General discussion


DOWNLOA 10 things about computer crime evidence preservation

By Bill Detwiler Editor ·
You've detected a computer crime and decided to report that activity to law enforcement. Before you touch the affected machine, open a single event log, or run another program; you must secure all digital evidence. Yet the steps necessary to maintain the integrity of digital evidence often run contrary to common IT practices. This download tells you what to do and what not to do in the aftermath of a computer crime. Don't let simple mistakes, such as powering off the machine or accessing affected files, ruin the chance of a successful prosecution.

We've turned the PDF version of his list into a PowerPoint presentation so the information can be shared and discussed with your IT staff. This fourteen-slide presentation covers 10 things every IT professional should know about computer-crime evidence preservation.

Download and review the presentation:

Join this ongoing discussion of this download and share your experiences with the aftermath of a computer crime. Also, let us know if our Computer crime evidence-preservation checklist provided helpful information and if there's anything we can do to improve the document's format.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums