Digital Investigations don't need to stop when you self-isolate

Mar 19 2020

An English proverb says, necessity is the mother of invention, meaning difficult situations inspire creative solutions. While many people already work remotely, and have been for years, it is new territory for certain industries and organizations that rely on being in an office environment. According to Owl Labs Global State of Remote Work, 56% of global companies allow remote work and because of COVID-19, that number has risen exponentially, at least temporarily. It’s no question that our home and work lives have been thrown a curveball. Some of our own employees are navigating a new normal and we hope this article provides some insight into how you can continue doing your job, because we all know investigations don’t stop. Enjoy this piece from Sam Holt, Sr. Technical Engineer at AccessData. Used with permission from his LinkedIn blog.

It's the big topic of the year. 2020, the year of Coronavirus. Countries are closing borders, governments are recommending self isolation 'social distancing' at best. The message from the British prime minister is "Don't go out".

Due to these restrictions being rapidly put in place, people all over the world are beginning to self-isolate, working from home, and avoiding public places.

The problem with this, is being able to access all of the items that they would usually use as part of their day to day in the office—otherwise, they could find themselves being less than productive.

One prime example of this would be individuals or teams who perform digital investigations.

A digital investigations platform would have to remain forensically sound, and are often built in environments which are 'air-gapped' (an air gap, air wall or air gapping is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network).

Air gapped networks would not traditionally have the ability to be able to be accessed from any external source, which is where the challenge lies.

I believe, with the correct safety and encryption measures put in place, usage of secure pipes and VPN technology, investigators could take advantage of a SaaS (Software as a Service) platform to access their investigations from a different location, such as a secure home environment, with certain exceptions such as IIOC.

Now I don't usually write my articles with a specific product in mind, but I felt it was my duty, during this time of crisis to let people know that there are flexible working solutions out there, and I could write about one that I'm pretty familiar with—AccessData Quin-C.

AccessData has been working heavily on this type of solution recently, with the suite of products available to use via the partnership with Amazon Web Services (AWS).

This means that an investigator or reviewer would no longer need to be tied to an office desk, mitigating the risk of becoming infected or spreading infection.

Case Administrators and team leaders can still closely monitor the investigations through full audit trail and dashboards which can show at-a-glance updates on each case for those individual who might prefer to procrastinate and might not be as productive as we would like.

Using the AccessData API for automatic evidence processing also reduces the need for physical and manual copying and pasting of evidence, through the use of auto case creation, automatic investigator assignment, and automatic processing. Perfect for getting through that backlog of data that comes in to the system overnight, ready for analysis first thing in the morning.

Another great reason to avoid the office.

All of the review part of the investigation could be performed remotely, with the bookmarking, labeling, tagging jobs performed safely and securely from a remote location. This solution would also work with independent locations such as field offices.

The solution is tied to the single unified database back end, ensuring all of the work is updated real-time, encouraging collaboration, with many investigators working a single case.

The platform is based on HTML5 technology meaning it's agnostic whether you work using a computer, tablet or even an Apple Macintosh machine.

All in all, a robust, all-round solution which actively encourages home-working should that be the direction you want to take your investigations in this time of crisis.

Quin-C also connects to your current FTK, LAB, Enterprise and ediscovery platforms too, so the transition can be super smooth.

I want to wish everyone out there good luck and safe health in this time of crisis - Try to stay away from public gatherings, and if you feel like you may have been exposed, try to avoid visiting elderly or infirm relatives. Take advice from your local government, and above all else, DON'T PANIC.

About the author:
Sam Holt is Team Leader and Senior International Engineer/Forensics Pre-Sales at AccessData and compliance champion, authoring papers on GDPR, ISO27001, PCI-DSS, and writing privacy and IT policies to adhere and comply.

Contact us today to learn more about our products and our
approach to improving how you collect, analyze and use data.
Tell Me More