Forensic Computer Investigations

The gathering of digital evidence takes specialized tools and personnel trained in specific techniques to conduct a through analysis of digital media...

As computers have become more prevalent in the business world, employers must safeguard critical business information. An unfortunate concern today is the possibility that data could be damaged, destroyed or misappropriated by a discontented individual. Computers and other digital devices can also contain evidence in many types of situations, including the theft of proprietary trade secrets, sexual harassment suits, allegations of discrimination, wrongful termination claims, employee theft and fraud. Digital evidence can be found in electronic mail systems, on network servers and on individual employee's workstations. However, due to the ease with which computer data can be manipulated, if the search and analysis is not performed by a trained Computer Forensic Specialist, the evidence gathered could likely be dismissed during an administrative or judicial proceeding.

Computer forensic investigations are becoming increasingly useful to corporate security departments worldwide. Diogenes LLC provides computer forensic services to corporations, attorneys, law enforcement agencies, private investigators and small businesses. We have the expertise and experience to properly handle digital evidence in criminal and civil cases and to subsequently provide expert witness services to corporate and law enforcement clients.

Here are a few of the services that Diogenes LLC can provide to prospective clients:

Complete investigative support to include the acquisition and analysis of digital media for presentation at a administrative or judicial proceeding
Detailed investigation of digital media for evidence recovery in civil and criminal cases
Creation of exact image copies of hard drives, floppy disks and other digital media for use in a criminal or civil proceeding
Enhanced analysis of audio, video and graphic files
Document, E-Mail and financial data extraction
Recovery of accidentally or intentionally deleted data from standalone PC’s and workstations
Advanced data recovery, to include extraction of “hard to find” files from network servers, RAID sets and Network Attached Storage
Redaction of undiscoverable (i.e. privileged) information from documents
Expert witness services
Documentation and data returned in a variety of admissible formats (e.g. CD’s, removable disks, tapes, or on paper)
Creation of custom investigative reports and PowerPoint® presentations for courtroom use

All of Diogenes LLC computer forensic specialists have been trained to conduct complex and extensive digital investigations based on the standards, principles, procedures and guidelines as set forth by the U.S. Department of Justice, National Institute of Justice, the Scientific and Technical Working Groups on Digital Evidence and the International Association of Computer Investigative Specialists (IACIS®) for the recovery, examination and presentation of digital evidence.

Investigative Protocols:

Diogenes LLC computer forensic specialists take steps to identify and attempt to retrieve all possible evidence that may exist on digital media, whether it is a floppy disk, smart card, a computer system or network attached storage. Some of the procedures our examiners follow according to U.S. Department of Justice guidelines are:

Protect the computer system during the forensic examination against alteration, damage, data corruption, or virus introduction.
Find and record all files on the system. This includes currently active files, deleted yet remaining files, hidden files, password-protected files, and encrypted files.
Recover deleted files.
Reveal the contents of hidden files as well as temporary or swap files used by both the application programs and the operating system.
Analyze all potentially relevant data found in special areas of a disk. This includes what is called 'unallocated' space on a disk as well as 'slack' space in a file (partial data from older files still residing in space on a hard drive that has been allocated to newer files but not used up by it).
Access the contents of password protected or encrypted files.
Report an overall analysis of the system, as well as a listing of all possibly relevant files and discovered file data. Provide an opinion of the system layout, the file structures discovered, any discovered data and authorship information, any attempts to hide, delete, protect, encrypt information, and anything else that has been discovered and appears to be relevant to the overall digital examination.

"Diogenes LLC follows comprehensive procedures as developed by the U.S. Department of Justice to establish and maintain a continuing chain of custody for the handling of digital media. Our procedures are designed to minimize the risk of damaging, destroying or otherwise compromising the evidence during the investigation of the targeted computer's data storage areas. Diogenes LLC investigators use a varity of tools including EnCase and FastBloc. EnCase is validated by the courts and allows Diogenes investigators to conduct a powerful, yet completely non-invasive computer forensic investigation. EnCase views all relevant files, including "deleted" files, file slack and unallocated space. FastBloc is the most advanced hardware write-blocking tool available and protects the original evidence."

To learn more, you may contact us by telephone (203.264.6802) or via E-Mail: GENERAL E-MAIL CONTACT FORM

Close this Window to return to the Services Page.

home | about us | services | resources | contact us