Computer Security Education
Computer security education is an important element of providing a safe environment for digital assets.
CCC has provided a variety of education and awareness programs on different aspects of computer security, these include:
Get users to ‘buy into’ security…
- Advising on how to undertake internal investigations, covering requirements for gathering evidence, also any potential pitfalls that may be encountered.
- Educating employees on client policies and procedures in place.
- The possible consequences of a breach and hence the reason for policies and procedures.
I.T. Security Awareness
Typically, talks and presentations are aimed at raising both staff and client awareness. As a result, this can be in a number of forms and are often conducted in an informally, with Q&A sessions, combined with examples and demonstrations.
Users with little or no technical abilities, who do not to ‘buy into’ policies and procedures and look to take shortcuts, will increase risk. Whereas those that understand the need to comply are likely to improve security. We have frequently we have found users circumventing or bypassing security measures. Simply because they were either unaware of the implications. Or as a result of poor procedures, they were bypassed, due to the impact on work, if complied with.
- Computer Security – General
- Computer Security – Advanced
- Policies & Procedures
- Computer Forensics
- Forensic Laboratory – Set-Up
- Malicious Programs
- Wireless Exploitation
- Password Security
- Penetration Testing
We have frequently found passwords to be a bone of contention. With users having difficulty remembering them, as a result of their complexity or the frequency with which they are changed. It is quite possible that the reason for this is, a lack of knowledge by the policymaker in relation to the real lifespan of a password, with decryption being frequently cited as the main reason for the policy. Most policymakers have no real experience of what is actually required to break a password. As a result, a ‘belt and braces’ approach is taken, without fully understanding the impact on users or the increase in risk this may have. Good quality passwords can take years to decrypt, even with fastest processors. For that reason, extending the life of a password for a more reasonable period would have a positive effect without additional risk.
Finally, senior management also need to be seen complying with policy.
We have also provided awareness presentations and assistance to a number of law firms in relation:
- eDiscovery applications
- Ex parte applications & data acquisition
- Electronic client data
- Intelligence gathering
Our expertise and experience, uniquely combines electronic forensic skills, with an understanding of corporate finance.
Asset Tracing – Audit – Computer Security – Digital Forensics – Due Diligence – eDiscovery – Fraud Investigation
Intelligence Gathering -Passwords Analysis – Penetration Testing – Wireless Security
Services underpinned with expertise and experience.