top | item 14444007

(no title)

sinaa | 8 years ago

Still, as far as I understand it, it comes down to how good/competent the IT dept is at log-keeping, and how complicit they are in the forgery.

In a more broader way, how can one prove innocence if their company use the employee's credentials (ID/email/etc.) to drop the blame on them? Wouldn't it be the employees words against the employer, while at the same time the employer has the control over the data/evidence?

discuss

rwmj|8 years ago

Digital forensics professionals deal all the time with attempts at active fraud (eg. people deleting logs, clearing caches, etc). Even if the IT department didn't keep the logs, or tried to delete them, there would be some "Data remanence" on one of the various machines involved in sending/transmitting/receiving the email.

dismantlethesun|8 years ago

Do digital forensics professionals ever fail to find sufficient evidence, like their peers in the non-digital world?

jamespo|8 years ago

If they are clued up enough to require 2FA to send email remotely, they're clued up enough to keep logs.