1 / 19

PPB Forensics – May 2010

PPB Forensics – May 2010. IP Theft. IT Forensic Solutions. Chris Hatfield. Senior Manager, IT Forensics. Risk Management.

kim-gay
Download Presentation

PPB Forensics – May 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PPB Forensics – May 2010 IP Theft IT Forensic Solutions Chris Hatfield Senior Manager,IT Forensics

  2. Risk Management The process of determining the maximum acceptable level of overall risk to and from a proposed activity, then using risk assessment techniques to determine the initial level of risk and, if this is excessive, developing a strategy to ameliorate appropriate individual risks until the overall level of risk is reduced to an acceptable level. http://en.wiktionary.org/wiki/risk_management

  3. Security Triad

  4. Security Triad

  5. Authentication

  6. Layer 1

  7. Layer 2

  8. Layer 3

  9. Sources A B C

  10. Mobile Devices A B C E D F G H J I K L M O N

  11. Hard Copy A B C

  12. Web mail, mail clients and mail servers. Email Communication A B C

  13. Local, Remote and Hosted. Data Locations A B C

  14. Pro-Active Solutions

  15. Pro-Active Solutions • Data transfer restrictions • Internet Logging • Personal email restrictions • Disable unnecessary media connections (USB/CD) • Monitor USB connections • Restrict working hours on IT equipment • Monitor/log printing habits • Monitor customer relationship software • Restrict access to only data they require access to • Log user activity • Keep reliable backups • Multi user authentication

  16. Re-Active Solutions POLICE POLICEPOLICEPOLICEPOLICEPOLICEPOLICEPOLICEPOLICE

  17. Re-Active Solutions • Control crime scene • Equipment • Locations • People • Contain evidence • Forensic image • Backup tapes • Physical segregation • Evidence continuity • Do not touch original • Document all actions

  18. Re-Active Solutions • Conduct Forensic Analysis • Time of compromise • Extent of compromise • Threat assessment • USB access lists • Internet activity • Events timeline • Personal email activity • Business email activity • Printing activity • File access

  19. Joe Dicks Partner, Melbourne 03 9269 4209 jdicks@ppb.com.au Phillip Russo Director, Perth 08 9216 7634 prusso@ppb.com.au Andrew McLeish Senior Manager, Melbourne 03 9269 4276 amcleish@ppb.com.au Chris Hatfield Senior Manager, Sydney 02 8116 3271 chatfield@ppb.com.au PPB Forensics – May 2010 ? Questions

More Related