach is adopted it is important that it is done in a forensic manner, ensuring all possible data and metadata are preserved. The process must be fully defensible should the integrity of the evidence ever be questioned.
Resource: http://www.cclgroupltd.com
Add Comment
Legal Articles
1. 11,000 Crore Reliance Shares In Iepf: How To Recover ThemAuthor: Expertvuw Management
2. New Zealand Study Visa From India In 2026: Everything You Need To Know Before You Apply
Author: Atul
3. Nc Loan Agreement
Author: Carl Glendon
4. Why Do You Need A Dui Lawyer Van Nuys After A Dui Arrest?
Author: Van Nuys Crime
5. Civil Advocate In Hyderabad – Renuka Law Firm
Author: Renuka
6. Why More Law Firms Are Outsourcing Paralegal Work — And What It Actually Changes
Author: Bernice Malvin
7. How Ai-native Practice Management Can Reduce Administrative Work For Law Firms
Author: George Zaletski
8. Personal Injury Lawyer Pa In Chamblee
Author: Personal Injury Lawyer PA in Chamblee
9. India-us Commercial Disputes: A Path To Resolution
Author: Andy
10. Nail Perk – Nail Inspiration & Trendy Ideas
Author: Nail Perk
11. Traffic Challan Online Delhi And Gurgaon Traffic Challan: Myths, Facts, And What Every Driver Should Know
Author: Writing Wall
12. Why Foreign Investors Choose Arbitration For Disputes In India
Author: Andy
13. Commercial Real Estate Attorney In New Jersey: When You Need One
Author: sekaslaw
14. Back-to-back Express Entry Draws: Canada Invites Candidates Under Pnp, Cec & Physicians Category
Author: Atul
15. Why Do You Need An Expungement Attorney Van Nuys To Clear Your Criminal Record?
Author: Van Nuys Crime






