Forensics Team Essays

Forensics Team Essays Forensics Team Essay Forensics Team Essay Essay Topic: Investigative Forensics Team Name: Course: Instructor: : Date: Forensics Team The Computer Forensics Team The term forensics is associated with the use of technology and science in criminal investigations. Therefore, computer forensics refers to computer related evidence. To have a computer forensics department in an organization, a computer forensics team is a mandatory factor. The size of such teams varies proportionately with that of the organization size and the roles that the groups are expected to carry out in the organization. A small organization may require more than two specialists while larger ones may entail a bigger team to meet diverse requirements. A forensic team cannot be created and trained within a short period and therefore a lot of patience needs to be observed before effectual role execution is noted. Skilled specialists are hard to find and organizations need to develop in-house specialists or outsource specific service. The process of nurturing in-house talent can be difficult because it mandates at least one specialist to train the other team players regarding handling information technology in the organization as related to criminal issues. Therefore, specialists need to be outsourced. Caution has to be taken not to incorporate in-house information technology professionals in the creation of a forensic department. This is because the company may think it is acting on cost efficiency by averting the training overheads to other company activities; it may mean incurring further losses due to lack of impartiality on the part of the information technology staff. A computer forensic agent or specialist should not have access to any of the organizations departments, especially the IT section. An eligible candidate for the post of a forensic specialist should have a strong IT background, investigative knowledge and skills. Additionally, one should also possess a vast knowledge of a variety of forensic tec hniques, tools and arising situations. Forensics Lab Various lab tools and equipment are required to perform assorted forensic examinations. Acquisition of these tools requires a great deal of resources as well as planning time. After the team is successfully established, it shall deliberate and identify types of hardware, operating systems, software and environments they would like to analyze. Subsequently, this will enable them to determine required tools for the different roles. The laboratory should be located in a secure location away from any threat like theft of tools and equipment since the equipping factor is usually quite costly. Lab security should also be sufficient to provide less distractions and privacy during operation sessions owing to the sensitive nature of the work. A forensic workstation or two are also necessary for the lab, with the inclusion of portable equipment to support fieldwork and field exercises. As the equipment may be costly, proper comparison of prices and a cost benefit analysis should be completed to determine the best tools for desired roles. Proper licenses need to be obtained for software to avoid inconveniences. The organization should also deliberate on the need to purchase lab tools or to outsource required services from other companies, for instance by offering tenders or seeking several quotations. Regardless of the firm being an information technology organization, it is highly impossible to possess all the desired forensic tools. Tools that may prove to be too costly for the firm maybe outsourced in specific periods while affordable tools are easily purchased. Most tools require specialized operators who understand and this factor should be outsourced for cost effectuality. The organization needs to understand that the acquisition processes and analysis of computer-based evidence is hard thereby necessitating numerous amounts of resources, planning and technical expertise. Subsequently, the organization would need proper needs assessment towards determining whether to nurture in-house information technology talent or outsourcing fully qualified specialists. References Bunting, S. (2007). EnCase Computer Forensics, Includes DVD: The Official EnCE: EnCase Certified Examiner Study Guide. New York, NY: John Wiley and Sons. Solomon, M.G., Rudolph, K., Tittel, E., Broom, N., Barrett, D. (2011). Computer Forensics Jumpstart. New York, NY: John Wiley Sons.