6.13 E-Discovery and Forensics

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

12 hours 48 minutes
Video Transcription
all right. Next section when we're dealing about legal issues, we certainly have to think about e discovery. And we have to think about forensics. We have to do that with our data on Prem or, of course, in the clouds. But the difficulty as we move to the cloud, of course, is gonna be
whose responsibility is it for what processes?
And we don't know that until we look at our service level agreement, they you can't assume anything. You know, I'm not gonna be able to show up at Amazon. Cloud Service is with my magnifying glass acting like Scooby Doo. They're trying to go in and investigate what happened to my dad.
So what portion is the cloud service provider responsible for?
What do I have access to? What about law enforcement? What sort of role will they play? And the answer that's really gonna vary from locale to locale. So we've got a lot of different issues to consider.
This is not an in depth gotta discovery or e discovery or forensics course
at all, but a few of the principles you need to know.
So first of all, just the turn E discovery, now a long time back in first chapter. I think we talked about Dad. A discovery that was different. Data discovery means taking big data in
pulling it all together and pulling out the pieces you need. Now, once we talk about Elektronik Discovery e Discovery, you want to think now about digital data
and generally using that in a civil or criminal case. Okay, so, um,
online or offline? You know, the cloud service providers gonna have to be involved. If we're doing online discovery,
there is a specific channel challenge here. This bullet point the U. S. Federal rules of civil procedure.
I'm gonna read this because I want to make sure we get this right. Ah, Party to litigation is expected to preserve and produce Elektronik Lee stored information in its possession, custody or control.
So with the cloud service provider who has custody, who has control? That needs to be documented and clearly identified. Right, because it might make sense that the cloud service provider has custody of the data. Right. But
you know who's been entrusted with that data? What expectations do we have for the c s? Uh, P. And then again, locale may take thes US federal rules and threw him right out the window. If the cloud service provider isn't located
in the U. S. Restoring within us so it can be very, very complex.
Discovery investigations, you know, it may very based on the service is that you use or how that's managed you can. There is software as a service e discovery. You can use an application.
You know that they're lots of vendors that provide discovery
APS that will help you assess the network assess the resource is and will help you in the various tasks associated with the discovery. So you can use a cloud service provider, their own software.
Um, the provider themselves may have software for E discovery,
or I may be using my only discovery or buying software from a normal organization. You know, it's just Ah, uh, we're gonna have to have the tools in order to glean through all of this in from a arrogant sift through. All this information gleaned the information that we need
their software. You could lease software as a service
cloud service provider can give it to me that's hosted, or I can bring in my own or buy software from another company, which would be third party.
All right, I'm gonna cut after that slide, and I want to bring it to cloud forensics.
Up Next
Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By