DocumentCode
3208161
Title
Protecting corporate ICT infrastructures by using digital forensics
Author
Naqvi, Syed ; Dallons, Gautier ; Ponsard, Christophe
Author_Institution
Software & Syst. Eng. Dept., Centre d´´Excellence en Technol. de l´´Inf. et de la Commun. (CETIC), Charleroi, Belgium
fYear
2010
fDate
8-10 Oct. 2010
Firstpage
255
Lastpage
258
Abstract
Digital forensics is usually seen as a specialised domain of information and communication technologies (ICT) that is employed when a serious crime involving ICT is committed. It is by and large seen as a responsibility of the computer crime units of law enforcement agencies to conduct examinations of the ICT resources used in a crime. The staff members of a corporate ICT team are therefore not required to acquire the digital forensics analysis skills and the corresponding investigation tools. This trend is experiencing a significant shift in the recent years as the commercial interests of corporate sector increasingly require the post-incident analysis capabilities to ensure business continuity. This paper highlights the role of digital forensics in the corporate ICT infrastructure. It presents a framework for embedding digital forensics analysis techniques at various stages of corporate ICT lifecycle. A set of best practices for the corporate ICT security policy is also outlined to keep the operational costs of digital forensics at the optimal level.
Keywords
business continuity; computer crime; computer forensics; business continuity; communication technology; computer crime units; corporate ICT infrastructures protection; digital forensics; information technology; law enforcement agencies; Best practices; Computers; Digital forensics; Security; ICT security architecture; business continuity planning; corporate ICT infrastructure; digital forensics analysis;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Information Systems and Industrial Management Applications (CISIM), 2010 International Conference on
Conference_Location
Krackow
Print_ISBN
978-1-4244-7817-0
Type
conf
DOI
10.1109/CISIM.2010.5643653
Filename
5643653
Link To Document