Digital Forensics is the discipline that deals with the identification, preservation, analysis and documentation of digital data in order to present evidence applicable both in civil and criminal proceedings.
- Expert Advice during the seizure, inspection and recording evidence
- Acquisition of data using forensic techniques and methods, hash and chain of custody
- Extraction of deleted or hidden information, timeline reconstruction, indexing and keyword searching
- Analysis of Windows, Apple and Linux computer and server, mobile devices (i.e. Android, iOS, Windows Phone, BlackBerry), network dump and log files
- Documentation and final reporting, conservation on protected dedicated servers,Â expert reports and presence in front of civil or criminalÂ court
Information systems are the main support for the preservation of the whole business know-how. Every company implements security systems that can meet the threats that may arise, but also the most advanced systems can be breached or compromised. Therefore it becomes very important to get ready to face a computer crash.
- Analysis of the existing information system
- Defining new retention policy
- Implementation of defined policies
- Drawing up the plan forensic readiness
- Periodic verification of compliance with policies
Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
Nowadays mobile devices are the main communication system in all companies. We often use such devices to exchange sensitive or private information. For this reason it is essential for companies to adopt best practices with the aim of making their safe use.
Recent years have ushered in a new era of enterprise mobility: the use of notebook and mobile phone was passed to devices such as smartphones and tablets that allow you to put together different needs.
- Risk Analysis study of the security state of the mobile systems inside a business network, spotting of critical and risk elements, estimate of the probability and costs of possible attacks
- Policies and Procedures definition of business policies and processing of specific procedures for mobile device introduction, management and disposal
- Mobile Device Management advice service in the choice and installation of an MDM service for the management of the whole mobile device business asset
- Penetration Testing survey of the business implemented defense system and testing of the mobile devices in different scenarios (e.g. lost or stolen device, Wi-Fi access, installation and use of apps, possibility of jailbreaking or rooting)
- Malware Analysis malware analysis on business devices and discovery of private and sensitive data transmission outside
- App Analysis security analysis of business implemented mobile apps with the most commonly used standards (e.g. OWASP Mobile Security Risks, PCI-DSS)
Data Protection & Privacy
All Information Technologies, and consequently all the business sectors, will have to provide all the necessary measures to comply with new requisites and legal prescription derived from the European Directive 95/46 then ratified as GDPR (General Data Protection Regulation).
- Preliminary check and surveyÂ on site preliminary visit is an indispensable first activity to acquaint all essential evidence for the choice of the kind of Privacy System
- Plans of intervention documented schedule and projection of the Risk Analysis and the definition of the Critical Control Points On Site
- Training coupling of all the privacy and DP roles defined on the policy pending on the level of management and operative activities
- Privacy System Manual formalized papers of procedure, registration and policies distributer to Data Processors as well to Data Controller
- Quality and Security ManagementÂ Reality Net support all ISO/BSI voluntary schemes and well to all applicable IT Guide lines and accreditation such as ITIL, CoBIT, OWASP
Data recovery is the process of data extraction from formatted, damaged or destroyed devices when you cannot read data with regular systems.
Only with a good diagnosis it is possible to address the correct way to recover data. Each incorrect attempt to extract data can worse device damage and make any further attempt useless.
- Data recovery from magnetic media in case of physical damages, RAID configuration errors, deleted files and folders, accidental format of the device or formatting errors
- Data recovery from smartphones and tablets in case of accidental deletion or locked devices
- Data recovery from flash memories desoldering and chip analysis
- Data recovery from virtualization systems VmWare, Microsoft Hyper-V and others
- Data recovery from optical devices physical damages or write errors
- Repair of corrupted files like mail archives, office documents, databases, digital images and compressed files
- Password recovery from protected files
Secure data erasure, besides being prescrived by the privacy code, is a good practice in information security when a device (personal computer, server o dispositivo mobile) is dismissed.
- Wiping Overwriting of all the sectors of a device
- Degaussing Generation of a magnetic field whose power overcomes the device polarization making them unusable
- Physical destruction of the devices in order to make them unusable
Reality Net has always had native concern for Training & Teaching (TT) and indeed its professionals constantly placed side-by-side consultancy with their customers. Together with T&T we spread courses for universities as tenures coupled with seminars and educational symposia for Public Institution and international Association of reference in the fields of Digital Forensics, ICT Security and Cloud Computing advisory.
- Customer and users needs evaluation
- Scheduled planning of training sessions
- Choice and fitting of divulgative format
- Training side-by-side and on-site on documents and manuals