Introduction The Regional Computer Forensics Laboratory (RCFL) National Program Office created this toolkit to help law enforcement executives assess.

Slides:



Advertisements
Similar presentations
Martin County Emergency Management Agency. Is your business prepared to survive the economic impact of a major disaster? Are your company's valuable assets.
Advertisements

0 EMS Stakeholders Meeting 2011 August 25, 2011 Bob Leopold EMS and Trauma Systems Program.
BUS VIDEO RECORDINGS COLLECTION – PROCESSING - REDACTION - SHARING WHAT IS RIGHT FOR YOUR DISTRICT?
Join the conference call by dialing the conference number in your Invitation or Reminder s. Please put your phone on mute. Please stand by! The webinar.
Records Emergency Planning and Response Webinar Session 2 Join the conference call by dialing the conference number in your Invitation or Reminder s.
Safety and Health Management Program
Guide to Computer Forensics and Investigations, Second Edition
Session V Records Management Process Development
Chapter 11 OFFICE MANAGEMENT.
Quality Assurance/Quality Control Policy
Lead Black Slide. © 2001 Business & Information Systems 2/e2 Chapter 14 Managing Information Systems and Technology.
By Drudeisha Madhub Data Protection Commissioner Date:
July 9, National Software Reference Library Douglas White Information Technology Laboratory July 2004.
Guide to Computer Forensics and Investigations, Second Edition
So What Can I Expect When I Serve on an NEASC/CPSS Visiting Team? A Primer for New Team Members.
Phases of Computer Forensics 1 Computer Forensics BACS Management Information Systems for the Information Age 5e, Haag, Cummings, McCubbrey, 2005,
Alabama Supercomputer Authority A partnership of … and.
Regulatory Affairs Personnel Training and Qualification (RA T&Q) Overview.
7 Handling a Digital Crime Scene Dr. John P. Abraham Professor UTPA.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
National Conference on Student Assessment June 2014 Balancing Test Security and Accessibility on Next Generation Online Assessments: One State’s Perspective.
Mobile Audio/Video Recording Equipment Policy and Procedure Number PP
Computer Forensics Principles and Practices
An Introduction to Computer Forensics Jim Lindsey Western Kentucky University.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.
Training and Certification. Who needs digital forensic training and professional certification? Forensic examiners Investigators Crime scene specialists.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.
The Regionalization Project New Regional Field Coordinator Orientation.
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Hazardous Materials Response Team Unit Operational Response Section.
PHEP Capabilities John Erickson, Special Assistant Washington State Department of Health
Chapter 2 Understanding Computer Investigations Guide to Computer Forensics and Investigations Fourth Edition.
National Archives and Records Administration, Preparing for the Unexpected ESSENTIAL ELEMENTS: ANALYSIS.
BY: EMERALD MOORE CRIME SCENE INVESTIGATOR (CSI).
Crime Scene Investigator. About Crime scene investigators (CSIs) go by many names, including: –evidence technician, –crime scene technician, –forensic.
Staff Assessment Technology Services Department Palmyra Area School District.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
Why Use a Professional Locksmith? We’d like to take a few moments of your time to explain the benefits to you, of using the services of a professional.
CYBER AND COMPUTER FORENSICS. 2016/06/082 Network of experienced stakeholders in the cybercrime environment Information gathering capability and analytical.
Jan Garvin, MCSFS Executive Director Law Enforcement & Emergency Services Video Association.
A cross functional team was formed to review the current revenue protection process, the potential impact due to the implementation of Smart Metering.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 1: Why Study Information Security?
Rebecca L. Mugridge LFO Research Colloquium March 19, 2008.
CHAP 6 – COMPUTER FORENSIC ANALYSIS. 2 Objectives Of Analysis Process During Investigation: The purpose of this process is to discover and recover evidences.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition.
Computers in the Ambulatory Care Setting
Program Review Presentation May 5th, 2010
Job Titles Examples Used for HISD Nonexempt Jobs
Human Aspects of Organizing Reading: pp. 173 – 183.
Pre-Course Assignment
Associate Degree in Cyber security
Budgeting and fund raising
Information Technology (IT) Department
Clinical Engineering Lecture (3).
Section 15.1 Section 15.2 Identify Webmastering tasks
Investigative Applications 29.6
Putting All The Pieces Together: Developing a Cyberinfrastructure at the Georgia State University Library Tim Daniels, Learning Commons Coordinator Doug.
Networks Software.
Lesson 5 Computer-Related Issues
(Discussion – The Department of Defense)
Police Services Analysis – Community Meeting 2
Welcome & Introduction
Digital Forensics Dr. Bhavani Thuraisingham
Lecture #20 Mid-Term Exam October 10, 2007
Chemical Purchasing.
Minnesota Board of Peace Officer Standards and Training
Continuity of Operations Planning
Forming a Cold Case Unit and Unit Expectations
The Survival Plan.
Visit to FBI Labs North Texas
Presentation transcript:

Managing Digital Evidence: What Every Law Enforcement Executive Must Know Preparedness Toolkit

Introduction The Regional Computer Forensics Laboratory (RCFL) National Program Office created this toolkit to help law enforcement executives assess their staff’s knowledge about managing digital evidence – and complements the Webcast entitled “Managing Digital Evidence: What Every Law Enforcement Executive Must Know” This toolkit also identifies what digital forensics resources are available to executives

Toolkit Contents To increase their digital forensics preparedness, Executives can follow four steps— Step #1: Create a Baseline Step #2: Get Smart Step #3: Obtain Resources Step #4: Build Capacity

Step #1: CREATE A BASELINE

Step #1: Create a Baseline Assess Your Staff’s Digital Forensics Know-How Start by polling your evidence technicians, first responders, crime scene experts and mid-level managers about their knowledge of basic digital evidence practices Establish a digital forensics primary point-of-contact within your Department

Step #1: Create a Baseline Assess Your Staff’s Digital Forensics Know-How - Review the volume and nature of your Department’s routine casework to identify staffing levels, technical needs, and training requirements.

Step #1: Create a Baseline Determine If The Right Personnel Are Trained In How To Identify Digital Evidence Are departmental digital forensics resources available to staff members, e.g. manuals, guides, policies, best practices? If not, ask you primary point of contact to create a central repository with this type of documentation

Step #1: Create a Baseline Handling Digital Evidence Do you have dedicated personnel who know how to properly handle digital evidence without altering or changing it?

Step #1: Create a Baseline Does your Department have adequate supplies to package, protect and secure digital evidence for transport?

Step #1: Create a Baseline Does your evidence storage facility have adequate ventilation and/or power to properly maintain digital evidence to prevent the destruction or loss of volatile data?

Step #1: Create a Baseline Does Your Staff Have Well Stocked Digital Media Recovery Field Kits? Items Should Include— Regular pliers Digital camera Screwdrivers with assorted bits Needle nosed pliers Wire cutters Tamper resistant tape Masking tape/blue Tape Flashlight Pen with indelible ink (sharpie) Hard drive storage cases

Step #2: GET SMART

Step #2: Get Smart Many Resources Are Available to Law Enforcement For Digital Forensics Training - From The Basic To The Sophisticated - While general Windows based computer forensic training and/or certification programs do exist, there are several areas of specialized training to consider such as Macintosh, Unix or Linux, Cell Phones, PDAs and/or Audio & Video examinations

Step 2: Get Smarter - Think RCFL! The RCFL Program offers a free, basic digital forensic Webcast to all law enforcement personnel – request an online copy or DVD, visit www.rcfl.gov The program also offers a free field guide – also available upon request on our web site

Step 2: Get Smarter - Think RCFL! Each RCFL offers a variety of free regional training courses, such as first responder training which covers proper techniques for the collection and preservation of digital evidence

Step #3: OBTAIN RESOURCES

Step #3: Obtain Resources Work Space – Is There Adequate Work Space Within Your Department Where Evidence Can Be Examined? - Ideally, each Examiner should have 300 square feet of isolated work space to work with and safeguard original digital evidence - Does the work space have adequate AC and power? Insufficient AC and power can cause system failures or crashes—resulting in the loss of digital evidence

Step #3: Obtain Resources Equipment - Work Stations - Ideally, each Examiner has two examination work stations, one administrative computer, one field computer or laptop device, at least one forensic software license, digital camera, and various backup or storage devices

Step #3: Obtain Resources Funding Can you spend approximately $25,000.00 per designee for initial software and hardware equipment costs? - Can you spend approximately $7,000.00 per designee annually for supplies, software license renewals and equipment upgrades or refresh? If funding is an issue, consider joining an RCFL as a way to obtain digital forensics resources without spending millions…

Step #3: Obtain Resources - Become A Participating Agency In An RCFL Training - RCFLs provide assignees with over 300 hours of initial training, including state-of-the-art training facilities, standardized testing and one-on-one mentoring from highly skilled and experienced forensic examiners at no cost to the participant agency Annual Equipment Refresh and/or Upgrades - Are provided to each RCFL assignee. Additionally, media costs for the reproduction and presentation of examination findings is provided at no cost to the participant agency

Step #4: BUILD CAPACITY

Step #4: Build Capacity Consider The RCFL Alternative Building a digital forensics lab could costs million The RCFL Program trains and certifies staff and offers a mentorship program that is second to none

Step #4: Build Capacity Each RCFL assignee is furnished over $25,000.00 equipment and software with a periodic refresh to ensure that all equipment remains current at no cost to the participant agency. Designees with specialized training, receive additional equipment to support each specialty

Step #4: Build Capacity The average RCFL provides a state-of-the-art work environment with over 15,000 square feet of work space

Step #4: Build Capacity Participating Agencies and Their Personnel Receive— Overtime Use of a vehicle and cell phone while on duty Training as an FBI certified Examiner High priority for their investigations Examiners bring their experience and expertise back to their home agencies

Step #4: Build Capacity If an organization can’t assign a staff person to the RCFL – they can still become a participating agency by contributing funding… This ensures that their investigations will receive top priority

Step #4: Build Capacity RCFLs Are a Force Multiplier – It’s more cost effective to pay the salary of an RCFL detailee, thereby gaining access to the laboratory - than to build a facility from scratch and to maintain it

Summary Digital evidence is here to stay. Executives must take action now— Create a baseline Get smart, get training Obtain resources Build capacity Join the RCFL Program

For More Information Visit www.rcfl.gov to view a directory of all RCFL locations Schedule a tour of your local RCFL Call the RCFL National Program Office on 703-985-3677 for further information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.