HomeSearchSitemap


Corporate Governance
Internal Control
IT Audit Services
IS Security Assessment Services
Sarbanes Oxley Compliance
Other Legal Compliance Services
Fruad & Forensic Evidence
Fruad Prevention and Detection Services
Accounting Forensic Services
Digital Forensic Services
eDiscovery Services
Litigation Support Services
 
 
Our Team
Contact Us
Overview of IT Forensic Services

With increasing concerns over protecting customer data and guarding against data leakage, clients are becoming more resolute to respond to such incidents and are turning to digital forensic investigations. Digital forensics has become an integral part of incidence response programs, or part of accounting forensics for heaving reliance on digital information for transaction processing.

Spry Control's digital forensics investigation is a sophisticated, technology-based approach to identifying malicious or accidental abuse of a client's IT systems and sensitive customer or corporate data. Such an investigation will evaluate the nature of a security breach, evidence of misuse if necessary, determine the impact on the client's business, and suggest remediation to guard against it happening again. Investigations can range from:
  • Source and extent of malicious attacks from insiders or outsiders,
  • Misuse of corporate assets or data - whether accidental or intentional - and
  • Loss of intellectual property by internal or external threats.

Forensic Readiness Assessments

We help clients identify the appropriate policies, procedures and technologies that should be implemented in order to build a security framework that will support a forensic investigation in the future. IT organizations that perform a readiness assessment, and make forensics part of an overall incident response plan, are better prepared to identify issues and react quickly to an unforeseen breach, thereby lessening the impact on the company. It also enables a client to proactively monitor the information assets for any misuse, maintain integrity of system logs and audit trails, and also look out for any early signals of threats or vulnerabilities.

Digital Forensic Investigation

In the event of a security incident or other financial investigations, Spry Control performs a complete investigation, leveraging proven best practices to ensure the integrity of the available data at the time of investigation. Results are reported back and data is presented in a format designed to provide the client with sufficient evidence.

  • Pre-investigation Protocol. The science of computing and the laws of evidence are both complex. We obtain an agreement with the client on the followings:
  • Establish the specific roles that individuals and organizations will play in the investigation and confidentiality to be maintained.
  • Carry iout an inventory and review on the hardware, software, systems and back-up media and other materials as potential evidence source.
  • Identify the manner and state of evidence
  • prepare a plan for the collection and analysis of existing data, the processed data, tracing and reporting of data being sought,
  • System Audit and Data Collection . Following our initial consultation and given client authority to proceed, we will inspect and freeze computer systems and associated components making it impossible for subsequent changes to be made to content or configuration. Data collection is then undertaken with applications whose use is de-facto in forensic investigations involving information stored on computers.
  • Securing Evidence .In matters of evidence it is mandatory that a strict "chain-of-custody" is followed and all items are preserved for independent or further safe analysis. Each item will be photographed, labeled and sealed in an appropriate container with evidence tape. Chain of custody and evidence handling forms will be initiated and utilized throughout the analysis.
  • Recovery . We use specific applications to recover and create an image of the suspect media. Using the image produced, our forensic experts can then investigate the computer system and files for evidence. Data recovery for non-investigative matters, in just of loss of data for media failure or accidental deletion, is also a service that we provide, utilizing the same stringent guidelines and latest techniques. All investigations are conducted with the assumption that it will be appearing in a court of law. As such, all data recovered will meet the stringent admissibility requirements.
  • Forensic Analysis . Our computer forensic analysts are always working under the primary instruction and guidance the client or the legal counsel. Our experts are able to advise, interpret and combine together information for clients in a comprehensive manner and detail a thorough account of events, computer usage and content. Using forensic image files our expert analysts investigate the media and its contents including altered, damaged, removed, hidden or deleted data or data from inactive or unused storage areas on the media. They then provide an historical ledger of the relevant content contained in the files.
  • Expert Testimony and Reporting. Once the investigation is complete we will support client cases by preparing and submitting reports about the evidence found, and the means by which it was discovered. We will also provide data for affidavits or other pleadings, discovery and expert testimony and reports.
  • Termination. Our submission of the total data collected in a readable format either electronic, print for archive or to an existing litigation support database upon request concludes our engagement. We will, however, provide support on the storage and preservation of evidence in the event of appeal or review