SlideShare a Scribd company logo

Forensic collection of electronically stored information

Download as DOC, PDF
James Cortopassi
James Cortopassi

Forensic collection of electronically stored information

Law
1 of 6
Forensic Collection of Electronically Stored Information By James Cortopassi Posted November 9, 2015 In eDiscovery 0 0 A forensic collection is the acquisition and preservation of digital data. The collection is an integral part of the eDiscovery process, and collections can be full (bit-for-bit) or pointed to a subset of all data, depending on the case requirements. Once validated, a defensible collection workflow can be offered for one’s case. The collected electronically stored information (ESI) will then be culled, analyzed, and further validated, as needed. Now, the culled data-set(s) can be prepared for review, coding and production during litigation. Where does the data come from? The collection can be compiled from various sources. Anywhere that data can reside, data
can be found. Data can be collected from devices such as but not limited to; servers, desktop computers, laptops, external hard drives, smart phones, and tablets. Additionally, cloud-based applications (e.g., social media, web-share platforms, and certain email) can be accessible by forensic professionals. Today, even deleted data can be recovered and made available for review and analysis. How is data collected? When litigation presents a need for the collection of ESI, there are a several different methods that can be exercised by a forensic professional. • In-Person ESI Collection This method involves an in-persona meeting with a forensic professional. The forensic professional will be able to acquire data from multiple sources, simultaneously, and immediately address any shifts in collection-scope. The client’s IT team will typically assist in mapping the data retention infrastructure prior to the acquisition taking place, in order to allow for a more seamless, efficient approach to the collection efforts. • Self-Collection Kit
This method is becoming more common amongst forensic professionals and their clients. Like the in-persona approach, this method of collection can range from a specific pointed location of interest to an extensive, broad acquisition of all ESI available. This method is viewed favorably for its quick delivery, convenient hours of collection, and cost-effectiveness. • Remote Data Collection Similar to Self-Collection Kits but requires a secure remote internet connection to a designated server. This method must overcome the barriers of company security policies restricting such access, and typically requires more oversight and IT compliance than a self-guided kit. Regardless of the method of collection one implements, all forms of forensic acquisition will produce comprehensive reports and details as to the data-management approach best suited for the matter. Typically, the forensic collection team will confer with the attorneys as to the findings, and how the recovered data should be treated, considering the scope, budget and exposure of the case at bar. Once data has been collected, data culling methods can resume in order to narrow the review set even more. The Benefits of a Certified Computer Examiner There are many advantages of contacting a Certified Computer Examiner (CCE). The data collection process can be overwhelming to some and, accordingly, should be conducted by trained professionals. These trained professionals use the latest forensic tools and procedures, as to avoid data-manipulation or spoliation. A CCE will be able to guide through the data and present an outline. Those who contact a CCE for their services should feel assured that they are moving forward in a legally defensible manner. Educated: In order to have become certified, these professionals must have completed courses and have at least 18 months experience with collection tools. Every two years the professional must re-certify their certification. Fair: As per The International Society of Forensic Computers, a CCE must “Provide a fair, vendor neutral, uncompromised process for certifying the competency of forensic computer examiners. ” This requirement will benefit any party looking for a CCE to
validate information for their case. Defensible: A CCE will be able to draft reports in-line with their independent findings. As a result of the data acquisition efforts; such reporting will include details regarding the data sought, location(s) where data was stowed, method(s) of collection, findings as to the clients depicted scope and requirements, and the ability to defend such procedures at the trial or hearing (by the way of testimony, if necessary). Preservation and Security When it comes to the integrity and authentication of the collected data, a proper chain of collection/custody log will be established. The purpose of the log is to present documentation of how the data originated. The log will detail how the data came to be collected, the analysis of the data, and how the data was kept preserved until trial. The chain of collection/custody log will corroborate the authentication of the evidence, as any altercations to the data will need to be logged. At LITeGATION we know the process of eDiscovery and how important it is to gather forensic collections. No matter what the platform or device, our Certified Computer
Examiners (CCE) are prepared to help you develop a collection workflow, initiate the proper data-acquisition, and get you prepared for the analysis of you responsive data. For forensic collections or any litigation support service, contact to us today for a free consultation. James Cortopassi James Cortopassi brings nearly 20 years of eDiscovery experience to his practice as a leader in litigation support and eDiscovery coordination. Mr. Cortopassi has managed thousands of cases involving forensic collections, data processing & hosted solutions, managed document review, ESI productions, trial technology services, and workflow- innovation.
Examiners (CCE) are prepared to help you develop a collection workflow, initiate the proper data-acquisition, and get you prepared for the analysis of you responsive data. For forensic collections or any litigation support service, contact to us today for a free consultation. James Cortopassi James Cortopassi brings nearly 20 years of eDiscovery experience to his practice as a leader in litigation support and eDiscovery coordination. Mr. Cortopassi has managed thousands of cases involving forensic collections, data processing & hosted solutions, managed document review, ESI productions, trial technology services, and workflow- innovation.

Recommended

Iezzi webinar
Iezzi webinarIezzi webinar
Iezzi webinarRobert Iezzi, Ph.D.
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
LITeGATION | Deposition Services
LITeGATION | Deposition ServicesLITeGATION | Deposition Services
LITeGATION | Deposition ServicesJames Cortopassi
 
Document Services - https://lnkd.in/eBHcHS6
Document Services - https://lnkd.in/eBHcHS6Document Services - https://lnkd.in/eBHcHS6
Document Services - https://lnkd.in/eBHcHS6James Cortopassi
 
Social media – a key component of e discovery litigation
Social media – a key component of e discovery litigationSocial media – a key component of e discovery litigation
Social media – a key component of e discovery litigationJames Cortopassi
 
Data mapping
Data mappingData mapping
Data mappingJames Cortopassi
 

Recommended

Iezzi webinar
Iezzi webinarIezzi webinar
Iezzi webinarRobert Iezzi, Ph.D.
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
LITeGATION | Deposition Services
LITeGATION | Deposition ServicesLITeGATION | Deposition Services
LITeGATION | Deposition ServicesJames Cortopassi
 
Document Services - https://lnkd.in/eBHcHS6
Document Services - https://lnkd.in/eBHcHS6Document Services - https://lnkd.in/eBHcHS6
Document Services - https://lnkd.in/eBHcHS6James Cortopassi
 
Social media – a key component of e discovery litigation
Social media – a key component of e discovery litigationSocial media – a key component of e discovery litigation
Social media – a key component of e discovery litigationJames Cortopassi
 
Data mapping
Data mappingData mapping
Data mappingJames Cortopassi
 
Document services
Document servicesDocument services
Document servicesJames Cortopassi
 
Trial presentation 01
Trial presentation 01Trial presentation 01
Trial presentation 01James Cortopassi
 
LITEGATION
LITEGATIONLITEGATION
LITEGATIONJames Cortopassi
 
Litegation infographic
Litegation infographicLitegation infographic
Litegation infographicJames Cortopassi
 
About the E-Discovery Process
About the E-Discovery ProcessAbout the E-Discovery Process
About the E-Discovery ProcessJames Cortopassi
 
Electronic discovery
Electronic discoveryElectronic discovery
Electronic discoveryJames Cortopassi
 
Three Bullying Prevention Tips for Parents
Three Bullying Prevention Tips for Parents Three Bullying Prevention Tips for Parents
Three Bullying Prevention Tips for Parents James Cortopassi
 
The children’s miracle network by james cortopassi
The children’s miracle network by james cortopassiThe children’s miracle network by james cortopassi
The children’s miracle network by james cortopassiJames Cortopassi
 
Children’s miracle network and rite aid launch 2013 balloon campaign by james...
Children’s miracle network and rite aid launch 2013 balloon campaign by james...Children’s miracle network and rite aid launch 2013 balloon campaign by james...
Children’s miracle network and rite aid launch 2013 balloon campaign by james...James Cortopassi
 
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYJulian Scutts
 
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...Sangyun Lee
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理Airst S
 
Reason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in IndiaReason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in IndiaYash
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.tanughoshal0
 
Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Abdul-Hakim Shabazz
 
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理ss
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in LawNilendra Kumar
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersJillianAsdala
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentationKhushdeep Kaur
 
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptxCASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptxMUKUL TYAGI
 
Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Nilendra Kumar
 
Mischief Rule of Interpretation of statutes
Mischief Rule of Interpretation of statutesMischief Rule of Interpretation of statutes
Mischief Rule of Interpretation of statutesshobhna jeet
 

More Related Content

More from James Cortopassi

About the E-Discovery Process
About the E-Discovery ProcessAbout the E-Discovery Process
About the E-Discovery ProcessJames Cortopassi
 
Three Bullying Prevention Tips for Parents
Three Bullying Prevention Tips for Parents Three Bullying Prevention Tips for Parents
Three Bullying Prevention Tips for Parents James Cortopassi
 
The children’s miracle network by james cortopassi
The children’s miracle network by james cortopassiThe children’s miracle network by james cortopassi
The children’s miracle network by james cortopassiJames Cortopassi
 
Children’s miracle network and rite aid launch 2013 balloon campaign by james...
Children’s miracle network and rite aid launch 2013 balloon campaign by james...Children’s miracle network and rite aid launch 2013 balloon campaign by james...
Children’s miracle network and rite aid launch 2013 balloon campaign by james...James Cortopassi
 

More from James Cortopassi (9)

Document services
Document servicesDocument services
Document services
 
Trial presentation 01
Trial presentation 01Trial presentation 01
Trial presentation 01
 
LITEGATION
LITEGATIONLITEGATION
LITEGATION
 
Litegation infographic
Litegation infographicLitegation infographic
Litegation infographic
 
About the E-Discovery Process
About the E-Discovery ProcessAbout the E-Discovery Process
About the E-Discovery Process
 
Electronic discovery
Electronic discoveryElectronic discovery
Electronic discovery
 
Three Bullying Prevention Tips for Parents
Three Bullying Prevention Tips for Parents Three Bullying Prevention Tips for Parents
Three Bullying Prevention Tips for Parents
 
The children’s miracle network by james cortopassi
The children’s miracle network by james cortopassiThe children’s miracle network by james cortopassi
The children’s miracle network by james cortopassi
 
Children’s miracle network and rite aid launch 2013 balloon campaign by james...
Children’s miracle network and rite aid launch 2013 balloon campaign by james...Children’s miracle network and rite aid launch 2013 balloon campaign by james...
Children’s miracle network and rite aid launch 2013 balloon campaign by james...
 

Recently uploaded

A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYJulian Scutts
 
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...Sangyun Lee
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理Airst S
 
Reason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in IndiaReason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in IndiaYash
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.tanughoshal0
 
Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Abdul-Hakim Shabazz
 
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理ss
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in LawNilendra Kumar
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersJillianAsdala
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentationKhushdeep Kaur
 
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptxCASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptxMUKUL TYAGI
 
Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Nilendra Kumar
 
Mischief Rule of Interpretation of statutes
Mischief Rule of Interpretation of statutesMischief Rule of Interpretation of statutes
Mischief Rule of Interpretation of statutesshobhna jeet
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理F La
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxelysemiller87
 
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理F La
 
一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理
一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理
一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理e9733fc35af6
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理bd2c5966a56d
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理Airst S
 
一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理e9733fc35af6
 

Recently uploaded (20)

A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURYA SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
A SHORT HISTORY OF LIBERTY'S PROGREE THROUGH HE EIGHTEENTH CENTURY
 
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
Sangyun Lee, Duplicate Powers in the Criminal Referral Process and the Overla...
 
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
一比一原版(JCU毕业证书)詹姆斯库克大学毕业证如何办理
 
Reason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in IndiaReason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in India
 
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.
 
Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?Who is Spencer McDaniel? And Does He Actually Exist?
Who is Spencer McDaniel? And Does He Actually Exist?
 
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
一比一原版(RMIT毕业证书)皇家墨尔本理工大学毕业证如何办理
 
Elective Course on Forensic Science in Law
Elective Course on Forensic Science in LawElective Course on Forensic Science in Law
Elective Course on Forensic Science in Law
 
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam TakersPhilippine FIRE CODE REVIEWER for Architecture Board Exam Takers
Philippine FIRE CODE REVIEWER for Architecture Board Exam Takers
 
Performance of contract-1 law presentation
Performance of contract-1 law presentationPerformance of contract-1 law presentation
Performance of contract-1 law presentation
 
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptxCASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
CASE STYDY Lalman Shukla v Gauri Dutt BY MUKUL TYAGI.pptx
 
Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.Cyber Laws : National and International Perspective.
Cyber Laws : National and International Perspective.
 
Mischief Rule of Interpretation of statutes
Mischief Rule of Interpretation of statutesMischief Rule of Interpretation of statutes
Mischief Rule of Interpretation of statutes
 
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
 
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptxNavigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
 
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
 
一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理
一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理
一比一原版(AUT毕业证书)新西兰奥克兰理工大学毕业证如何办理
 
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
一比一原版(Griffith毕业证书)格里菲斯大学毕业证如何办理
 
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
一比一原版(QUT毕业证书)昆士兰科技大学毕业证如何办理
 
一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理
一比一原版(UCB毕业证书)英国伯明翰大学学院毕业证如何办理
 

Forensic collection of electronically stored information

  • 1. Forensic Collection of Electronically Stored Information By James Cortopassi Posted November 9, 2015 In eDiscovery 0 0 A forensic collection is the acquisition and preservation of digital data. The collection is an integral part of the eDiscovery process, and collections can be full (bit-for-bit) or pointed to a subset of all data, depending on the case requirements. Once validated, a defensible collection workflow can be offered for one’s case. The collected electronically stored information (ESI) will then be culled, analyzed, and further validated, as needed. Now, the culled data-set(s) can be prepared for review, coding and production during litigation. Where does the data come from? The collection can be compiled from various sources. Anywhere that data can reside, data
  • 2. can be found. Data can be collected from devices such as but not limited to; servers, desktop computers, laptops, external hard drives, smart phones, and tablets. Additionally, cloud-based applications (e.g., social media, web-share platforms, and certain email) can be accessible by forensic professionals. Today, even deleted data can be recovered and made available for review and analysis. How is data collected? When litigation presents a need for the collection of ESI, there are a several different methods that can be exercised by a forensic professional. • In-Person ESI Collection This method involves an in-persona meeting with a forensic professional. The forensic professional will be able to acquire data from multiple sources, simultaneously, and immediately address any shifts in collection-scope. The client’s IT team will typically assist in mapping the data retention infrastructure prior to the acquisition taking place, in order to allow for a more seamless, efficient approach to the collection efforts. • Self-Collection Kit
  • 3. This method is becoming more common amongst forensic professionals and their clients. Like the in-persona approach, this method of collection can range from a specific pointed location of interest to an extensive, broad acquisition of all ESI available. This method is viewed favorably for its quick delivery, convenient hours of collection, and cost-effectiveness. • Remote Data Collection Similar to Self-Collection Kits but requires a secure remote internet connection to a designated server. This method must overcome the barriers of company security policies restricting such access, and typically requires more oversight and IT compliance than a self-guided kit. Regardless of the method of collection one implements, all forms of forensic acquisition will produce comprehensive reports and details as to the data-management approach best suited for the matter. Typically, the forensic collection team will confer with the attorneys as to the findings, and how the recovered data should be treated, considering the scope, budget and exposure of the case at bar. Once data has been collected, data culling methods can resume in order to narrow the review set even more. The Benefits of a Certified Computer Examiner There are many advantages of contacting a Certified Computer Examiner (CCE). The data collection process can be overwhelming to some and, accordingly, should be conducted by trained professionals. These trained professionals use the latest forensic tools and procedures, as to avoid data-manipulation or spoliation. A CCE will be able to guide through the data and present an outline. Those who contact a CCE for their services should feel assured that they are moving forward in a legally defensible manner. Educated: In order to have become certified, these professionals must have completed courses and have at least 18 months experience with collection tools. Every two years the professional must re-certify their certification. Fair: As per The International Society of Forensic Computers, a CCE must “Provide a fair, vendor neutral, uncompromised process for certifying the competency of forensic computer examiners. ” This requirement will benefit any party looking for a CCE to
  • 4. validate information for their case. Defensible: A CCE will be able to draft reports in-line with their independent findings. As a result of the data acquisition efforts; such reporting will include details regarding the data sought, location(s) where data was stowed, method(s) of collection, findings as to the clients depicted scope and requirements, and the ability to defend such procedures at the trial or hearing (by the way of testimony, if necessary). Preservation and Security When it comes to the integrity and authentication of the collected data, a proper chain of collection/custody log will be established. The purpose of the log is to present documentation of how the data originated. The log will detail how the data came to be collected, the analysis of the data, and how the data was kept preserved until trial. The chain of collection/custody log will corroborate the authentication of the evidence, as any altercations to the data will need to be logged. At LITeGATION we know the process of eDiscovery and how important it is to gather forensic collections. No matter what the platform or device, our Certified Computer
  • 5. Examiners (CCE) are prepared to help you develop a collection workflow, initiate the proper data-acquisition, and get you prepared for the analysis of you responsive data. For forensic collections or any litigation support service, contact to us today for a free consultation. James Cortopassi James Cortopassi brings nearly 20 years of eDiscovery experience to his practice as a leader in litigation support and eDiscovery coordination. Mr. Cortopassi has managed thousands of cases involving forensic collections, data processing & hosted solutions, managed document review, ESI productions, trial technology services, and workflow- innovation.
  • 6. Examiners (CCE) are prepared to help you develop a collection workflow, initiate the proper data-acquisition, and get you prepared for the analysis of you responsive data. For forensic collections or any litigation support service, contact to us today for a free consultation. James Cortopassi James Cortopassi brings nearly 20 years of eDiscovery experience to his practice as a leader in litigation support and eDiscovery coordination. Mr. Cortopassi has managed thousands of cases involving forensic collections, data processing & hosted solutions, managed document review, ESI productions, trial technology services, and workflow- innovation.