Digital Forensics is not an elephant, it is a process and not just one
process, but a group of tasks and processes in investigation. Examiners now
perform targeted examinations using forensic tools and databases of known
files, selecting specific files and data types for review while ignoring
files of irrelevant type and content. Despite the application of
sophisticated tools, the forensic process still relies on the examiner's
knowledge of the technical aspects of the specimen and understanding of the
case and the law - Mark Pollitt.
As has been established from articles by various authors including myself,
this re-branded model of computing now called cloud computing proposes
benefits that can improve productivity, harness high-speed systems which
can manage large data sets as well as systems implementations, and could
have a net positive impact on the operatio... (more)
Over the last few weeks I've been hearing a lot of discussion around HIPAA.
When we speak about HIPAA, invariably the two components of data security and
data privacy arises.
In the traditional data centers, database managers and data owners know where
their data resides and implement the necessary processes to preserve privacy
and audit access.
However, when we move to the cloud, the cloud being all about data, we are
looking at servers, network, and storage that are abstracted. This raises
concern that data owners may not necessarily know where their data sets
physically resi... (more)
Expanding on the " introduction to cloud computing" article, here are some
additional suggestions for choosing a cloud service model provider.
In a typical Cloud Computing data centre, an application set will generally
be hosted over Virtual Machines running on a large number of Physical
Total Cost of Ownership (TCO) is a definite factor when considering a move
for some enterprise services into the cloud. There are certainly arguments
both for and against the merits, especially when considering the impact of
risk on an enterprise that choses to transfer risk with the a... (more)
I've been asked quite a few times, "when will it be a good time to get into
cloud computing?" by potential clients. My answer is typically it depends...
I know, I know.... not much direction there, but really it all depends. Why ?
Well, some may state, "we all know of the much beaten security concerns, and
we will ensure that systems on our end are secured and synced to work in
tandem with the vendors' security."
Can one ensure some degree of monitoring by the implementation of an
Intrusion Detection System (IDS) residing within the system hosting the
gateway into the cloud?
Cloud Computing offers a sense of "vastness" in terms of storage and remote
processing. According to Simpson Garfinkil, a major challenge to any digital
forensics investigator investigating data within the cloud; can be an
inability to locate or identify data or code that is lost when single data
structures are split into elements.
This in effect directly impacts forensic visibility.
Within this ecosystem a major concern can be access to and the preservation
of data within an on-going digital forensic investigation. Of consideration
as mentioned in Part 1 - is that in a live and ... (more)