Search
Contact Us
This form does not yet contain any fields.

    Entries in computer forensics (3)

    Wednesday
    Jul312013

    GIAC Certified Incident Handler

    Company founder and president, Michael Lombardi earns GIAC Certified Incident Handler  (GCIH) distinction and a place on the GIAC’s advisory board.  For more about the GCIH see here.

    Saturday
    Mar302013

    Vertigrate Forensics Discovers Substantial Post-Discharge Benefit for Employer

    Vertigrate recently had the occasion to assist one its clients in an employment matter involving a senior employee that had been discharged.  Shortly after the discharge our client became suspicious of potential computer misconduct by the employee.  They asked Vertigrate to forensically image the former employee’s company computer and mobile device and to analyze the data for any improprieties.  Because the discharge was designated as being “without cause”, the employee was entitled to severance pay and benefits.

    During Vertigrate’s initial examination of the evidence it was apparent that the employee had taken certain “anti-forensic” steps in an attempt to erase traces of certain areas of the computer.  Nonetheless, Vertigrate’s deep knowledge of operating systems, combined with the latest forensic tools and techniques, yielded a significant number of computer artifacts relevant to the investigation.  By targeting our forensic tools at those hidden system and disk areas we uncovered a considerable amount of disturbing information. 

    Because Vertigrate’s forensic analysis revealed undeniable proof of highly improper personal use of the company’s computer by the employee, our client was able to use our findings to deny the employee access to any severance pay and benefits by showing, it became aware of post-discharge, evidence justifying a “For Cause Discharge”.  Case law in various states, including Tennessee and Arizona, permit such a post-discharge discovery to effect the rights under an employment agreement. 

    Vertigrate’s analysis, combined with our client’s correctly written acceptable use policy (AUP) and supporting case law prevented our client from being required to deliver significant pay and benefits well in excess of Vertigrate’s fees.

    Incorporate Computer Forensics into Your Policies

    Performing a forensic collection of a former employee’s computer and mobile device can serve as a prudent insurance policy to protect against potential employment disputes and payouts.  With today’s digital age, a wealth of information exists in each and every employee’s digital device.  Employers who do not forensically preserve the information contained on these devices are handicapping themselves in the event an issue arises.

    By creating forensic copies of each former employee’s digital devices, an organization begins a defensible chain of custody of the data contained on those devices.  Standard forensic collection techniques employ logging and file hashing to ensure that the information contained within the forensic copy represents a bit-for-bit copy of the employee’s device on the day of departure.  Once collected, a working forensic copy can be created for immediate analysis by an expert.  In instances where no immediate issue is present, the original forensic copy can be securely stored to insure against later claims or concerns.  It should be noted that simply pulling the employee’s hard drive and shutting down the employee’s mobile device fails at this level of preservation for a number of reasons, risks drive failure, and inefficiently ties up the organization’s computer resources.

    Would you like to protect your organization from employment issues? 

    Speak to us about what to consider when writing an acceptable use policy (AUP) and standard operating procedures (SOP) for employee departures and terminations.

    Are you concerned about intellectual property theft, harassment, financial embezzlement, or fraudulent assertions by employees about your organization or its leadership? 

    Speak to us about how computer forensics can help protect your organization.

    Thursday
    Apr192012

    Vertigrate Forensics Helps Widow Close Land Deal

    Often Vertigrate’s forensics work focuses on proving that “evil” exists somewhere on a suspect’s computer; usually in the form of intellectual property theft, improper Internet and/or email usage, or malicious file manipulation.  In this case, however, Vertigrate used its forensics expertise to aid a new widow close a land deal that her recently departed attorney husband was putting together.  The widow’s husband had identified an interested buyer on behalf of his client, but had yet to disclose the buyer to the seller or the terms the buyer was willing offer before he passed.  By forensically imaging the departed husband’s computer, Vertigrate identified a large cache of email stored in a proprietary format.  Vertigrate searched this cache with various keywords provided by the widow.  Using the results of these keyword searches led Vertigrate to ultimately identify the interested party.  The deal closed in early 2012 for an undisclosed amount.