Cybersecurity Considerations with Bring Your Own Device (BYOD) Implementations

  Bring Your Own Device (BYOD) refers to allowing end users the ability to use their own personal mobile devices (e.g., phones, tablets, laptops, etc.) to conduct business instead of having a corporate device issued to them.  BYOD is often seen as a cost savings and a step toward a “21st Century Workforce” by executives. 

Digital Forensics / Incident Response Forms, Policies, and Procedures

  For my Master of Science Degree in Information Security and Assurance (MSISA) I wrote my thesis about the overall lack of standards, certifications, and accreditation in the digital forensics discipline (available here).  This lack of rigor within our profession may very well jeopardize the credibility of our discipline. Over the past decade that I have

Disheveled Digital Forensics: The Impact of Inconsistent Standards, Certifications, and Accreditation

Abstract   Technology and digital evidence are at the forefront of nearly every criminal, civil, and corporate investigation in the world. For the past thirty years digital evidence such as computers, cellular phones, tablets, servers, GPS devices, gaming consoles, storage devices, and network infrastructure devices have been forensically analyzed and presented in legal proceedings. In many

Using a SAN or NAS to Store Digital Evidence

  Over the years the question of how to store digital forensic evidence has been raised many times.  Forensic examiners often ask how to properly use a Storage Area Network (SAN) or Network Attached Storage (NAS) device in a digital forensic laboratory.  Some of the main questions asked are: 1) How do you handle the

Creating Screenshots and Recordings in Digital Forensic Investigations Using Free Mac Tools

There are many reasons why anyone working in the digital forensics/incident response profession should have the ability to record the screen of their computer. Whether it is recording the actions taken during an investigation so another person can replicate them, recording an adversaries activity on a victim machine, or simply creating some training videos,