McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Computer forensics

Executive Summary

This document details the policy which the High Tech Crime Unit of Gallardia can adopt for the use of evidence derived from digital devices. This document begins with an introduction, which describes the need for electronic evidence collection, forensic examination and the establishment of procedures, or policies that govern these activities. This is followed by an overall guidance about the applicability of this policy and the overarching guidelines on the use of this policy. This document then details the policies that could be adopted in during the process of seizing digital devices for electronic evidence at the crime scene and the forensic examination of these devices away from the crime scene. Additionally, some guidance is given about the suggested policy while interviewing people detained in relation to crimes which may have electronic evidence, and the use of evidence from other sources which complement the electronic evidence obtained from digital devices. This document concludes with the justification and suggestion of how this policy framework can be kept relevant as time passes.

Computer forensics is a field that is constantly changing, in conjunction with the wider field of advances in technology, with new developments advancing the specific field as well as invalidating or making irrelevant older methods and procedures. As technology advances, society becomes more reliant on technology and uses technology more and more. This in turn causes a shift in the way crime is committed; more and more crime is committed with the aid of technology. This results in newer ways of committing the same old crime (for example, stealing money progressed to stealing credit cards, then now stealing access to electronic banking accounts). Law enforcement will therefore necessarily have to keep up in order to be relevant. Increasing amounts of money, time and effort will have to be spent in training law enforcement personnel in the detection of crime committed with the help of technology, as well as the process of gathering evidence from such activities. As the field advances, new issues will have to be dealt with, and new boundaries defined. This policy described operating guidelines for the status quo - but with the rapid advances and uptake of technology, it will very well be that this policy may soon become out of date and irrelevant. In order to make this policy complete and relevant, it has to be stated that there has to be a systematic process of review and revision that updates this policy to reflect the changes and advances in technology.

 

Related Links
To Top