Assessment is the first step in any E-Investigation is understanding the case. Your assigned E-Investigations will discuss your case in depth and gain an understanding of what you believe has happened. Your E-Investigations will gather the basic information on your case, interview relevant witnesses, and work to gain a deep understanding of the extent and depth of the loss in critical to establishing the proper framework of the case.
The assessment phase also allows us to develop a proper scope of the project and establish realistic goals for the investigation. Regardless if your case is part of existing litigation or is based on an internal investigation, it is important to define the investigation and establish a reasonable budget for the case.
Your E-Investigations lead investigator can also determine what resources you may need for your investigation. This may include a mixture of services including surveillance, backgrounds, and computer forensics. You can be rest assured that E-Investigations has the resources to cover all angles of your case.
Our on-demand hosted architecture supports large volumes of data and simultaneous users.
Proximity searching, fuzzy logic search, Boolean arguments – we have them. What is unique is our ability to test search effectiveness without the need to retrieve the results each time.
We believe that security is the foundation to every aspect of how we manage your data. We apply security practices from the ground up, and perform due diligence to maintain and update those practices as the threat landscape changes.
Once a E-Investigations El expert has obtained a forensically sound image of the device and the data has been culled, the next step in the process is analysis. Computer forensic analysis begins with our Enterprise Review System.
Our Enterprise Review System is designed to facilitate an intuitive and efficient review for projects of any size. Our clean, web-based user interface and highly scalable, enterprise-grade technology platform allows users to:
- Be up and running within minutes – with no plug-ins and minimal training
- Focus on documents rather than complex functionality
- Review files in TIFF, native, and PDF
- Search with powerful full-text and keyword functionality
- Customize tagging for content capture, analysis and workflows
- Rapidly reduce ESI volume through advanced culling filters directly on Enterprise Review System
- Search and manage files in any language with Unicode and foreign language support
- Create production sets for litigation, audits and investigations in multiple formats
After a E-Investigations technician acquires a digital forensic image of the device in question for computer forensic purposes, the next step is culling. E-Investigations experts will determine what types of files—documents, images, etc—can be recovered from the data. We gather information from email servers and their mailboxes, file servers, home directories, and shared folders, as well as data pertaining to the type and location of data, electronic storage policies, and back-up procedures. Aside from the content of the device, our specialists also extract metadata that identifies the file’s creator. This includes when it was modified and when it was sent.
After the computer forensic images have been culled and the non-essential program files, duplicates, and other non-essential data discarded, the relevant digital forensic information is uploaded into the EInvestigations e-Discovery program, which is a very in-depth and forensically sound resource. The client, other counsel that may get involved, and professional researchers can then use the same recovered data for analysis.
- Attack Identification
- Data Breach Analysis