Digital Forensics: Restoring Authority to Human Resources Departments

Ashley Lane

Ashley Lane

Where Human Resources (HR) and IT Departments engage in a common cause, the outcomes can be immensely beneficial for the host organisation, and especially so in large organisations and wherever there’s a premium put on the use of sophisticated systems and equipment. Sometimes, however, there’s the risk that the systems end up running the people rather than the other way around. As Ashley Lane explains, in the sensitive and vital area of employee misbehaviour (including crime) there can be absolutely no room for doubt.

The overwhelming use of digital technologies may have provided the miscreant employee with the means and the opportunity to misuse systems and hardware, but this mustn’t result in an information ‘closed shop’ wherein remedial action is removed from HR Departments and left to the devices of IT.

From workplace bullying and sexual harassment through to the downloading of inappropriate material and outright fraud, digital technologies are ripe for abuse and capable of magnifying its impact. The very good news, however, is that those abusers who believe they’re operating under safe cover are fooling no-one except themselves.

Like comparable errant behaviour in the ‘real’ world, digital crime and malfeasance leaves a trail of forensic evidence. The technology exists to uncover it – and this technology is now available to all. With minimal training, HR Departments can now regain control of those issues which rightfully belong in their expert hands without having to bother IT staff.

Fast, accurate and powerful technology

Designed specifically for use by non-technical investigators and employed extensively in corporate, military and policing environments, forensic intelligence capability is now very fast, accurate and powerful, collecting targeted data or images from media such as hard disk drives, USB sticks and memory cards. All commonly used computers, desktops, tablets and mobile phones are subject to its scrutiny.

A study by Carnegie Mellon University in Pittsburgh, USA – a global research university recognised for its work in digital forensics – has reported that malicious insider activity goes undetected for, on average, 32 months.

Reporting this in The Guardian, journalist Julian Parker went on to say that: “Incidents can be costly, time consuming and damaging to corporate reputations. Insider threats such as fraud, the theft of Intellectual Property and sabotage must be tackled alongside those posed by external perpetrators.”

Alarming though these data are, it’s reassuring to recognise that time is no barrier to the forensic triage process, as the article’s author pointed out. “This is where digital forensics comes into play. When a user accesses the Internet, copies files to the cloud or a memory stick, sends an e-mail, burns DVDs or prints documents, they leave a forensic trail. This is especially true with smart phones, tablets and even specialised encryption and detection tools, which are often used by those attempting to cover their tracks.”

Ready for a Court of Law

The good news doesn’t end here, either. Not only will the application of digital forensics techniques discover and retrieve the evidence, it will present it in a coherent format and, crucially, in evidence-ready quality, acceptable at all levels of the judicial process from industrial tribunals to the High Court. This will, of course, cover a range of activities, for example those employees misusing company property to access indecent images and employees contacting competitors (for example by Skype) or messaging to pass commercially confidential information.

Even where offending e-mails may have been deleted, the digital forensic process will retrieve them and identify the source. For HR professionals, this ability to locate and attribute hard evidence is both vital and welcome, often leading to admissions of guilt, saving both time and money in going through lengthy legal processes.

In the past, such power was almost exclusively vested in highly specialised external providers, often working not with HR professionals, but with IT Departments, primarily on the basis that the exchange of technical expertise must rest in that interface. Today, the situation is quite different. The technology has moved on apace and many investigations can be undertaken by in-house staff when suitably equipped and briefed. Most providers offer short, sharp training support, sometimes requiring as little as half a day of the HR executive’s time.

Empowerment for compliance

Frank J Ohlhorst is an award-winning technology journalist who has put this succinctly: “Vendors are realising that the best way in which to grow their forensic tools market is to engage non-technical staffers by building products that are easier to use, offer automation and can accomplish a great deal of the investigative work unattended.”

Digital forensics technologies empower HR Departments to perform their role in ensuring the highest standards of compliance, individual behaviour and protecting corporate reputation.

Ashley Lane is CEO of Evidence Talks

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts