Forensic Control – IT forensics & computer forensics investigators

Computer forensic investigations
Forensic Control examine computers for evidence in cases of dispute; we extract data, analyse it and report the results in clear, jargon-free English. With access to some of the most experienced IT forensic investigators and computer forensic expertise in London & across the UK, we uncover all types of data, even when attempts have been made to delete or hide it. To establish the who, what and when of computer use, call Forensic Control. Read More

Insolvency investigations

We provide a cost effective and court admissible solution for searching through tens of thousands of emails, spreadsheets, databases and documents, helping shed light on what was happening at a company during the lead up to liquidation.

Insolvency investigations

Employment/HR disputes

Cases such as workplace harassment or email policy breaches require careful analysis of computers, mobile phones and company servers to reveal what was done, when and by whom – whether it was printed, saved, deleted or forwarded.

Employment/HR disputes

Fraud investigations

Fraud almost always leaves a digital forensic trail, with clear evidence left on PCs, laptops, servers and mobile phones. Forensic analysis of these devices helps organisations build strong cases against those who commit fraudulent actions.

Fraud investigations

IP theft

Digital forensic analysis of computers, servers and mobile phones can reveal emails, text messages and spread sheets that are often key to investigations of infringement of intellectual property including copyright, trademarks, patents and trade secrets.

IP theft

Latest industry news

  • Forensic Control's Jonathan Krause is quoted on the BBC News website in relation to the analysis of Skype use BBC News (27 January 2012)

  • Jonathan Krause reviews 'Proof Finder'  an eDiscovery tool from Nuix costing $100 with all proceeds to charity. Proof Finder review (13 January 2012)

  • The case that had it all: The War on Terror, UK forensic provider FTS v West Yorks Hi-Tech Crime Unit, the recovery of data from mobile phones and intellectual property issues. Wragge & Co (4 January 2012)

  • Forensic Control's Jonathan Krause has been quoted on tracing suspects via Facebook in The Lancashire Evening Telegraph (9 December 2011)

  • GCHQ chief reports 'disturbing' cyber attacks against the UK, and are viewed as "serious a threat as terrorism" BBC (31 October 2011)

  • An insurance policy to "provide access to expert Digital Forensic Investigators and reimbursement of computer forensic examination costs" has just launched Cyber Protect (30 September 2011)

  • Forensic Control are very pleased to announce our latest associate, James Crabtree. Details on James' background are provided here (5 September 2011)

Top 10 IT forensic dos

  1. Secure the device so that no unauthorised person has access to it
  2. If the device is off, leave it off
  3. If the device is on, leave it on
  4. If the device is on, unplug any network cable and turn off Wi-Fi and/or Bluetooth connections
  5. If this is not possible pull the plug (shut down if a server) or remove the battery
  6. Do not inform anyone other than necessary that an investigation is underway
  7. Makes notes; of people involved, allegations, evidence, dates and times, etc.
  8. Gather any item which you have legal access to that may contain evidence; e.g., USB drives, CDs, paperwork, laptops, cameras, etc.
  9. If possible, do not tell the subject that they are under investigation
  10. Seek advice of a computer forensic company on further steps on analysing the data

Top 10 IT forensic don'ts

  1. Don't be tempted to ‘have a look’ and operate the device at all
  2. Don't use your IT department unless they are familiar with electronic evidence handling
  3. Don't use your IT department unless they are familiar with legal admissibility standards
  4. Don't delay; the sooner you respond the better the chance of preserving evidence
  5. Don't arose suspicion; don't tell anyone about the investigation unless necessary
  6. Don't ignore your HR department in this process; they can advise on legal matters
  7. Don't guess about best actions; if in doubt call a computer forensic company
  8. Don't hesitate in contacting the police if you think a crime may have been committed
  9. Don't be tempted to destroy any data; this can usually be traced and has serious legal consequences
  10. Do not run anything on the computer or do anything which may modify it in any way

Top 10 IT forensic readiness tips

  1. Ensure that every user has an individual user profile. Do not use generic accounts e.g. ‘admin’
  2. Every user profile should be protected by a password that is not shared
  3. All network devices should have sufficient logging/auditing switched on
  4. Event logs should be backed up to secure location
  5. Does your back-up procedure do what you thought it did? Verify it. Can it be restored?
  6. Ensure that all users have signed up to your computer/internet acceptable use policy
  7. Keep to hand the phone number of a reliable computer forensic company
  8. Ensure staff are familiar with the correct procedures; start with the top 10 forensic dos and don'ts
  9. Make sure all devices on your network are using the correct (and same) time and date
  10. Consider installing an intrusion detection system

The above lists are generic advice and may not necessarily be appropriate in your situation. For tailored advice call 020 7193 3324

Sitemap

Company

Services

Resources

Reviews

Copyright © 2011 Forensic Control Limited. Registered office: 6 Walkerscroft Mead, London, SE21 8LJ. Web design by Brandspankin'  Forensic Control logo