I often think many do not truly grasp the value of computer forensics. To pigeon-hole Computer Forensics as an adjunct to electronic discovery is to lose sight of its overall value. As you will read, Mr. Wu’s opinion in the attached article echoes mine in that Computer Forensics, while very valuable to electronic discovery, has so many other applications and uses that we as a business and an industry fail to explore. Computer Forensics was and still is a standalone discipline that can be applied to internal investigations of misconduct by current or former employees. It clearly stemmed from the use of forensic analysis techniques for criminal investigations. “Computer Forensics” as a term is even somewhat misleading. In truth, the art of computer/digital/data forensics encompasses:
1. network intrusion detection
2. malware analysis (malicious software detection, analysis and quarantine)
3. Steganography (analysis of hidden malicious code in other files or emails)
4. Server and router analysis
5. mobile forensics
6. desktop and laptop forensics analysis
7. deleted file analysis and recovery
8. Incident Response
9. Internet Forensics
All of which can and have come under the umbrella of computer forensics. So if you think Computer Forensics is only applicable when electronic discovery is involved, think again. And keep in mind it is a powerful discipline for analysis of electronic files and the networks that they travel across.
Computer Forensics Goes Beyond eDiscovery
Richard Rodney is Site Logic’s Vice President in charge of Electronically Stored Information (“ESI”) services. His functions include oversight of the company’s New York based data teams and larger ESI projects (forensic collections, data processing, and hosting), reviewing and testing new technologies, and developing new and better products and services for our clients.
