What Is Computer Forensics?
Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. Computer specialists can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information. Any or all of this information may help during discovery, depositions, or actual litigation.

Why use a forensics expert and a proper forensics methodology and tools?
Unlike paper evidence, computer evidence can often exist in many forms, Knowing the possibility of their existence, even alternate formats of the same data can be discovered. The discovery process can be served well by a knowledgeable expert identifying more possibilities that can be requested as possibly relevant evidence. In addition, during on-site inspections, for cases where computer disks are not actually seized or forensically copied (see below), the forensics expert can more quickly identify places to look, signs to look for, and additional information sources for relevant evidence.

Protection of evidence is critical. A knowledgeable computer forensics professional will ensure that a subject computer system is carefully handled to ensure that:

1. no possible evidence is damaged, destroyed, or otherwise compromised by the procedures used to investigate the computer.
2. no possible computer virus is introduced to a subject computer during the analysis process.
3. extracted and possibly relevant evidence is properly handled and protected from later mechanical or electromagnetic damage.
4. a continuing chain of custody is established and maintained.
5. business operations are affected for a limited amount of time, if at all.
6. any client-attorney information that is inadvertently acquired during a forensic exploration is ethically and legally respected and not divulged.

We! Secure Computer Forensics services include:

• On Demand Forensics inspection
• Computer Forensics lab
• Enterprise Computer Forensics consulting
• Enterprise Computer Forensics infrastructure design and installation
• Computer forensics team structure and training
• Employee Forensics awareness and Training
  

Steps taken in a Computer Forensics Inspection

• Protect the target
• Discover all data
• Recover deleted data
• Reveal all forms of data
• Accesses encrypted files.
• Analyzes all possibly relevant data
• Prints an overall analysis
• Provide expert consultation
• Provide testimony