Collecting Data in a Remote Investigation
Methods for collecting data in an investigation include scanning paper documents, imaging hard drives, capturing emails from servers, and extracting structured data. When investigations are conducted remotely these tasks can be more difficult. With today’s work environment moving in a more remote direction, it is imperative to develop ways to work through issues caused by physical distance. When considering best practices for remote data collection, it’s useful to examine ways to approach to retrieve paper documents and electronic data.
Paper Documents: Although the volume of paper documents created by an organization has greatly decreased, investigators still encounter paper records. The first step is to determine the location of the records. Some organizations store hard copies at office storage facilities. Once the documents are located, it is imperative to select a reliable third party vendor for the conversion of paper to electronic. A reliable vendor will retrieve the document boxes, scan, and upload the documents for review. Some vendors are even able to bring scanning equipment on-site.
Electronic Data: The three primary sources for electronic data were computer, email, and servers. In more recent years, “the cloud” and mobile devices have also become primary sources for data. Collecting data from so many sources can be a daunting task. Data from a mobile device can be collected by creating a backup of the device or sending the device to a forensic lab. Investigators can work with an organization’s IT department to gain access to data stored on “the cloud.” It is also possible for an organization to provide investigators with a screen-sharing link to facilitate remote imaging. Using this link, investigators remotely take control of the system so they can create a “live” image or target specific files. However, this method is not useful for large volumes of data.
Collecting data in a remote investigation can be accomplished effectively and securely. These remote methods ensure the integrity and completeness of paper and electronic data collection.
For more Tidbits & Thoughts, please click here.
