BDO CONSULTING FORENSIC TECHNOLOGY SERVICES



Similar documents
Organizations today are faced with an CORPORATE COUNSEL PROVIDE AN INSIDE LOOK AT THE STATE OF E-DISCOVERY EXECUTIVE REPORT

e-discovery Forensic Services kpmg.ch Advisory

From Chaos to Clarity.

How To Manage Cloud Data Safely

Information Technology Audit & Forensic Techniques. CMA Amit Kumar

Measures Regarding Litigation Holds and Preservation of Electronically Stored Information (ESI)

Digital Forensics & e-discovery Services

Case Study: Hiring a licensed Security Provider

Deloitte Discovery Caribbean & Bermuda Territory Guide

Records Retention & E-Discovery. Preserving Electronically Stored Information for Litigation


IBM Unstructured Data Identification and Management

E-Discovery Toolkit for Educational Institutions

ILM et Archivage Les solutions IBM

Miguel Ortiz, Sr. Systems Engineer. Globanet

Are Mailboxes Enough?

ediscovery Solutions

Guide to advanced ediscovery solutions

Records and Information Management and Retention

Electronic Discovery

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

Data Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review

Global Headquarters: 5 Speen Street Framingham, MA USA P F

B. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence.

EnCase ediscovery. Automatically search, identify, collect, preserve, and process electronically stored information across the network.

What You Should Know About ediscovery

IBM ediscovery Identification and Collection

Electronic Discovery How can I be prepared? September 2010

1. The records have been created, sent or received in connection with the compilation.

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY

Digital Forensics, ediscovery and Electronic Evidence

CA Message Manager. Benefits. Overview. CA Advantage

The E-Discovery Process

Overview of Computer Forensics

Symantec Enterprise Vault E-Discovery Connectors

Director, Value Engineering

Preservation and Production of Electronic Records

KPMG Forensic Technology Services

Financial discovery and beyond using BMMsoft EDMT Solution

Discovery of Electronically Stored Information ECBA conference Tallinn October 2012

Chapter 7 Securing Information Systems

e-discovery Forensics Incident Response

What Am I Looking At? Andy Kass

Symantec Enterprise Vault.cloud Overview

ediscovery: The New Information Management Battleground Developments in the Law and Best Practices

Data Analytics Leveraging Data Visualization and Automation in Audit Real World Examples

plantemoran.com What School Personnel Administrators Need to know

E-Discovery Technology Considerations

E-Discovery Quagmires An Ounce of Prevention is Worth a Pound of Cure Rebecca Herold, CISSP, CISA, CISM, FLMI Final Draft for February 2007 CSI Alert

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

Best Practices in Electronic Record Retention

E- Discovery in Criminal Law

Data Compliance. And. Your Obligations

FIVE TIPS FOR A SUCCESSFUL ARCHIVE MIGRATION TO MICROSOFT OFFICE 365 WHITEPAPER

The Proper Acquisition, Preservation, & Analysis of Computer Evidence: Guidelines & Best-Practices

Digital Forensics Services

Understanding ediscovery and Electronically Stored Information (ESI)

Symantec Enterprise Vault and Symantec Enterprise Vault.cloud

Predictability in E-Discovery

Using EMC SourceOne Management in IBM Lotus Notes/Domino Environments

Archiving and The Federal Rules of Civil Procedure: Understanding the Issues

WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

Solving Key Management Problems in Lotus Notes/Domino Environments

AccessData Corporation. No More Load Files. Integrating AD ediscovery and Summation to Eliminate Moving Data Between Litigation Support Products

INCIDENT RESPONSE CHECKLIST

capabilities statement

Digital Forensics for Attorneys Overview of Digital Forensics

Agenda. You are not in the business to manage records

Domain 1 The Process of Auditing Information Systems

Forensics & E-Discovery. Presented by the ASIS Information Technology Security Council

How To Manage Security On A Networked Computer System

Rule 30(b)(6) Depositions in Electronic Discovery. Discovering What There Is to Discover

The Clearwell ediscovery Platform

Meeting E-Discovery Challenges with Confidence

SMART ARCHIVING. The need for a strategy around archiving. Peter Van Camp

Exchange Server 2010 & C2C ArchiveOne A Feature Comparison for Archiving

ORACLE FUSION MIDDLEWARE PROFILE

Transcription:

BDO CONSULTING FORENSIC TECHNOLOGY SERVICES MARCH 2013

AGENDA Introduction About BDO Consulting Computer Forensics & E-Discovery Practice Current Trends Case Studies Q&A Page 2

Michael Barba Managing Director, CISSP, GSNA, DFCP, EnCE, CPP mbarba@bdo.com Direct: 212-885-8120 Mobile: 908-917-7795 100 Park Avenue New York, NY 100123 Tel: 212-885-8000 Fax: 212-697-1299 www.bdoconsulting.com EXPERIENCE SUMMARY Managing Director, BDO USA LLP Computer Forensics and Electronic Discovery Practice Over 15 Years IT Security, Investigations, Computer Forensics, and Electronic Discovery Engagements Employee Code of Conduct Investigations Intrusion Investigations Theft of Intellectual Property A Recipient of the High Technology Criminal Investigation Association Case of the Year Award Member Digital Forensic Certification Board (DFCB.org) Thirteen Years of Physical Security Managing security staff of 30 people Loan Office Defalcation Investigations Employee Code of Conduct Investigations Executive Protection Planning Page 3

LITIGATION & FRAUD INVESTIGATIONS Retained by Law Firms Retained by Public and Private Companies Retained by Insurance Companies Retained by Government Agencies Page 4

BDO CONSULTING S FORENSIC TECHNOLOGY SERVICES

FORENSIC TECHNOLOGY SERVICES On-Site Lab Dedicated and Secure Access and climate controlled Sophisticated and diverse tools E-discovery platform hosting capabilities State-of-the-art Scalable Page 6

Forensic Technology Services Computer Forensics Collection & Preservation Analyzing individuals conduct Including deletion activity, file copying, Internet browsing and wiping/secure deletion activity. Data Recovery Search live and deleted files, unallocated space and slack space, based on keywords and/or concepts and recovery. Identify known system and user files, as well as duplicate files and email threads, to limit and expedite document review. Password Cracking and/or Bypassing Identify password protected and encrypted files as well as process to view content. Online investigations Social Media Email Threads/Tracking and Identification BDO CONSULTING, Consulting Forensic Litigation Technology & Fraud Services Investigation Services Page 7

Introduction Electronic Discovery Reference Model (EDRM) Volume Relevance Source: Socha Consulting and Gelbmann & Associates

Forensic Technology Services E-Discovery Electronically Stored Information ( ESI ) Protocol & Policies Rule 26(f), meet & confer conferences Strategy development Identification, preservation & collection Data culling (Date Filter, Search Terms, Computer Assisted Review) Data processing (Indexing, Error Correction ) Review & production Multinational, multilingual reviews 30(b)(6) fact witnesses Page 9

FORENSIC TECHNOLOGY SERVICES Computer Forensics & E-Discovery Identify Filter Search Review Smoking Gun Page 10

Forensic Technology Services Data Analytics Extract data from various systems Evaluate data quality and standardization Verify data accuracy Identify and report data anomalies Identify deviations in data patterns Organize and summarize data sets Tools & ERP Systems ACL Access AS400 Dynamics IDEA JD Edwards Oracle PeopleSoft SAP SQL Server Tableau Excel (vlookup/stats/modeling/auto mated formula review) COMPLEX DATA SETS DISPARATE DATA LARGE DATA SETS Page 11

FORENSIC TECHNOLOGY SERVICES Need for Computer Forensic Services Clients faced with litigation or internal issues When there is fraud detected at your client When there are allegations of fraud raised in the audit When you hear of a litigation proceeding with a large discovery component When there is a product liability class action involving consumer products When there may be a time & expense or wage & hour investigation/class action Audit clients Day to day needs When your client has: - a large volume of data - a complex dataset - disparate data Tax clients Day to day needs When you need assistance automating and analyzing large data sets Page 12

Current Trends: Social Media

CHALLENGES OF SOCIAL MEDIA Number of Accessible Computing of each individual 2010: Average of five (5) devices per person 2013: Estimation of seven (7) devices per person YouTube Fun Fact More Video was uploaded to YouTube in the past two months than if ABC, CBS, and NBC had been airing new content 24/7/365: Since 1948 Power of the Subpoena Law enforcement requests Social media sites retention policies Preservation requests what to request? Page 14

SOCIAL MEDIA PRESERVATION BEST PRACTICES Computing Devices (Computers, Tablets, Smart Phones) Forensic preservation of devices Proper hardware (write blockers) Proper software Training in analysis where to look and rebuilding Chain of custody physical and documentation Preservation of collected data Social Media Websites Preservation requests user and account details Subpoenas Preservation of received data Chain of custody Page 15

Current Trends: DATA FLOW

UNDERSTANDING DATA FLOW ANALYSIS Logical flow of data Email (enterprise, 3rd-party web-based) Instant messaging (enterprise, 3rd-party web-based) File and Print servers Phone Systems VoIP Computer Hardware External storage media (USB drives) Vendor/Cloud-hosted data Onsite, offsite, and online backup Social Media Peer-to-peer file sharing Page 17

CHALLENGE OF DATA MAPPING & FLOW ANALYSIS Paper Records Physical, tangible Limited locations Easier to destroy Electronic Records Virtual, intangible, dynamic Exponential growth in data volume Numerous locations Difficult to delete Metadata 2.5 terabytes of data is equivalent to approximately 146 million pages of MS Word Documents OR 58,000 Banker boxes of paper documents Page 18

CHALLENGE OF DATA MAPPING & FLOW ANALYSIS Continued What is Metadata? Data about data What kind of information can you get? Creation/modification date Last print date Hidden text Hidden cells Author s name Saved history And much more Page 19

EMAIL POLICIES & RETENTION ISSUES

EMAIL POLICIES AND RETENTION ISSUES Industry Regulatory obligations Organizational culture Business needs Risk tolerance TECHNICAL CONSIDERATIONS Local email archives Hosted or enterprise solutions Functional requirements Non-functional requirements MATURITY MODEL APPROACH Understand your technology infrastructure Define the various stages within the maturity model that is applicable to your industry, organization, business needs, risk tolerance, and regulatory obligations Develop an email retention policy and implement technologies that are practical and compatible with the policy Regularly re-visit and update the model as business regulations and technologies evolve Expectation of Privacy?? Page 21

Current Trends: RECORDS RETENTION

RECORDS RETENTION BEST PRACTICES Determine retention policy Many policies are OK 60 day delete Keep everything Rigorous records management Prepare process for legal holds Determine process Use technology Map out data sources Where is it and in what format TRIGGERING EVENTS Lawsuit Subpoena Preservation letter Regulatory investigation letter Reasonable Anticipation of litigation Threat of litigation Employee storms out in a huff Etc. Page 23

EFFECTIVE RECORDS RETENTION POLICY Establish Goals Management supported Teaming with IT, HR, and Legal Conduct a current inventory of records maintained both electronically and hardcopy Assign retention periods Include a Litigation hold period Include a destruction procedure Review the policy annually and monitor for compliance Page 24

PRESERVATION BEST PRACTICES Identify Key Players Select relevant date range Take preservation steps Communicate preservation obligations - OR - Use technology to take users out of the loop Immediate obligation Use data map Page 25

CONCLUSION BDO CONSULTING, Litigation & Fraud Investigation Services Page 26

ABOUT BDO CONSULTING BDO Consulting, a division of BDO USA, LLP, provides investigation, litigation, business restructuring, valuation, and risk advisory services to clients in the United States and internationally. Our highly experienced and well-credentialed professionals leverage the global industry and accounting knowledge of the BDO international network, providing rapid, strategic advice to assist our clients. www.bdoconsulting.com To ensure compliance with Treasury Department regulations, we wish to inform you that any tax advice that may be contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding tax-related penalties under the Internal Revenue Code or applicable state or local tax or (ii) promoting, marketing or recommending to another party any tax-related matters addressed herein. Material discussed in this publication is meant to provide general information and should not be acted on without professional advice tailored to your individual needs. 2013 BDO USA, LLP. All rights reserved. www.bdo.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information