Digital Forensics is dedicated to preventing, detecting and resolving high technology crime and/or malfeasance issues within your organization.
Security is about more than just technology. Corporate security strategy needs to encompass all elements within the organization which are responsible for setting and implementing policy. This includes, but not limited to; Physical Security, Information Security, Human Resources, Legal and Public Relations with senior management providing a leadership role by setting requirements and defining parameters for their implementation.
A frame work from which these individual departments can operate effectively to establish a comprehensive security plan is highly desirable. Accordingly, DFI recommends employing the practice and procedures found in the Incident Response Plan family of doctrine. If you know what you are responsible for when an incident occurs – chances are you can take action in advance to mitigate the threat…..
“Given the certainty that attempts will be made to compromise system and network security, and the likelihood that these attempts will succeed, every company, large or small, must be prepared to respond effectively to security incidents when they occur.” Even sophisticated, state-of-the-art security systems are not foolproof – thus, regardless of where a company is in the “security spectrum,” an organized incident response capability is of the utmost importance. Computer Security Incident Response Planning – Preparing for the Inevitable.” Internet Security Systems, 2005
A recent article by Mr. Heath, Titled; “Beware Of The Inside Job – Is Your Trusted Network Truly Trustworthy?” Discusses at length the issue of INTRANET security vis-à-vis trusted individuals within an organization. In this article, Mr. Heath discusses in depth the information system architecture of many organizations and offers thoughtful insight on potential ways to mitigate exposure to an internal threat.
DFI has extensive capabilities to assist corporate clients in identification and reduction of threats to their product, information and/or reputation.