Security Basics mailing list archives
Re: Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...}
From: zach peerand <zpeerand () gmail com>
Date: Wed, 29 Jul 2009 15:45:30 -0700
this is a valid argument if it is a case that involves forensics, it happens and is mostly associated with criminal charges as outlined. E-discovery when dealing with civil cases normally does not end up with forensic investigation of storage media instead the common practice is to make copies of live systems or take the backups from live system and process that data that has been handed off to the lawyers when they ask for it. It is normally the defense side that incurs the cost of e-discovery and they are motivated under the Federal Rules of Civil Procedure to produce/provide all pertinent data associated with the case. The failure to do so has lead to fines and/or judgments against the defense for failure to produce the data. A lot of cases today deal with multiple terabytes of data and even the idea of doing a full forensic analysis on this in a civil case is cost prohibited so it is extremely rare that the original storage media is handed over in a typical e-discovery case. But I would say that the copy that is made of the data is treated as evidence and sound forensic procedures are followed to extract the data off the media to insure it is not altered in the process. So from a perspective of the average e-discovery case the source of the data be it a local server, a server hosted in a data center or something in a cloud somewhere as long as the data was accessible and can be exported/copied along with associated meta data it does not matter the source location. E-discovery and even forensics analysis of data under a criminal investigating is a much different concern then security of the data when thinking of the cloud and data storage. They all need to be thought about but each needs to be considered separately on a case by case basis. Now this is just my observations working at an e-discovery provider and as always when it comes to legal matters your mileage may vary and you should always consult with a lawyer first. -Zach Peerand On Wed, Jul 29, 2009 at 14:07, Ali, Saqib <docbook.xml () gmail com> wrote:
Fed on stand: "No we weren't allowed to check states or make bit copies..."Firstly, Google or any other SaaS provider operate under exactly the same laws that you do. You make valid arguments. But I suppose the same arguments were made when the world moved from paper based memos to email for official use. The memos were filed in a in a locked filing cabinet. And any type of tampering was fairly evident. But once we moved electronic mail, there was no locked metal filing cabinet. Everything resided on a user's PC, which could be infested with malware and rootkits. How do you know that some rootkit was not modifying or deleting the user's emails. The rules of investigation and evidence collection changed with the introduction of email, and same will happen when we move to cloud for email. Things change. Just my $0.02 Saqib ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...} J. Oquendo (Jul 29)
- Re: Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...} Ali, Saqib (Jul 29)
- Re: Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...} J. Oquendo (Jul 29)
- Re: Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...} zach peerand (Jul 30)
- Re: Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...} Ali, Saqib (Jul 29)
- Re: Cloud Forensics continued [Was - Re: Bruce Schneier on Google Apps...} Ali, Saqib (Jul 29)