Previous article in series – Digital Forensics: Identification, Collection, and Preservation of Digital Evidence Maintaining evidence from collection to trial is a critical part of digital forensics. You should have policies and procedures in place for the collection and management of evidence. In some cases, you may need to collect digital evidence on short notice….
Category: security
Digital Forensics: Identification, Collection, and Preservation of Digital Evidence
Previous article in series – Digital Forensics: E-Discovery Service Types & Legal Terms ISO/IEC 27037 offers guidance on identifying potential data sources and acquiring the data from the sources. Data acquisition should be performed using a three-step process: Develop a plan to acquire the data: Developing a plan is an important first step in most…
Digital Forensics: E-Discovery Service Types & Legal Terms
Previous article in series – Digital Forensics: Preparing for a Legal Hold E-Discovery Service Types SaaS-based: To some, “e-discovery in the cloud” means using the cloud to deliver tools used for e-discovery. SaaS packages typically cover one of several e-discovery tasks, such as collection, preservation, or review. Hosted e-discovery (provider): In the cloud, e-discovery can…
Digital Forensics: Preparing for a Legal Hold
Previous article in series – Digital Forensics: E-Discovery Preparing for a legal hold or e-discovery may include the following: Consideration of the SLA and contract agreements to ensure that investigations of cloud-based assets are permitted, or to check if prior notification and acceptance are required Contract agreements, explicitly stating the communication path between court participants…
Digital Forensics: E-Discovery
Previous article in series – Digital Forensics: Challenges & Recommendations What is E-Discovery? Electronic discovery (e-discovery) is the identification, preservation, collection, processing, review, analysis, or production of electronically stored information. Often it is the support mechanism and the impetus for investigations, data acquisition, and insight-driven initiatives. To properly manage e-discovery a multidisciplinary team needs to…
Digital Forensics: Challenges & Recommendations
Welcome to the fun world of Digital Forensics! *ahem* It’s even more fun on the Cloud. Gathering evidence is a crucial part of digital forensics, cloud or otherwise. Therefore, it is important to identify challenges before you begin the process. Key challenges to keep in mind are – The seizure of servers containing files from…
Security Considerations for Software as a Service (SaaS)
Previous article in series – Security Considerations for PaaS When SaaS is consumed from a public cloud service provider, the security options that the customer can control may be only at the application level. In that model, application security is the responsibility of the cloud service provider, but the customer retains responsibility for identity access…
Security Considerations for Platform as a Service (PaaS)
Previous article in the series – IaaS: Cloud Virtual Infrastructure Threats With the PaaS (platform as a service) model the vendor offers a complete development environment in which application developers can create and deploy their code. This avoids the need to build a server environment to run an application and the need to install a…
IaaS: Cloud Virtual Infrastructure Threats
Previous article in series – IaaS: Hypervisor Security Provisioning tools and VM templates are exposed to different attacks that attempt to create new unauthorized VMs or patch the VM templates to infect the other VMs that will be cloned from this template. These new categories of security threats are a result of the new, complex,…
IaaS: Hypervisor Security
Previous article in series – Cloud Computing: Shared Security Model The hypervisor acts as the abstraction layer that provides the management functions for required hardware resources among VMs. Virtual machine attacks: Active VMs are vulnerable to all traditional attacks that can affect physical servers. Once a VM is compromised, it may be able to attack…