Have your data files been compromised? Your business is next.


header splash
Have your data files been compromised? Your business is next.
Data Security to Prevent Data Breach.
Join Us for a Lunch & Learn to Get the Facts

Date:Time:Location: Thursday, December 6, 201212:00 p.m. to 2:00 p.m. (Lunch will be provided)DoubleTree Inn,

10 Flint Road, Amherst, New York 14226

Lunch: 12:00 p.m. to 12:30 p.m

Presentation: 12:30 p.m. – 2:30 p.m.

Michael McCartney, President/CEO of DIGITS LLC explains the unscrupulous actions that can happen to your business if you do not take security seriously. McCartney continues by offering case studies and real world scenarios of what could happen if you do not have the proper systems and technology in place. Even after the damage is done, it is important to understand the steps you need to take to avoid litigation and data breach notification requirements, as well as the steps to preserve valuable electronic evidence.

McCartney is an internationally known expert in Computer Crime Investigations and Computer Forensics and is a Certified Forensic Computer Examiner (CFCE) through the International Association of Computer Investigative Specialists.

Mike Beecher, President of Escapewire Solutions will conclude the presentation by focusing on the measures taken by IT professionals to secure their corporate networks from external threats. Beecher will present best practices that network technicians use for proactively monitoring and securing their clients networks. Because data security is a vital component of the corporate network, Beecher will discuss back-up and disaster recovery plans for the office network and how they are best developed and implemented. Most companies feel they have an adequate back-up and disaster recovery plan until disaster strikes and they are tasked with recovering their network data.

Objectives:

  1. 1. Be able to evaluate how secure your office network is
  2. 2. Review current technologies for data backup to compare and contrast
    against your own
  3. 3. Determining the need for & differences in various offsite backup solutions
  4. 4. Determine if your office has a viable back-up and disaster recovery plan
  5. 5. How to develop a simple disaster recovery plan for your office
  6. 6. Identify gaps in your office’s data and network security

Continue Reading

Presented by:

escapewire solutions               digits llc

 

Man vs. Machine?

The Round Table w/ Avalon

October 2012 – By JP Midgley, President

While attending the International Legal Technology Association (ILTA) 2012 conference in August, I sat in on a panel discussion debating the hot topics of eDiscovery today. As many anticipated, predictive coding was brought up early in the discussion. If I took only one thought away from the conference it was from a comment made by George Socha (one of the founders of the EDRM model). I don’t remember the exact comment, but the takeaway was evident. Predictive coding isn’t meant to be a battle of attorney vs. machine.  Predictive coding is meant to be machine helping the attorneys. Continue reading

Law Firms & CPA Firms Target of Organized HACKERS

Law Firms, CPA Firms, and other professional service organizations are becoming the latest targets for organized hackers to attack.  These industries all have something in common that is drawing hackers to them like a magnet; sensitive client information.

In November of 2009, the Federal Bureau of Investigation (FBI) issued their first official warnings concerning spear phishing E-mails targeting U.S. law firms and public relations firms.  The FBI stated in that warning that they had “assessed with high confidence that hackers are using spear phishing e-mails with malicious payloads to exploit U.S. law firms and public relations firms.”  Since then, we have seen a dramatic increase in successful compromises of these firms as well as CPA firms.  (To read the full FBI warning visit http://www.fbi.gov/scams-safety/e-scams/archived_escams)

According to Help Net Security, 80 major law firms were hacked in 2011. The article titled “Law Firms Get Hacked For Deal Data” explains that the hackers used a common tactic to gain access into the law firms’ data.  (http://www.net-security.org/secworld.php?id=12318)

Hackers have become very sophisticated. Continue reading

Hacking Community VS. Service Providers: How exposed are you? Computer Forensics Webinar

As our technology is getting smarter, so are the individuals that are looking to compromise your most sensitive data.  Today, the hacking community is looking for the easiest way to brake into your network to expose Personal Identifier Information (PII), Personal Credit Information (PCI), and Personal Health Information (PHI).  Most recently, law firms and financial institutions have been in the radar for a corporate data breach; as outlined in the Bloomberg article below.

“China-Based Hackers Target Law Firms to Get Secret Deal Data”
http://tinyurl.com/6wwjs5z

However, law firms and financial institutions are not the only industries in target, all service providers should be at risk.  It is very important to understand the risk that you and your company faces with the daily activities with laptops, smartphone and tablets.  It is also very important to understand the security precautions that should be addressed to keep you secure from a possible breach.

Please join DIGITS LLC in a Free webinar on October 9, 2012 at 11:00 a.m. EST

Click here to register http://tinyurl.com/8he3cye

Computer Forensics 101:Proactive Compliance

This Session focuses on the fundamentals of computer forensics analysis:

Real life case studies will be used to highlight what the computer forensic expert looks for on computers, smart phones and tablets. Identification of Electronically Stored Information (ESI) and how computer forensics is used to identify fraud as well as proactive compliance programs and regulatory inquires. You will learn what you can expect to gather from computers and smart phones whose contents become evidence in your cases.

Agenda/Objectives:

Upon completion of this segment, you should be better able to:

1.    Understand the practical use of Computer Forensics in Data Loss Prevention (DLP).

2.    Understand what ESI is available from computers and smartphones.

3.    How to implement Proactive Computer Forensics techniques into Human Resource, Regulatory, Compliance, FCPA and other regulatory, compliance and Audit Programs.

Click here to register: http://tinyurl.com/8he3cye

For more information regarding this presentation or other upcoming events please contact Kelly Merz at kelly.merz@digitsllc.com
 
www.digitsllc.com

DIGITS LLC Featured in the ISA October 2012 Transmitter

The ISA Niagara Frontier Section recently reach out to DIGITS LLC for content to publish in their upcoming newsletter.  Members of the ISA include Automation Engineers across all industries in Western New York.  The ISA is ‘Setting the Standard for Automation’ and was looking for an article which discussed topics of compliance, safety or security.  That being said, we thought that our case study ‘Forensic Escrow Image and Analysis’ would be a great fit for this audience and publication.

Today, the ISA Niagara Frontier Section has released their October 2012 Transmitter Newsletter- featuring DIGITS LLC!  Below is a link to a PDF of the publication.

ISA- OCTOBER 2012 TRANSMITTER

To read this case study and other examples of Digital Forensic techniques applied to real life situations, please visit DIGITS LLC’s website at :

http://www.digitsllc.com/showcase/case-studies/100019/forensic-escrow-image-and-analysis 

www.digitsllc.com

Computer Forensics 101: Pro-active Compliance Webinar

                                               

Join DIGITS LLC and Mac Source Communications Webinar on October 9, 2012 at 11:00 a.m. EST

Computer Forensics 101: Pro-active Compliance

This session focuses on the fundamentals of computer forensics analysis:

What the computer forensic expert looks for behind the scenes, identification of Electronically Stored Information (ESI) and how computer forensics is used in every pro-active ethics and compliance program as well as in regulatory inquiries. You will learn the terminology used by computer forensics experts, and what you can expect to gather from computers and smart phones whose contents become evidence in your cases.

Agenda/Objectives:

Upon completion of this segment, you should be better able to:

1. Understand the terminology used in Computer Forensics.

2. Understand what ESI is available from computers and smartphones.

3. Implement Pro-Active Computer Forensics techniques into Human Resource, Regulatory, Compliance, FCPA and other regulatory, compliance and Audit Programs.

Presented by: Mike McCartney, President/CEO of DIGITS LLC

Event Details:

Date: Tuesday, October 9, 2012
Time: 11:00 am EST
Location: Online Webinar

(You will receive the login details in your confirmation email)

Click Here To Register!

Contact:

Liz Rizzo
Marketing Manager
MAC Source Communications
(800) 343-5554 x3904
erizzo@macsourceinc.com

OR

Kelly Merz
Marketing Coordinator
DIGITS LLC
(877) 216-2511 x6
kelly.merz@digitsllc.com
http://www.DIGITSLLC.com

 

Forensic Escrow Image & Analysis

By: Bradley J. Bartram, DIGITS LLC

The Facts:

Bill had worked for XYZ Company for over 22 years. Over the last 8 months, Bill’s sales numbers had significantly diminished and he was not performing under his “employee performance agreement”.  His Supervisor issued several warnings that produced no improvement in productivity.  Bill mentioned to the HR department that he felt management was not supporting him due to his age and that more support was given to younger sales force. Bill was ultimately terminated.  The Company took the proactive precaution of forensically imaging and escrowing Bill’s company issued laptop, desktop and blackberry device.  A week after being terminated, Bill filed an Age Discrimination suit against his employer.

Forensic Findings:

At the Company’s request Bill’s escrowed data was processed and forensically analyzed.  The Corporation Counsel and HR Department was able to quickly search the Electronically Stored Information (ESI) data and the findings showed unmistakable evidence that Bill had been spending his time for the past 8 months doing non-work related internet searches and visiting competitor web sites clearly in pursue of a new job.  A computer usage timeline was prepared which showed that between 9 and 5, Monday through Friday, Bill was very busy doing just about everything else except his assigned work.  Instant Message chat conversations were also recovered showing Bill had been communicating most of the workday with several job placement companies.  In one recovered chat conversation, Bill bragged to the headhunter that he would be very valuable to the competitor and even copied some confidential employer data into the chat for the headhunter to see.

Bottom Line:

The Company was able to present the findings of the computer forensic analysis to the opposing Counsel at a mediation hearing and was able to defeat all age discrimination claims by the former employee.  The Forensic Escrow Image and Analysis of the employees’ computers literally saved the company tens of thousands of dollars.

www.digitsllc.com
http://www.digitsllc.com/digital-forensics

Case Study: Digital Forensic Investigation on Deleted Information

It took a lot of hard work to build you company, equipping it with the latest technology and hand picking your staff.  You would do anything to make revenues grow and profits to increase. And almost anything to to protect it.  It may come to you as a surprise, but possibly the greatest threat does not come from outside your company, but from inside your company.  With all of the technology available and the number of employees, it is possible to be vulnerable to attack from within.

Think for a minute, has this happened to you?

Your computers combined with the internet is a powerful tool, used for good and bad.  The ‘delete’ key can correct mistakes or hide wrong doing.  I promise you, if an employee is doing bad, it is not on the company email.  They used out of band email, such as Hotmail or Gmail, and they think it is deleted when they log off.  They have not deleted it, it still exists.

At DIGITS LLC, we are consistently asked if the data exists in various locations.  Often times, we will get a case that originated from the company and the company’s I.T. department. Only to find out that the data has not been deleted- that it actually exists in multiple locations, both on the devises (laptops, smartphones, other network files shares).  Also, third party locations.  We are able to determine and assist clients in determining where their data really lives.  This is critically important in the areas of litigation.  When a company has been served with a litigation hold or recently served with a sapeina, a regulatory compliance seponia, or a lawsuit requesting that certain electronically stored information to be collected, preserved and ultimately produced.

We work with clients regularly to identify where that data is.  Either within their four walls or at some third party location.  We assist our client to properly collect, preserve,and ultimately examining and producing that data which is relevant to their litigation.

These are cases that DIGITS LLC can lend a tremendous amount of value to. We can forensically analyze the laptops, the desktops, the smartphones, as well as the out of band email communications that are taking place between the employee and the outside entities to determine what is really going on.  In Computer Forensics, we can dig deep and find out what your employees are doing.  We can also conduct high level investigations if you have been violated, or think you have been.

Your I.T. person might be the first person to notice that something suspicious has happened.  When they inform you, your first inclination will be to have the I.T. person investigate the problem- this could be the worst possible thing you could do. I.T. professionals are not forensic experts.  They do not use the same tools or have the same certifications that forensic experts hold.  I.T. treats data as data. At DIGITS LLC we treat data as evidence.  If the I.T. professional goes into the electronic devise and damages the evidence, it will be difficult to prove in a court of law, because things change.

When DIGITS LLC completes an investigation, you will have a report that is a thorough and complete depiction, in which your legal team can proceed.  If a problem is detected, DIGITS LLC can get to the bottom of it.  We can stand as an expert witness in the case of litigation.  We can advise your company on proactive prevention and compliance with policies and procedures.

If you find yourself involved with litigation, a regulator compliance matter, give DIGITS LLC a call.  We have assisted clients negate these matters and consulted them with the proper evidence collection, preservation, examination, and production of this information that is relevant specifically to their case.  We can help solve your problem.  DIGITS LLC has done it with over 115 years of law enforcement, decades of experience with digital forensics and advanced technology investigations.  We have been on some of the largest high profile investigations in the country and we can do it for you.  Not only can we help you solve an immediate problem as a reactive approach, but we can also assist you proactively manage and mitigate your risk moving forward so that you can identify issues and deal with those issues before they become a problem.

For additional information, visit our website www.digitsllc.com or call us at 877-216-2511.

Computer Forensics 101: Proactive Compliance with The Institute of Internal Auditors

The Institute of Internal Auditors

Thursday, September 13, 2012

“Computer Forensics 101: Proactive Compliance’
Presented by Michael McCartney, President & CEO of DIGITS LLC.

Cost of the seminar is $20 for members, $30 for non-members, and $15 for students.

Date: Thursday, September 13, 2012
Time: 12:00 to 1:30p.m.
Location: Chef’s Restaurant, 291 Seneca Street, Buffalo, New York 14204
RSVP: By end of the day on Friday, September 7, 2012

To register for this event, please follow this link.  http://www.theiia.org/chapters/index.cfm/view.event_detail/cid/24/event_id/19119