Securing the Evidence is important to Understanding as forensic proof are fragile and may be altered, damaged, or destroyed by improper handling or examination. it’s essential to safeguard the integrity of the proof and render it acceptable during a court of law.
Securing the Evidence management helps in protective actuality state of the proof effectively. This can be achieved by correct handling and documentation of the proof. At the time of proof transfer, each sender and receiver have to be compelled to give the knowledge concerning date and time of transfer within the chain of custody record.
The procedures accustomed shield the proof and document it whereas aggregation and shipping are:
• The record book of the project to record observations related to the proof.
• A tag to unambiguously determine any proof.
• A chain of custody record.
Related Product:-EC-Council Certified Incident Handler | ECIH v2
Chain of Custody
Chain of custody could be a papers that demonstrates the progression of proof because it travels from the first proof location to the forensic laboratory. It’s a road-map that shows however 1st res-ponders and investigators collected, analyzed, and preserved the proof.
The primary res-ponders/investigators have to be compelled to gift this document in court. It ensures correct auditing of the first knowledge proof, imaging of the supply media, trailing of the logs, and so on. The chain of custody shows the technology used and also the methodology adopted within the forensic phases also because the persons concerned in it.
The chain of custody administers the collection, handling, storage, testing, and disposition of proof. It helps to confirm protection of proof against meddling or substitution of proof. Chain of custody documentation should list all the individuals involved in the collection and preservation of proof and their actions, with a stamp for every activity.
Also Read:- Forensic Investigation Analysis
Evidence Bag Contents List
• The panel on the front of proof baggage should, at theft least, contain the following details:
• Date and time of seizure
• Incident res-ponder who taken the proof
• Exhibit range
• Where the proof was seized from
• Details of the contents of the evidence bag
• Submitting agency and its address
• Additional details required on the panel of the evidence bags include name of the officers who took photographs or prepared a scene sketch, sites where individual items were found, and names of the suspects, if any.
• Packaging, Transporting, and Storing Electronic Evidence
• First res-ponders need special equipment to analyze the devices, extract the evidence, and analyze it. Therefore, they need to transport it to the laboratory for investigation and to the court. Digital evidence is generally stored in computers and electronic devices, which are sensitive to extreme weather conditions, physical shock, static electricity, humidity, magnetic fields. First res-ponders must package, store, and transport all the physical evidence for further analysis after collection of the volatile information.
They must perform the following:
• Pack all the available physical evidence equipment with its components.
• Ensure to label all the devices and their components and create a list.
• Pay special attention to hidden or trace evidence, and take necessary actions to safeguard it.
• Pack magnetic media in anti-static packaging.
• CO not use materials such as plastic bags for packaging because they may produce static electricity.
• Avoid folding and scratching storage devices such as diskettes, DVDs, and tapes.
• Avoid turning the computer upside down or putting it on its side during transportation.
• Keep the electronic evidence collected from the crime scene away from magnetic sources such as radio transmitters, speaker magnets, and heated seats.
• Store the evidence in a safe area, away from extreme heat, cold, or moisture.
• Avoid storing electronic evidence in vehicles for a long period of time.
• Maintain proper chain of custody of the transported evidence.
• Take special precautions while storing wireless and portable devices, such as laptops, mobiles, and PDAs.
• Ensure that these devices do not connect to the networks by storing them in signal Hocking containers.
• Electronic devices contain digital information that may be potential evidence such as system date, time, and configuration. They lose this potential evidence because of improper and prolonged storage.
Therefore, first res-ponders should follow the practices mentioned below:
• Ensure the electronic evidence is listed in accordance with departmental policies.
• Are the electronic evidence in a secure and weather-controlled environment.
• Protect the electronic evidence from magnetic fields, dust, vibrations, and other factors that may damage its integrity.
Questions related to this topic
- How do you maintain chain of evidence?
- How do you secure a scene collect evidence package it transport it and store it?
- How do you package evidence?
- What is the chain of custody as it relates to evidence collection?
- What is Securing the Evidence?
Top Incident Handling Knowledge
- What is an Information Security Incident?
- Top 10 Most Common Types of Cyber Attacks
- Competitive Intelligence
- What is Evidence Collection?
- Variety of important anti-forensic techniques
- Enhancing Incident Response by Establishing SOPs
- Threat Intelligence Informed Risk Management
- An Introduction of Computer Forensics
- Overview of Digital evidence
- Forensics Investigation method of Computer
- Forensic Readiness planning
- The Principles of Digital Evidence Collection
- Securing the Crime Scene
- Forensic Readiness an Overview
- Securing the Evidence
- Life Cycle of forensics information in the system
- Forensic Investigation Analysis
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com