Forensic Control – IT forensics & computer forensics investigators

Computer forensic investigations
Forensic Control examine computers for evidence in cases of dispute; we extract data, analyse it and report the results in clear, jargon-free English. With access to some of the most experienced IT forensic investigators and computer forensic expertise in London & across the UK, we uncover all types of data, even when attempts have been made to delete or hide it. To establish the who, what and when of computer use, call Forensic Control. Read More

Insolvency investigations

We provide a cost effective and court admissible solution for searching through tens of thousands of emails, spreadsheets, databases and documents, helping shed light on what was happening at a company during the lead up to liquidation.

Insolvency investigations

Employment/HR disputes

Incidents of workplace harassment or email policy breaches will often benefit from careful analysis of computers, mobile phones and company servers to reveal what was done, when and by whom – whether it was printed, saved, deleted or forwarded.

Employment/HR disputes

Fraud investigations

Fraud almost always leaves a digital forensic trail, with clear evidence left on PCs, laptops, servers and mobile phones. Forensic analysis of these devices helps organisations build strong cases against those who commit fraudulent actions.

Fraud investigations

IP theft

Digital forensic analysis of computers, servers and mobile phones can reveal emails, text messages and spread sheets that are often key to investigations of infringement of intellectual property including copyright, trademarks, patents and trade secrets.

IP theft

Latest industry news

  • Forensic Control are very pleased to announce that Jim Borwick has become our latest computer forensic and mobile phone associate Forensic Control associates (8 May 2012)

  • Ex-BP engineer allegedly destroyed evidence, 'deleting Deepwater oil spill texts' The Register (25 April 2012)

  • 10 tips for securing your mobile phone, by Forensic Control's Jonathan Krause Expansys (10 April 2012)

  • Prosecutions for racist Twitter comments illustrate that what happens online is subject to offline laws. "When a person makes such comments digitally, they effectively hand police much of the evidence needed to build a robust case against them". The Guardian (28 March 2012)

  • First UK High Court claim to be served via Facebook: LegalWeek.com (23 February 2012)

  • Forensic Control's Jonathan Krause is quoted on the BBC News website in relation to the analysis of Skype use BBC News (27 January 2012)

  • Jonathan Krause reviews 'Proof Finder'  an eDiscovery tool from Nuix costing $100 with all proceeds to charity. Proof Finder review (13 January 2012)

  • The case that had it all: The War on Terror, UK forensic provider FTS v West Yorks Hi-Tech Crime Unit, the recovery of data from mobile phones and intellectual property issues. Wragge & Co (4 January 2012)

Smooth Slider

Top 10 IT forensic dos

  1. Secure the device so that no unauthorised person has access to it
  2. If the device is off, leave it off
  3. If the device is on, leave it on
  4. If the device is on, unplug any network cable and turn off Wi-Fi and/or Bluetooth connections
  5. If this is not possible pull the plug (shut down if a server) or remove the battery
  6. Do not inform anyone other than necessary that an investigation is underway
  7. Makes notes; of people involved, allegations, evidence, dates and times, etc.
  8. Gather any item which you have legal access to that may contain evidence; e.g., USB drives, CDs, paperwork, laptops, cameras, etc.
  9. If possible, do not tell the subject that they are under investigation
  10. Seek advice of a computer forensic company on further steps on analysing the data

Top 10 IT forensic don'ts

  1. Don't be tempted to ‘have a look’ and operate the device at all
  2. Don't use your IT department unless they are familiar with electronic evidence handling
  3. Don't use your IT department unless they are familiar with legal admissibility standards
  4. Don't delay; the sooner you respond the better the chance of preserving evidence
  5. Don't arouse suspicion; don't tell anyone about the investigation unless necessary
  6. Don't ignore your HR department in this process; they can advise on legal matters
  7. Don't guess about best actions; if in doubt call a computer forensic company
  8. Don't hesitate in contacting the police if you think a crime may have been committed
  9. Don't be tempted to destroy any data; this can usually be traced and has serious legal consequences
  10. Do not run anything on the computer or do anything which may modify it in any way

Top 10 IT forensic readiness tips

  1. Ensure that every user has an individual user profile. Do not use generic accounts e.g. ‘admin’
  2. Every user profile should be protected by a password that is not shared
  3. All network devices should have sufficient logging/auditing switched on
  4. Event logs should be backed up to secure location
  5. Does your back-up procedure do what you thought it did? Verify it. Can it be restored?
  6. Ensure that all users have signed up to your computer/internet acceptable use policy
  7. Keep to hand the phone number of a reliable computer forensic company
  8. Ensure staff are familiar with the correct procedures; start with the top 10 forensic dos and don'ts
  9. Make sure all devices on your network are using the correct (and same) time and date
  10. Consider installing an intrusion detection system

The above lists are generic advice and may not necessarily be appropriate in your situation. For tailored advice call 020 7193 3324

Sitemap

Company

Services

Resources

Reviews

Copyright © 2011 Forensic Control Limited. Registered office: 6 Walkerscroft Mead, London, SE21 8LJ. Web design by Brandspankin'  Forensic Control logo