Computer Forensics is defined as “The discovery, analysis, and reconstruction of evidence extracted from and/or contained in a computer, computer system, computer network, computer media or computer peripheral.”
Computers are used to create, store and manipulate data of all sorts, ranging from the simple email message to massive database files and everything in between. As someone works on a computer giving it instructions on what to do, that computer’s operating system and software are busy doing many things in the background in order to execute your command. As the computer does this, it often creates a trail that shows who, how, when and where that file or set of instructions originated. A part of that “trail” can include other copies of that file that end up residing on the computer forever, but exist in a format that the average computer user can not see which can only be detected by computer forensic investigation using specialized software. The computer forensic investigator must then take great care to document where data is found and to preserve the chain of custody of the evidence they locate.
In California, the examination and collection of this evidence must be conducted correctly by a licensed professional investigator who is trained in the operation of the computer forensic software and the proper techniques for thorough investigation.
All of this work must be done without altering the computer being examined. The industry norm is to create an exact copy of the entire hard drive, called a forensic image, and then the analysis or search is performed on that clone. The evidence can then be put on a CD-Rom or printed and used by the Client. In some instances, the California computer forensics expert must testify about his/her findings in court.
To learn more about computer forensics or If you are interested in discussing a computer forensic issue and how we may be able to assist you, please call us today to speak with a qualified computer forensics expert at 866.489.3055 or email T57 at: Info@temple57.com.