Computer Forensics, still a rather new discipline in computer security, focuses on finding digital evidence after a computer security incident has occurred.
The goal of computer forensics is to recover damage, determine what happened and track activities that may cause damage in the future. The results of a forensic investigation may be used in criminal proceedings or employee evaluations. Ideally, digital forensic analysis should be an integral part of your organization's Incident Handling process.
- Password Recovery
- File Recovery
- Hard Drive Recovery
- Workstation Monitoring
- Employee internet abuse detection, prevention
- Detect inappropriate computer use
Of course prevention is the best cure. Security measures such as properly scheduled and maintained backups and a consistent computer policy can to much to prevent problems.