In today’s increasingly evolving technological world, it is virtually impossible to commit fraud without evidence being stored on electronic devices of one kind or another.
These include : computer workstations or servers, CDs and DVDs, laptops, Notebooks, hard drives, cell phones/PDA’s, iPads/tablets, SIM cards, USB flash drives, printers, cameras and so on.
The existence of all these sorts of devices - and the fact that new models are released on an ongoing basis - only serves to emphasise the need to be proactive in the area of data management.
Add to the mix the reality that today, data considered to be confidential is often accessed and made available to a far wider audience than was originally ever intended. This may be seen with potentially disastrous consequences, for example, in the high-profile Wikileaks and Edward Snowden cases. You need to make sure that you have appropriate processes in place to manage cyber security, IT security, data recovery (and, if need be, electronic discovery) as well as conducting cyber/digital forensic investigations.
Broadly speaking, there are proactive and reactive aspects to consider.
Proactively, from a risk perspective, this involves preventing fraud by managing collected data as efficiently and effectively as possible.
Apart from this making common sense in terms of general management principles, you should also then be in a position to ensure that any fraudster gets his or her just desserts if he or she accesses your data unlawfully or irregularly.
More widely, however, state of the art software can be used to analyse large volumes of data and to identify trends which can assist you in managing your overall risk for fraud in your business or organisation. For example, in order to manage your supply chain management function more effectively, you may wish to consider periodic vendor database analysis, where checks can be run to look for possible linkages between vendors and members of staff, which may indicate some form of collusive activity.
Reactively, in the case of investigations, in order for computer-related evidence to be accepted in the relevant forum or court – be it disciplinary, criminal and/or civil - you will need to ensure that:
- evidence has been accurately collected and preserved; and
- there is a clear chain of custody from the crime scene to the investigator, and ultimately, to the relevant forum or court.
Apart from investigating and resolving computer security events, ranging from single system compromises to enterprise-wide intrusions by advanced attack groups that span hundreds of thousands of systems, Moore Stephens can also provide advanced forensic analysis of computers, mobile devices and network communications, delivering a comprehensive view into exactly what happened and who was involved.