Cloud computing is the new hot topic. Although many see using and sharing software hosted on the Internet as a natural next step in our exploitation of the World Wide Web, it can however pose a challenge to those involved in digital forensics investigations. Reliance by organisations on third-party providers of ‘Software as a Service’ (SaaS), ‘Platform as a Service’ (PaaS) and ‘Infrastructure as a Service’ (IaaS) solutions can significantly hinder the ability of internal or external forensics specialists to conduct digital investigations. None of the associated problems are insurmountable – but effective solutions may require considerable work and time. This paper examines the practical steps needed to ensure investigations can progress unhindered. Also identified are potential issues, practical solutions and the tools required to investigate security breaches in the Cloud effectively.

Download our white paper on digital investigations in the cloud from our publications page.

The way that the Ministry of Defence (MOD) responds to information loss incidents is more critical than ever. Whether it is a laptop left on a train or restricted emails appearing on an unrestricted network, the military have to act very quickly.

To help manage such security breaches, minimise their impact and cut down on similar incidents in future, the MOD’s Joint Security Coordination Centre (JSyCC) has implemented Blackthorn, an out-of-the-box solution for managing activities related to sensitive operations and issues. Blackthorn increases the effectiveness of follow-up activity, and helps the MOD to protect sensitive information.

Read more about how Blackthorn is helping safeguard data integrity for the MOD.

The University of Louisville is using QCC’s Blackthorn to help staff log suspected copyright infringement incidents and manage a complex follow-up process. The 2008 Higher Education Opportunity Act made American universities responsible for policing illegal file sharing by students. If the universities fail to do this satisfactorily, they can face heavy fines and the withdrawl of federal government funding.

In Louisville Kentucky where the student population tops 26,000, a British system is helping staff in their new role in a number of ways.

Firstly, it provides a system for tracking the 10-20 infringement notices each day from copyright holders. The high security of Blackthorn’s databases means the University is happy to consider content as legally admissible evidence, should a case ever come to court.

Blackthorn saves time, allowing staff access to a wide range of real-time information charts and tailored reports whenever they might be needed. Being a permission-based system, different staff can be given different access levels to ensure confidentiality where appropriate.

In addition, Blackthorn provides a streamlined working process for dealing with infringement cases in a way that is fair to all parties, open to scrutiny and not administratively onerous.

Find out more about how Blackthorn is helping combat illegal file sharing.

As a specialist in information security, you may be interested in Cloud Computing and specifically in the challenges accompanying investigations within a Cloud environment. Surveys of IT professionals on the adoption of Cloud Computing have highlighted concerns regarding security and other data issues such as ‘Trust’ in handing core information assets to third parties for storage.

A team of us here at QCC, a leading digital forensics provider and incident response specialists, will be holding a breakfast briefing on 9 February at our London office, from 08.30am to 11.00am, to explore the various legal, business and technical issues surrounding the ability to carry out investigations in the Cloud environment.

We are delighted to have as speakers:

Stewart Room, Senior Partner at Field Fisher Waterhouse

Stewart is a barrister and solicitor holding full Higher Court Rights of Audience, with over 18 years’ experience as a litigator and advocate. He has considerable expertise and reputation in data protection and data security matters.

Matthew Finnie CTO at Interoute

Matthew, a CTO for Cloud Service Provider, Interoute, will give an overview of Cloud Computing and focus specifically on what CSPs should consider that support not only the day-to-day confidentiality, integrity and availability of data hosted in the Cloud, but also significantly affect the opportunity for a successful digital forensic investigation.

John Douglas, Senior Analyst and Technical Director at QCC

John is an experienced digital forensic specialist who will give his own perspective on what needs to be in place in order to conduct successful investigations in the cloud environment.

I hope that you and/or a colleague will be able to join us for what we plan to be an interesting and highly interactive session.

RSVP:Marité Stragier on 020 7632 7134 or email briefings@qccis.com