Monday, July 06, 2009

Build Your Own Digital Evidence Collection Kit

by David Kovar, NetCerto, Inc.

Collecting evidence accurately is clearly a foundational element for any ediscovery or forensics analysis project. The equipment required is important, but so are the supporting items – office supplies, forms, and documentation tools. And if you cannot find the items, or get them to the destination, it doesn't matter how great your tools are.

This kit, and the thoughts and processes behind it, attempt to address concerns I've encountered while doing collections all over the world. That said, it isn't perfect, even for my own needs. Treat this as a framework for building your own kit and if you can improve on this, please let me know how so I can improve my own processes.

Bear in mind that, in addition to this kit, I carry a laptop backpack everywhere. The backpack has my primary laptop for note taking and Internet research with WiFi and a cellular modem, cell phone cables, spare USB thumb drives, food, reading materials, and other basic necessities of any computer forensics analyst...


1 comment:

Anonymous said...

Excellent looks like a great place to start. Im new to the field of forensics but I have been using the tools for data recovery for a few years and its reassuring to see a list that closely resembles my own set up. As with any tool kit mine is always being refined and updated. So your list has given me more ideas than my budget will allow.

Thank you