| Computer forensics is the process of using the latest | | | | organizations fail to protect customer data. |
| knowledge of science and technology with computer | | | | Organization money can also be saved by applying |
| sciences to collect, analyze and present proofs to the | | | | computer forensics. Some mangers and personnel |
| criminal or civil courts. Network administrator and | | | | spent a large portion of their IT budget for network |
| security staff administer and manage networks and | | | | and computer security. It is reported by International |
| information systems should have complete knowledge | | | | Data Corporation (IDC) that software for vulnerability |
| of computer forensics. The meaning of the word | | | | assessment and intrusion detection will approach $1.45 |
| "forensics" is "to bring to the court". Forensics is the | | | | billion in 2006. |
| process which deals in finding evidence and recovering | | | | As organizations are increasing in number and the risk |
| the data. The evidence includes many forms such as | | | | of hackers and contractors is also increase so they |
| finger prints, DNA test or complete files on computer | | | | have developed their own security systems. |
| hard drives etc. The consistency and standardization | | | | Organizations have developed security devices for |
| of computer forensics across courts is not recognized | | | | their network like intrusions detection systems (IDS), |
| strongly because it is new discipline. | | | | proxies, firewalls which report on the security status of |
| It is necessary for network administrator and security | | | | network of an organization. So technically the major |
| staff of networked organizations to practice computer | | | | goal of computer forensics is to recognize, gather, |
| forensics and should have knowledge of laws | | | | protect and examine data in such a way that protects |
| because rate of cyber crimes is increasing greatly. It is | | | | the integrity of the collected evidence to use it |
| very interesting for mangers and personnel who want | | | | efficiently and effectively in a case. |
| to know how computer forensics can become a | | | | Investigation of computer forensics has some typical |
| strategic element of their organization security. | | | | aspects. In first area computer experts who |
| Personnel, security staff and network administrator | | | | investigate computers should know the type of |
| should know all the issues related to computer | | | | evidence they are looking for to make their search |
| forensics. Computer experts use advanced tools and | | | | effective. Computer crimes are wide in range such as |
| techniques to recover deleted, damaged or corrupt | | | | child pornography, theft of personal data and |
| data and evidence against attacks and intrusions. | | | | destruction of data or computer. |
| These evidences are collected to follow cases in | | | | Second, computer experts or investigators should use |
| criminal and civil courts against those culprits who | | | | suitable tools. The investigators should have good |
| committed computer crimes. The survivability and | | | | knowledge of software, latest techniques and |
| integrity of network infrastructure of any organization | | | | methods to recover the deleted, encrypted or |
| depends on the application of computer forensics. In | | | | damaged files and prevent further damage in the |
| the current situations computer forensics should be | | | | process of recovery. |
| taken as the basic element of computer and network | | | | In computer forensics two kinds of data are collected. |
| security. It would be a great advantage for your | | | | Persistent data is stored on local disk drives or on |
| company if you know all the technical and legal | | | | other media and is protected when the computer is |
| aspects of computer forensics. If your network is | | | | powered off or turned off. Volatile data is stored in |
| attacked and intruder is caught then good knowledge | | | | random access memory and is lost when the |
| about computer forensics will help to provide evidence | | | | computer is turned off or loses power. Volatile data is |
| and prosecute the case in the court. | | | | located in caches, random access memory (RAM) |
| There are many risks if you practice computer | | | | and registers. Computer expert or investigator should |
| forensics badly. If you don't take it in account then vital | | | | know trusted ways to capture volatile data. Security |
| evidence might be destroyed. New laws are being | | | | staff and network administrators should have |
| developed to protect customers' data; but if certain | | | | knowledge about network and computer administration |
| kind of data is not properly protected then many | | | | task effects on computer forensics process and the |
| liabilities can be assigned to the organization. New rules | | | | ability to recover data lost in a security incident. |
| can bring organizations in criminal or civil courts if the | | | | |