I.T. autopsy
THE CALL CAME IN EARLY on a winter morning last year. An urgent voice spoke about corporate espionage and theft of trade secrets. After a few deep breaths, the caller identified himself as counsel representing an international bank and said he was highly distressed about a developing situation with one of the bank's former employees. He outlined allegations that before joining another company, the employee took internal client information valued in the million-dollar range. The official said he was turning to investigators from New Technologies Inc. (NTI) for help.
Paul French, manager of NTI's Computer Forensics Laboratory, opened an investigation right away. With cooperation from the bank and the suspect's new employer, French got the employee's old and new computers and made copies of the hard drives on each one. Working off these copies so as not to damage the originals, French then used proprietary tools to search for hidden information about certain files. In a matter of hours, NTI investigators confirmed that the employee had taken key documents from the bank, downloaded them on to a floppy disk, and saved them on his computer at his new job.
"All in a day's work," French deadpans, in the best Sgt. Friday impression he can muster. "This [employee] thought that by tossing files in the trash, he could erase all the evidence of his crime. Suffice it to say, he thought wrong."
Bad guys always overlook something, and this ill-fated
-THOMAS TALLEUR, MANAGING DIRECTOR OF FORENSIC TECHNOLOGY SERVICES, KPMG
criminal underestimated the effectiveness of computer forensics. Like more traditional police forensics, this science has one overarching goal: to find evidence of crime and preserve it for eventual use in a court of law. Once regarded by technophiles as an obscure component of network security, the discipline has blossomed into a science all its own, garnering widespread attention from analysts and CIOs and sparking an industry of companies such as NTI. This boom makes perfect sense
» posted by ITworld staff
CIO
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
VMware ESX Server in the Enterprise
By Edward L. Haletky
Published Dec 29, 2007 by Prentice Hall.
Enter now! | Official rules | Sample chapter
Green IT
By Toby Velte, Anthony Velte, Robert C. Elsenpeter
To be published Oct. 10, 2008 by McGraw Hill Professional
Enter now! | Official rules | About the book
