Skip the navigation

QuickStudy: Computer forensics

April 17, 2006 12:00 PM ET

Computerworld -

Listen to the Computerworld TechCast: Computer Forensics.

The television series CSI has given millions of viewers an appreciation of the role and importance of physical evidence in conducting criminal investigations. Each week, we see the confluence of fingerprints, DNA tests, autopsies, microscopic examinations and ballistic evidence used to solve a murder or explain the circumstances surrounding an unusual death. The drama lies less in the events that are portrayed than in the thinking that lies behind the collection, preservation and interpretation of the evidence needed to solve the case and support prosecution.

IT managers aren't likely to confront dead bodies on the job, but a rudimentary knowledge of evidence, as it relates to computer data, can help protect your organization's operations, data and processes. In today's computer-driven world, where networked e-mail and instant messaging are the communication norms, knowing how to collect, handle and analyze information on a miscreant's computers can be critical to a successful civil or criminal prosecution.

There are two categories of computer crime: criminal activity that involves using a computer to commit a crime, and criminal activity that has a computer as a target, such as a network intrusion or a denial-of-service attack. The same means of gathering evidence are used to solve both types of crimes. And the same kinds of skills used by the lawbreakers are needed to track them down.

It Takes an Expert

Computer forensics is not a task to be undertaken lightly by just any IT worker. Instead, it calls for specialized skills and careful, documented procedures. A forensics expert knows what signs to look for and can identify additional information sources for relevant evidence, including earlier versions of data files or differently formatted versions of data used by other applications.

Special Report: Security


Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!