|
We can also include additional keywords you might want to check. Such a
customized words list could reveal illicit communication with your competitors… or you may want to determine if proprietary
information is vulnerable or is being transferred.
Our report will print out the keywords and the context of their usage along with
the exact location on the hard drive where the keywords can be found.
ComputerCOP™ makes use of a "multi-view image review" and "word category directory tree", both of which assist the professional investigator in the computer review process after the search of the suspect machine.
By performing the search process from the examiner's machine, it is impossible for any changes to be made to the suspect computer during the search thus avoiding any possible contamination of original equipment or files.
Using the ComputerCOP™ software, DSI can examine all the suspect computer's local drives for files, deleted files and unallocated disk space. We
are also able to search and review the "file slack" (the disk area between the end of the file and the end of a disk cluster where the file is stored) for all file types. Both the "file slack" and the
"RAM slack'" are scanned and reviewed remotely via a parallel connection.
At the conclusion of the examination, opening the "Case Reporter" reveals the case number and the computer serial numbers of each examined
computer in the case. With a click on a serial number, the examiner is presented with the print options of: The Report Cover Page, The Audit Trail that demonstrates the activity during the examination, The individual pieces of
evidence with all the relevant data and description, The Evidence Log, The Evidence receipt, and Court Return.
For additional information or assistance
on how DSI can track down the improper or
illegal use of your business computer systems,
call us at: (215) 576-7336
|
TM