|
A
Business Tool
Computer forensics has become an increasingly
important part of IT security. A 2003 survey carried
out on 201 companies by the National High Tech Crime
Unit (in the UK) showed that computer related crime
is costing an estimated £195 million nationally and
within these figures over a third of this crime
involved company employees. Given these statistics,
many companies would not find it too difficult to
make a compelling business case to make sure both
data and systems are as secure as possible.
Computer
forensics entails gathering and examining data from
a range of electronic media – not just computers -
and this data can take the form of photographs,
downloaded images, text, documents, emails, internet
pages and any other information that is stored to a
hard drive. This data or evidence can then be used
in a court of law, employment tribunal or simply as
a sample of evidence to present to an individual
under suspicion.
Even
with suitable software investigations can be time
consuming, but can also produce some stunning and
unexpected results.
Employee Misuse and Fraud
Employee
misuse and fraud crimes are on the increase and can
vary from the misuse of computer systems to the
theft of corporate and financial data. These crimes
can occur due to disgruntled employees taking
revenge, underemployed employees looking to take
advantage of their situation or simply employees
engaging in criminal activity. The possibility that
the employee sitting next to you could be committing
offences while they work is certainly very real and
one doesn’t have to look very far in the local or
national press to read cases of employees caught
looking at pornography, accessing confidential
company information or stealing data.
Combating these types of computer related crimes can
be very expensive, particularly for small
businesses; however, being proactive in spending the
right amount on the security of systems and data is
a good place to start. Effective and regular
monitoring of systems is also a good idea in trying
to make it more difficult for individuals to commit
offences (and get away with them) in the first
place. However, with all the security and prevention
techniques in the world, businesses find it very
difficult to be 100% successful in stopping
employees taking part in these crimes whether they
be misuse or criminal activity and this is where
computer forensics is a very useful tool.
Computer
forensics is usually required after an incident has
taken place and is a very effective option in
providing evidence of misuse or crime. Forensic work
is effective in detecting or identifying suspect
activity as the methods used focus on the
individual’s usage of equipment over a period of
time. Computers automatically log when and how
images, text and documents were last created, viewed
or modified and together with physical time and date
activity the investigator can match an activity to
an individual.
Evidence and Data
Gathering
Securing
the continuity and validity of electronic data and
evidence in proving computer misuse and criminal
activity can be a real problem. Problems often arise
inside companies when IT Staff or Senior Management
fail to resist the temptation to investigate
equipment themselves and this can have serious
consequences. One of the most crucial elements of
computer forensic investigations is the preservation
of evidence and ‘non experts’ can easily overwrite
time and date information (the digital fingerprint)
by accessing material themselves. This time and date
information is vital in proving when data or images
were modified or viewed. The time and dates stamp
elements are particularly important in working
environments where more than one person has access
to a piece of equipment, e.g. a computer in an open
office used by several members of staff during the
day.
A
computer forensics expert will be able to limit the
potential for damage to data or evidence by
following the ACPO (Association of Chief Police
Officers) guidelines for retrieving electronic
evidence.This should ensure that the investigator
knows how and where to look for information without
compromising any potential evidence – hence it is
very important for ‘non-experts’ to resist the
temptation to look at data or evidence without
contacting an expert.
Employing Forensic Experts
Companies faced with a suspected criminal or misuse
case need to know how to go about making sure that
they follow the right steps in order to preserve
evidence and avoid alerting the individual in
question. The good practice ACPO guidelines are what
most UK computer forensic investigators rigorously
follow, but for the non-expert a few simple rules
are important for preserving data for evidence
purposes:
(Note:
Once a suspect or suspicious activity has been
identified it’s a good idea to start making notes on
the dates and times that an individual has been
using the computer or equipment in question. This
narrows down and identifies all possible users and
the times at which a suspect may have had access.)
The
advisable steps to follow are:
- Call
in an expert to advise on possible courses of action
- Do not alert the individual or anyone else
- Do not tamper or attempt investigation yourself,
you may interfere with evidence
- Do not switch the machine on or off, isolate the
power source instead
- Make sure all ancillary equipment, CD’s, floppy
disks, thumb drives and PC equipment are stored
securely
Computer
forensics experts are specialists and may also be
able to provide advice on security issues. Computer
misuse has become so common that detection and
effective monitoring of electronic activity, as part
of a solid computer usage and monitoring policy,
should now be a cornerstone of any IT or personnel
policy. All employees need to know that they are
subject to computer usage policies and be made aware
that the employer has some right to monitor this
usage (data protection and privacy laws are involved
here and the subject needs to be approached with
caution).
An example of computer
forensics in action
A senior
operations manager became suspicious of an
individual who often worked late without producing
results of increased productivity.
The
manager decided to ask his IT Manager to look at
some of the activity on the network in general
outside of normal office hours to see if there were
any irregularities. This network analysis showed
some high volume email activity during the hours
that the individual was working.
Without
alerting the individual, the business manager called
in a local computer forensics expert to assess the
situation. The expert took an image of the
individual’s computer (outside of office hours) and
then worked over the next day to look at the data.
The results were compelling.
The
expert found emails and documents that were sent to
a rival company in relation to a new job offer.
Subsequently the individual had begun to send
information to the rival on sales, budgets and
marketing plans.
A formal
report on the data was asked for from the expert and
this was presented to the employee who,
unsurprisingly, was shocked that he had been found
out and was dismissed on the spot.
On this
occasion, having assessed the information that had
been sent to the rival, the company decided not to
take the matter any further though could have gone
to court to sue for theft of company information.
The company did however undertake a complete review
of its systems, procedures and permissions policies
to look for where improvements could be made (with
the help of the computer forensics expert).
Focuses on five priorities:
-
Developing a Cyberspace security response system
-
Establishing a Security threat and Vulnerability
reduction program
-
Improving security Awareness and Training
-
Securing the Government's use of cyberspace and
-
Seeking International Cyberspace Security
cooperation especially with respect to information
sharing regarding vulnerabilities, warnings of new
threats, and co-ordination of response efforts.
|
Our
expertise:
-
Data Recovery
-
Data Safety
-
Ethical Hacking
-
Diversified Open Source Solutions -- IPtables,
Squid, Apache Web servers, Domain Migrations,
Mail Server, etc..
-
Cyber Laws and Indian IT Act
-
Computer Forensics
-
Enterprise PKI Solutions
-
Network Administration
-
Cryptography systems
-
Social Engineering & psychology
-
Access control systems & hardware
-
Exploitation & Denial-of-Service
-
Operating systems including Windows95/98/ME,
WindowsNT, Windows2000, Windows XP, DOS,
UNIX/Linux.
-
Mail Servers
-
Post-Graduate level Computer Science
-
Network architecture & topology
-
Information Technology systems
-
E-Commerce
-
CISA, CISSP, CCSA, CCNA, CCNP, NCQE, MCSE, MCP.
-
Programming & coding
-
Telecommunications, electronics & phreaking
Services
|
With the aim of being a one place for all
security related issues, the services
offered by us are Penetration Testing,
Vulnerability Assessment, Enterprise PKI
Solutions, Computer Forensics, Open source
solutions, Incident Response service,
Anti-Virus Solutions, Security Auditing,
Biometric Solutions, Wi-Fi security and
Training & Consultancy. Our services are
custom made and tailored to suit to the wide
array of different clients such as a
Government Organization or a Corporate
Business environment which engage us for
their security needs. |
|
|
|
|
Penetration Testing (Ethical Hacking)
An in-depth, comprehensive penetration
testing service that tests your systems from
an external (or internal) perspective. Our
Penetration Testing service employs a
combination of proprietary and public domain
tools that contain checks for recently
released vulnerabilities and custom attacks.
Using our Security Defense Appliance, we are
able to execute scans on your
Internet-facing perimeter devices and your
DMZ or internal networks. All scan results
are made available to you via our secure,
24x7x365 web-based Client Resource Portal.
The benefits of penetration testing are
Simple to arrange, Fast & cost-effective,
Scalable - only pay for what you use,
Conducted by experienced security
professionals and Unobtrusive - tested from
across the Internet.
|
 |
|
Vulnerability Assessment
Vulnerability Assessment expands upon
Penetration Testing by providing the most
in-depth view of the vulnerabilities in your
networks and systems through the use of more
advanced manual techniques. We map out your
network, just as an attacker would, to
identify the areas most likely to be
vulnerable. Our Vulnerability Assessment
Team reviews your automated scan results to
filter out false positives and to develop
and perform specific manual tests for
obscure and emerging vulnerabilities, which
may have escaped detection via automated
testing. This combination of automated and
human effort ensures an optimal blend of
speed and accuracy with quality results. |
 |
|
Open Source
The basic idea behind open source is very
simple: When programmers can read,
redistribute, and modify the source code for
a piece of software, the software evolves.
People improve it, people adapt it, people
fix bugs in it and this can happen at an
astonishing speed. |
 |
|
Anti-virus Solutions
We take a look at the Enterprise level
Anti-Virus protection in place, reviews the
existing configurations and protection
levels, threat coverage, and compliances
with baseline standards. We provide
practical recommendations for cost-effective
improvements & enhancements and ideas for
future direction. We also take a look at
clients Anti-Virus policies, review existing
policy guidelines and compliance for the
best antivirus protections. |
 |
|
Incident Response Service
Information is the most valuable asset of
the modern organization. The ability to
quickly respond to security incidents and
follow through with an investigation can
mean the difference between acceptance of a
major loss and apprehension and prosecution
of any intruder, with the accompanying
deterrent effect. For most businesses and
organizations, there is no option: apprehend
and deter. |
 |
|
Computer Forensics
We have the latest tools, techniques and
equipment to investigate and conduct for
digital evidence during internal forensic
audits, compliance audits, and general
civil/criminal investigations involving
electronic discovery requests. |
 |
|
Wi-Fi Security
Wireless networking is one of the hottest
new technologies in the field of computer
networks. This is also a cost effective
implementation of the networks without much
fuss of the cabling. In this scenario a
intruder can hack into network just by
sitting near an access point or he can even
hack during in drive or a journey which is
noting but a 'drive-by hacking'. We help you
mitigate such risks by implementing the WEP
and wide array of security techniques.
. |
 |
|
Training and Consultancy
We offers training for computer
professionals who would like to gain an
overall understanding of different issues
that surround the subject of computer
security and computer crime. We offer state
of the art training on a host of Web
Security related subjects such as Ethical
Hacking, PKI, Computer Forensics, Biometric
Solutions, and Steganography. These programs
are designed to give an in-depth inside into
various aspects of Security related to IT
enabled services.
|
 |
|
Enterprise PKI
Public Key Infrastructure (PKI) is a rapidly
emerging technology for conducting
communications and transactions over public
networks that are authorized, confidential
and binding. E2 Labs helps its customers
plan, select and implement certificate
authorization systems and provides technical
support including:
Key and certificate management for the
entire environment
User account management
Maintain Web site that provides user
information
Database and directory server management
Level one support
Remote systems monitoring and management.
We specialize in integration of public key
technologies to support transaction
confidentiality, integrity and
non-repudiation, including the deployment of
enterprise-wide Public Key Infrastructures.
|
 |
|
Security Auditing
If u have an existing security policy in
place, the Security Auditing will help you
to verify that its components are in use.
Our team will review your policy (and
develop it if needed) and then observe your
organizations compliance with the policy
guidelines. This is a valuable service for
any client that demands adherence to defined
standards. Our report will outline the audit
results, explaining the reasons each area
passed or failed.
|
 |
|
Biometric Solutions
Biometrics is one of the finest way of
implementing physical security. Traditional
methods of authentication is done by 'what
you know 'and 'what you have', while
biometric authentication authenticates by
'what you are' This is a science through
which a person is authenticated not just by
password, but by fingerprint scanners and
others.
|
 |
|
|
