ABOUT THE AUTHOR

Gary Audin
Gary Audin is the President of Delphi, Inc. He has more than 40 years of computer, communications and security...
Read Full Bio >>
SHARE

Gary Audin | January 24, 2013 |

 
 
share
 

CSI for the Cloud

CSI for the Cloud Cloud computing expands the scale of digital forensic activities. It also creates new cybercrime investigations with new challenges.

Cloud computing expands the scale of digital forensic activities. It also creates new cybercrime investigations with new challenges.

Cloud computing is a service you cannot ignore. Gartner predicts that cloud service revenue will be about $150 billion in 2013. With all of this comes the growing amount of data that will be accumulated, and the implications of the use of the cloud for situations that require forensic analysis. The amount of data that needs to be analyzed can be tens to hundreds of gigabytes in a single investigation.

The forensic professional's goal is to obtain information that can be used in court, and cloud computing expands the scale of digital forensic activities. It also creates new cybercrime investigations with new challenges.

Cloud forensics means new experts with new tools. Cloud forensics is a combination of digital forensics and cloud computing. Cloud computing, by definition, means sharing resources such as networks, storage, servers, applications, and other services. The sharing is performed by the cloud service and it involves multiple enterprises using common solutions.

A major value of cloud computing is its ability to reconfigure resources quickly. This means that resources can change almost instantly, which in turn means that virtualization compounds the forensic data location problem.

XaaS Models and Forensics
The Infrastructure as a Service (IaaS) model produces the fewest obstacles for the forensic expert. It is basically providing a physical data center outside the enterprise, but with all of the enterprise's work performed by enterprise staff. The management of the operating system may be shared.

Platform as a Service (PaaS) adds the management of the runtime and middleware by the service provider. This adds to the complexity faced by the forensic professional.

Software as a Service (SaaS) effectively outsources the entire IT operation. The enterprise becomes a subscriber to the service. SaaS is the most difficult environment for the forensic professional to operate within because most of the control of the applications and data is with the SaaS service provider.

The structure of your cloud provider's business will depend on the business model they are working under. A SaaS provider can easily be running its service on an IaaS or PaaS cloud, therefore you will be really working with two providers, not one for forensic purposes. A third-party reseller may be the face of the cloud service, adding another layer to the arrangement.

Next page: Elements of cloud forensics



COMMENTS

No Jitter Company Spotlight: ShoreTel
Webinars Enterprise Connect Tour Virtual Events
Containing Costs and Improving Service for Global Mobility
June 5, 2013
In surveys, enterprises consistently list the exorbitant costs of international mobile roaming as the biggest challenge when enabling workers for global travel. Other problems can be almost as challen...
Are Video Room Systems Going the Way of the Dinosaur?
May 22, 2013
The video market has been swept by a software revolution. Software-based solutions have transformed the video conferencing infrastructure market, while desktop and mobile apps have all but eliminated...
Responding to the Surging Threat of Telephony Denial of Service (TDoS) Attacks in Contact Centers - U.S. DHS Issues new TDoS Warning
May 8, 2013
Security threats to enterprise Voice/UC resources are increasing, as illustrated by SecureLogix in the latest edition of its "State of Security Report on Voice/UC" released at Enterprise Connect last ...
More Webinars
More Virtual Events

This day long workshop will feature a number of sessions exploring the technical challenges, procurement issues, and communications potential of SIP trunks. If your enterprise needs to modernize its wide area communications network, you need to attend this program to learn the ins and outs of SIP trunks. This free package includes breakfast, conference materials, lunch, networking reception and access to Interop’s Exhibition.

May 8 :: Las Vegas :: Interop, Mandalay Bay
May 14 :: New York :: Millennium Broadway
June 19 :: San Francisco :: Le Meridien
June 26 :: Chicago :: Hyatt Regency

Register Now

Sign up to the No Jitter email newsletters

  • Catch up with the blogs, features and columns from No Jitter, the online community for the IP communications industry. Each Thursday, we'll send you a synopsis of the high-impact articles, podcasts and other material posted to No Jitter that week, with links for quick access.

  • A quick hit of original analysis by the experts who bring you Enterprise Connect, the leading event in Enterprise Communications & Collaboration. Each Wednesday, this enewsletter delivers to your email box a thought-provoking, objective take on the latest news and trends in the industry.

Your email address is required for membership. For details about the user information, please read the UBM Privacy Statement

As an added benefit, would you like to receive relevant 3rd party offers about new products/services and discounted offers via email? Yes

* = Required Field

No longer instrested? Unsubscribe here.