What is "Computer Forensics?"
“Computer Forensics” was first used as a new reference term in 1991, at the first training session sponsored by the International Association of Computer Investigative Specialists (IACIS), in Portland, OR. Since that time, “Computer Forensics” has become an accepted term used in the computer security field and the legal profession.
The word “forensic” comes from the Latin “forensis,” meaning “belonging to the forum,” ancient Rome’s site for public debate. Today’s meaning is “pertaining to the courts.” Thus forensic testimony is used to assist the court or the attorneys in legal matters, including trials.
In other words, forensic specialties deal with the application of law to a particular science. In the case of Computer Forensics, computer science principles are used to follow established legal precedents and procedures, so that any digital evidence obtained from computer systems is admissible in a court of law.
Just like when a medical examiner performs an autopsy on a corpse to determine the cause of death, a Computer Forensic Examiner, examines computer systems to identify any evidence that may be stored on hard disks or other external storage mediums.
In particular, Computer Forensics deals with the acquisition, preservation, identification, extraction, analysis, and documentation of digital evidence. The field is relatively new to investigations or litigations involving the private sector. On the other hand, it has been used since the mid-1980s in technology-related investigations by law enforcement and intelligence gathering government organizations.
All forensic sciences involve the use of sophisticated technologies and specialized knowledge, tools, and procedures, which must be rigidly followed in order to assure the preservation of evidence and the accuracy of examination results. Computer Forensics is no different in this regard. Most computer forensic tools exist in the form of specialized computer software.
Today computers have become an integral part of our society. Businesses and individuals use electronic means daily, while email messages have become the preferred communications tool. In 1999, 93% of all document used in corporate America were created electronically; undoubtedly, this number has increased significantly over the last few years.
Some statistics indicate that 70% of data created electronically never migrates to paper. When investigators or litigators ignore electronic evidence it’s analogous to only reviewing 3 out of 10 file folders containing potentially relevant and discoverable information.
At U.S. Data Forensics we apply the same forensic methodology to all of our investigations. Digital data is forensically examined to determine whether any crucial evidence exists that can be used to prove pre-existing allegations or to identify vulnerability areas of possible concern to management.
However, where most computer forensic examiners stop after they complete their digital examination, our experts at U.S. Data Forensics have just completed the first step of their investigation. Our wide array of experts use their Law Enforcement, Corporate, and Civil principles and apply such experiences to the evidence developed during our computer forensic examination phase to ensure that our customers have received the best quality service as possible for their case.