Monday, April 2, 2012

10 Tips for Conducting a Preliminary Online Private Investigation

In the past, private investigators and attorneys spent a great deal of their investigative time in the field. Traditional methods of gathering evidence involve interviewing witnesses, friends, family members and acquaintances, examining crime scenes, taking photographs, conducting undercover surveillance and visiting libraries and dingy storage rooms to hunt down dusty records.

While there is certainly no substitute for hiring a professional to spend time gathering physical evidence in the field, today an important part of an investigation can be preliminarily accomplished with nothing more than a telephone, reliable laptop and an Internet connection. Conducting thorough and successful preliminary online investigations can generate substantial value before ever setting foot in the field.

Here are some tips for conducting an effective preliminary online private investigation to gather background information about a subject:

    Take detailed notes. Don't rely on your memory to keep track of the thousands of pieces of data that you will encounter. Write down all the searches you have run and catalogue all the relevant results.

    Start with the major search engines. Google, Yahoo, Bing and other free Internet search engines are always the best place to begin gathering leads for your preliminary investigation. However, remember to try using a variety of search strings to broaden or narrow your search. For example, searching for "John Smith" is going to be too broad, but searching for "John Albert Smith, owner of a Brooklyn construction company" may be too narrow. By constantly applying a variety of flexible search terms, you will ensure that you don't accidentally exclude potentially valuable results. Also, if you locate a target's e-mail address, make sure to search for it in quotes. Such a search may reveal blog comments or other relevant information.

    Maps: GoogleMaps and Mapquest offer satellite and street views of relevant address locations. Getting directions to and from relevant locations may also suggest frequent routes of travel worth exploring.

    Social Media sites: Today, many people will openly reveal a treasure trove of information about themselves on social networking sites without even realizing it. Even a basic profile on Facebook or LinkedIn can contain valuable information about where the person you are searching for is currently working and where they went to high school or college. Once you have identified a target's profile on a social media site, expand your search efforts to catalogue their family, friends, contacts and those who they are associated with in photographs.

Thursday, March 15, 2012

File Integrity Monitoring And The Art of Layered Security

There is an art and a skill to building an effective security framework which requires a process, methodology and a set of tools that is right for your environment. The 'art' of good security and compliance requires an integrated and layered approach that can continuously monitor and evaluate all IT System activity in real-time to identify potential risks and threats from both internal and external sources.

The process, methodology and tools come together within this layered approach to provide the security needed to effectively and efficiently protect the environment and ensure a secure and compliant state. One of the best known examples of a formal security standard which utilises a layered security approach is the PCI DSS. PCI compliance requires adoption of all proven best practise measures for data security in order to protect cardholder data.

What is the Art of Layered Security?

The technology should be 'layered' to maximize security - including Perimeter Security, Firewall, Intrusion Detection, Penetration & Vulnerability Testing, Anti-Virus, Patch Management, Device Hardening, Change & Configuration Management, File Integrity Monitoring, Security Information and Event Log Management

The project should be delivered in a phased approach - understand the scope and environment, groups and types, priorities and locations to build up a picture of what 'good looks like' for the environment. Track all aspects of change and movement within this scope and understand how these relate to the change management process. Start small and grow, don't bite off more than you can chew

Utilize an integrated ecosystem of tools - events and changes happen all the time. Ensure the systems have the intelligence to understand the consequence of these events and what impact they may have had, whether the change was planned or unplanned and how it has impacted the compliant state.

File Integrity Monitoring vs. Anti Virus

File integrity monitoring works on a 'black and white' change comparison for a file system. FIM detects any changes to configuration settings or system files. In this way, FIM is a technology prone to false alarms, but is utterly comprehensive in detecting threats.

For each file, a complete inventory of file attributes must be collected, including a Secure Hash value. This way, even if a Trojan is introduced to the file system, this can be detected.

Anti-Virus technology works by comparing new files to a database of known malware 'signatures' and is therefore less prone to false alarms. However, by definition therefore AV can only detect known, previously identified malware and as a consequence is 'blind' to both 'zero day' threats and 'inside man' threats. Similarly, the Advanced Persistent Threat or APT favored for both Government-backed espionage and highly orchestrated intellectual property theft initiatives will always use targeted malware vectors, used sparingly to avoid detection for prolonged periods of time. In this way, Antivirus is also an ineffective defense against the APT.

The Art of Layered Security determines that both technologies should be used together to provide the best possible protection against malware. Each technology has advantages and disadvantages when compared to the other, but the conclusion is not that one is better than the other, but that both technologies need to be used together to provide maximum security for data.

The State of the Art in File Integrity Monitoring

The state of the art in FIM for system files now delivers real-time file change detection for Windows and Linux or Unix. In order to detect potentially significant changes to system files and protect systems from malware, it is essential to not just simply run a comparison of the file system once per day as has traditionally been the approach, but to provide an alert within seconds of a significant file change occurring.

The best File Integrity monitoring technology will also now identify who made the change, detailing the account name and process used to make changes, crucial for forensically investigating security breaches. It is good to know that a potential breach has occurred but even better if you can establish who and how the change was made.

Saturday, February 25, 2012

Importance of Computers in Medical Sector

Computers have now become an inseparable part of our life. Be it school or colleges or offices or hospitals or home, there is hardly any place where you can't see a computer. The importance of computers can't be confided in words. Apart from making our work simpler, easier and faster, computers have actually helped humans in many life threatening situations. And this contribution can't be put into words.

Especially in the field of medical and hospitals, we have seen so much advancement which was not possible had it not been computers for our help there. In this article we will discuss some major areas in medical sector where computers have helped us humans and made our lives simpler, easier and better.

1. Computerized Robotic Operations: Earlier days, if a patient is sick and needs treatment from the doctor, the doctors from the hospital have to be available in the hospital with that patient all the time. Performing diagnostics, operating a patient and post operation checkups required a doctor to be physically available near the patient. Now it's not the case. With the advancements of computers, hospitals have introduced cutting edge technologies and treatments methods using which a doctor can perform the diagnosis and checkups thousands of miles away from the patient.

Even operations are performed remotely with the help of robotic arm. The introduction of robotic operations has made lives of so many needy patients easier. If certain services are not available locally, the patient now needs not to travel hundreds of miles to go to a better hospital. The hospital and its services will come directly to him/her. The doctor can perform the remote operation with the help of the robotic arm placed near the patient and checking all the vital body factors on the digital display in front of him/her. It's literally like doctor is performing the operation in person. The introduction of robotic operations has made the operation and treatment of the needy patients much faster, easier and cheaper at the same time.

2. Computerized Internal Diagnosis: There are often scenarios where the doctor needs to perform the internal diagnosis of the patient to get the clear picture and state of the disease. Certain tumors and cancer may seem neutralized from outside but from inside the situation can be completely opposite and this can't be found out until unless a proper internal diagnosis of the infected body part is performed. Even performing CT Scans, X-Rays and other scans can't give a proper state of the disease and can delay the treatment at the same time.

The introduction of computerized internal diagnosis has made the job so much easier, faster and effective. While employing the computerized internal diagnosis, most of the times a computerized tiny robot with a camera head is inserted in the body of the patient. The tiny robot makes its way through the infected part of the body providing real-time images of the internal parts at the same time. The doctors can literally see each and every area of the infected part and then can make justified decision about the criticality of the disease and can perform the treatment accordingly.

3. Computerized Electromagnetic Treatments: There are many minor to moderate internal and external medical problems which are now treated using the electromagnetic technologies with the help of computers. Many skin, hair and eyes related problems are now being resolved using the laser, radio and electromagnetic technologies.

Earlier these situations and many such medical ailments require performing an operation and keeping the patient in hospitals for days. With the introduction of electromagnetic treatments, these problems are being taken care without the operation and the patient need not to be hospitalized either. The patient can simply walk out and perform his/her daily rituals as earlier.

These are some of the very basic areas where computers have found their way to show how important they are in our medical sectors. Everyday new advancements are made in the medical sectors, many incurable diseases are now curable and all this is because of the advancement in the computers and technology sector. With computer's speed, efficiency and applications increasing every day, many more improvements are expected in near future.

Thursday, January 5, 2012

The Science of Computer Forensics

Ever since their invention, personal computers and networked computers have found favour with the professionals and the layman alike. The usage has increased several fold over the years. Like any new invention, the misuses too have grown. In fact the misuses have grown really out of proportion. Cyber Crimes as these are called has really reached damaging levels. These include breaking into the bank accounts through internet banking or use of pilfered Debit cards, phishing, hacking of accounts, identity thefts and data thefts.

This new branch is a slowly evolving new field of study. The aim of this branch of computer science is to determine the modus operandi of the cyber thiefs and not only bring them to book, but to prevent such criminal acts in future, through proper softwares and of course legislations.

Forensic techniques and expert knowledge are largely used to explain how the device has been tampered with, such as a computer system, storage medium, electronic documents (e.g. email messages or JPEG image).The scope of a forensic analysis can vary from simple information retrieval to reconstructing a series of events. This branch has been defined as involving "the preservation, identification, extraction, documentation and interpretation of computer data". Computer forensic methodology is backed by flexibility and extensive domain knowledge and is often the culmination of hardwork, intuitive observations and proven inferences.

Through appropriate legislation, in India, forensic evidence is subject to the usual requirements for digital evidence requiring information to be authentic, reliably obtained and admissible.

Computer forensic investigations usually follow the standard digital forensic process (acquisition, analysis and reporting).

A number of techniques are used during computer forensics investigations like cross-drive analysis, analysis of deleted files etc. The examination of computers from within the operating system using custom forensics or existing sysadmin tools to extract evidence. A common technique used in computer forensics is the recovery of deleted files.

Although it is most often associated with the investigation of a wide variety of computer crime, computer forensics may also be used in civil proceedings. The discipline involves similar techniques and principles to data recovery, but with additional guidelines and practices designed to create a legal audit trail.

Friday, December 2, 2011

Ten Characteristics Of Cloud Computing

It is impossible for businesses to operate efficiently without investing in information technology. There are different information technology facets that can be synergized to improve capacity. Cloud computing platforms enable business owners to provide better services as well as cut down infrastructure expenses. The following are 10 key characteristics which make this technology business friendly.

1. Scalability

It is important for cloud computing services to be easily scalable if any additional enhancements are needed. If you require extra bandwidth or data storage capacity, this can be easily scaled up without any problem. This cuts down extra project costs that would have gone towards procuring and installing the required infrastructure.

2. Robust IT Integration

The majority of businesses it prefer business service centered models. In a scenario where you do not have to set up the system and network administration, business side tasks become easier.

3. Multiple User Tenancy

These resources can be easily shared among many users without impacting performance negatively. This characteristic makes it easy for both service provider and consumer to utilize efficiency better.

4. Reliability

Businesses which rely on on-site systems can suffer substantial losses if malfunctions or breakdowns occur. However, cloud computing can leverage multiple site advantages to offer the same services even if one site suffers a breakdown.

5. Usage-Based Billing

As a business owner, cutting down costs at every opportunity can improve profitability significantly. It is based on consumers paying for services and resources that they have used.

6. User based service management

Back end system administration and maintenance duties are taken care of by the cloud service provider. This means that you can concentrate on improving business productivity by using the intuitive user interface to access cloud computing services.

7. Economies Of Scale

Most of the cloud computing providers have many business customers using the same service. This feature makes it possible for the providers to buy bandwidth at a lower cost than you would individually.

8. Better Business Data Security

The prospect of losing valuable business data to hackers has led many business owners to invest in expensive data security solutions. However, using its services cuts this risk dramatically as the providers invest heavily in securing consumer data.

9. Broad Network Access

You can easily access cloud computing services using standard Internet protocol technologies. This increases accessibility without adding unnecessary infrastructure expenses.

10. Dynamic Computing Infrastructure

It is important for the poviders to rollout a dynamic infrastructure which can cope with varying consumer demands. This includes automated service workload allocation and high levels of available capacity utilization. Remember that regardless of your business needs, cloud computing gives you the ability to transparently monitor system performance and efficiency. In addition to the benefits outlined above, you do not have to worry about underutilized assets which cost a lot of money to acquire and install.

Tuesday, October 18, 2011

Learning To Speak Computer Language

Most businesses today need to take advantage of technology in order to maintain a certain level of success. If you own a business that uses computers, it is important for you to make sure that everyone that is within your business is up-to-date on the latest information about those computers. This is true when it comes to operating the computer properly as well as being able to surf the Internet safely without having to worry about viruses and spyware being problematic. It also is important for you to understand how to speak computer language, as that is becoming an art form that is very frequently overlooked within the business community.

The first thing that you should understand about computers are some of the basic terms that are used in order to talk about the computer properly. Rather than thinking you are dealing with a lot of technobabble, it's important for you to understand the basic terms so that you can speak to somebody about your computers intelligently. One of the reasons why it may be necessary for you to do so is if you are having problem with the computer and need any type of repair done. It may also be necessary for you to speak a computer language properly during any type of IT recruitment, as you would want to ensure that you are getting individuals onto your IT team that understood computers very well.

It may also be necessary for you to take some type of computer based training so that you can properly inform your employees as to how they should be using the computers on a daily basis. If you have ever heard the saying that something is only as strong as the weakest link, that is especially true when it comes to a computer network. If somebody that is working for your company is acting recklessly online, it is likely that problems are going to occur that will cost you both time and money. By educating your employees properly about the use of the computer, particularly when it comes to using it online, you will save yourself quite a bit of frustration.

Along with learning about computers and the technical terms that are necessary to speak about computers intelligently, it is also important to make sure that you are updating your equipment regularly. Of course, it is not going to be necessary for you to keep up with the absolute latest in technology, as that is continually changing. What is necessary, however, is for you to ensure that all of the software that is running on your computers is updated regularly. If any type of a patch is given for a software that you are using, be certain that you install it as soon as possible. The same is also true for any updates for antivirus or anti-spyware programs that may be operating on your computers. By updating those programs regularly, you will help to ensure that you are keeping your computers as safe as possible from all the latest threats that may be in the world.

Tuesday, September 20, 2011

Steganography - An Introduction to Cyber-Encrypted Messages

Steganographic methods are numerous. We see examples in spy movies and novels like invisible ink, microdots and plain cyphers. It seems only natural then that this covert means of sending messages would migrate into the cyber world of computers.

Computer technology opened up a whole new avenue of hiding messages using the hidden code on a page. In fact using the electronic means of communication as most of us do, messages can be hidden within Web pages, images and online video and audio.

Monday, August 15, 2011

Measures to Prevent Slowing Down of Computers

Initially, when people buy their computers they are pretty fast. However, over a period of time the speed is reduced drastically. It is mainly due to the fact that you haven't taken care to maintain it. If you frequently use computers, then for sure you would have encountered such a problem at times. However, you can optimize their performance by taking some of the simplest preventive measures.

There are a number of factors that can affect the performance of your computer. Most users use the internet surfing on their computer and download a number of unwanted files along with the wanted ones. There can be virus or worms that can harm your computer. They take some memory to be active and hence, degrade the performance and slow down your computer.

Factors to be considered to control slowing down of computers