Forensic Science (Forensics) is the application of a broad spectrum of sciences to
answer questions of interest to the legal system.
Intrusions or malicious acts can occur even with the best-of-breed information security infrastructure in place. We continue to hear in the news of the rising tide in computer security related incidents ranging from internal and external security breaches, employee misconduct, to industrial espionage and disclosure of classified corporate and personal information and intellectual property.
This usually results in diminished industry competitiveness, financial losses and a devastating public relations fallout.
RSS Inc. offers an IT Forensics service that reacts to computer security related incidents where a computational resource:
Is the means or an instrument of a crime or other offense
May contain evidence relevant to a criminal or civil litigation
Our team has the expertise in identifying the severity level and
determining what has transpired during the incident by conducting an accurate, factual and impartial examination of the acquired digital evidence. RSS Inc. utilizes a Best Practices approach by never working on the original media in order to preserve evidence and documenting everything throughout the entire examination process while maintaining the chain-of-evidence.
Once contacted by a client, our methodology ensures that steps are taken to acquire and secure the image without interfering with the integrity of the original evidence.
Once the acquisition of the data has been made, our trained team will recover, authenticate and examine every piece of information recovered from the image in order to prepare for a court presentation, all the while documenting and preserving the chain-of-evidence.
The evidence is gathered using industry leading hardware, software and in-house developed techniques.
To ensure that the chain-of-evidence is followed and maintained, our tools and techniques used in investigations must meet requirements in which all actions are logged, thus providing a detailed audit trail. Our documentation process starts from the moment we receive notice that a computer security related incident has occurred and comprises of the seizure, examination, storage or transfer of the digital evidence. These notes are then preserved and made available for review along with the relevant data, so that it may be used in the court of law, civil litigation matters, and corporate internal investigations.
From the 'lessons learnt', the RSS Inc. team will suggest preventative steps in order to mitigate future incidents.
The immediate benefit to an organization is provided through bringing in external professional help that will save time required to establish 'what, when, why and how'. This information can be used by the organization to identify the origins and ‘root cause’ of the information security incident.
The details of the investigative activities will be presented within different reports.
The information contained within these reports will be analyzed and mitigation steps will be proposed to the client.
RSS Inc. understands the importance of information confidentiality and would like to ensure our clients that the service is fully compliant with PIPEDA requirements for customer privacy and confidentiality.