If you have lost access to important data and you need expert help in retrieving it quickly, safely and cost effectively, then you have found the right company.
Data Recovery Services
Request a Quotationman holding mobile phone

Request a consultation with a
Legal Technologies Consultants.

Request a Consultation now

 
 

Computer Forensics Investigations

A computer forensic investigation is an analysis of all the information stored within a computer, (not just the documents), to determine what actions were performed, and by whom.

Every document created and any activity that is conducted with a computer leaves a trail of evidence that can be followed and investigated by an expert in this discipline.

Many people now know that the word ‘delete’ in relation to a computer file, does not actually mean delete. More often than not, the data that was intentionally deleted still resides on the internal memory storage of the computer, (e.g. the hard disk drive). With the right skills and tools, these files can be recovered and provided for review at a later date.

What many people do not know is that most other actions that are performed with a computer can also be investigated. A modern operating system such as Microsoft Windows™ creates files and logs that allow an expert to determine who did what, when and how. A forensic expert can piece together such information to reveal a computer user’s conduct, sometimes even years after the events took place.

The following are just some examples of the type of evidence that can be obtained. A computer forensic expert can determine;

  • who logged on to a single computer or network of computers and when
  • what documents have been opened, read or changed and when
  • which documents were seen by whom, and which documents contain certain words or phrases
  • what documents have been copied, printed or emailed out and when
  • what websites or other external computers have been visited, and what data has been downloaded
  • what storage devices have been attached to a computer, and what if anything was copied to or from them
  • what communication that computer has had with the outside world, (e.g. connection to web email servers, or financial systems)
  • where an email came from, even where the senders email address is ‘spoofed’ or is covert
  • who was saying what with an Instant Messenger
  • what are the contents of encrypted or password-protected files.

In a nutshell, if someone has performed an action with a computer, it is likely that the activity can be investigated and an expert’s report created.