SlideShare una empresa de Scribd logo

Internal Investigations and the Cloud

Descargar como PPTX, PDF
Dan Michaluk
Dan Michaluk

One hour

EmpresarialesTecnología
1 de 18
Internal Investigations and the Cloud Dan Michaluk ACFI Fraud Conference May 28, 2012
Internal Investigations and the Cloud • What is cloud computing? • Why is it a problem for investigators? • What‟s the solution? • The problem with the consumer cloud • The consumer cloud – personal accounts • Good resources Internal Investigations and the Cloud
What is cloud computing? • Model for delivery of computing services • Services outsourced and accessed through the internet, on demand, at desired scale • Data resides on servers owned by third- parties, often with the data of others and often in one or more foreign countries • Consumer services differ from enterprise services Internal Investigations and the Cloud
What is cloud computing? • It is related to a “data portability” phenomenon • “We‟ve got work information on personal devices and personal information on work devices” • Add to that, multiple companies on physical servers • This creates ambiguity that can be dealt with by contract (and I assume by technology) – i.e. we need to replace physical control with legal control Internal Investigations and the Cloud
Why is it a problem for investigators? • It threatens to timely access to reliable evidence • Providers default to low cost rather than service • Investigations and e-discovery are afterthoughts • Specialized forensic data capture services are rare • Logs and other forensic data can be intermingled • Proprietary software can make interpretation hard • Access restrictions create a chain of custody issue • Law of other jurisdictions may be restrictive Internal Investigations and the Cloud
Why is it a problem for investigators? • Discussion • Do your employers or clients use cloud-based services for business? • Has this affected your investigations? • How? Internal Investigations and the Cloud
What’s the solution? • The solution is simple (in theory) • Outsourcing process requirements definition, vendor selection, due diligence and contracting and administration • You need to insert yourself in all aspects of this process to communicate your requirements and see that they are met • But… be prepared to compromise because the cloud is the cloud and physical control is supreme Internal Investigations and the Cloud
What’s the solution? • The solution is simple (in theory) • Understand the system and the data it generates • Develop investigation scenarios • Develop investigation requirements • Prioritize requirements • Discuss requirements • Ensure requirements can be met • Service level agreement is key, but is not everything Internal Investigations and the Cloud
What’s the solution? • Assume your employer or a client is moving its accounting system to the cloud. As a fraud investigator, what are your key needs? Internal Investigations and the Cloud
What’s the solution? • Key questions (among others) • In what jurisdiction(s) will data reside? • How is data stored at application & system levels? • Can our data be extracted independently from others‟ data? • What forensic data do we want? Will you make it available to us? How? To others? How will that affect us? Internal Investigations and the Cloud
What’s the solution? • Key questions (among others) • Will your employee give evidence to establish the chain of custody? • How fast will you make all this happen? Internal Investigations and the Cloud
The problem with the consumer cloud • It is a data security risk – business information is leeching into personal accounts and home computers • Example – employee sends work home via a web based personal e-mail account • Example – business unit starts using Google docs to collaborate though the company has no enterprise services relationship with Google Internal Investigations and the Cloud
The consumer cloud - personal accounts • The Calgary Police Service case (April 2012) • Internal sexual misconduct investigation • E-mail review… search for “password” • Found login credentials for personal e-mail account • Accessed on “data leakage” theory • Found (unanticipated) evidence of sexual misconduct • Alberta OPIC finds a violation of privacy legislation Internal Investigations and the Cloud
The consumer cloud - personal accounts • Why unauthorized access is a bad idea • Except in extraordinary circumstances it is likely to be a criminal offence – Criminal Code s. 342.1 • A labour arbitrator may exclude evidence • Though not ideal, there is a work-around Internal Investigations and the Cloud
The consumer cloud - personal accounts • The work-around • Finish the covert investigation • Confront the employee • Make a preservation demand • Make a reasonable inspection demand • Be prepared to manage a refusal through an insubordination charge and an adverse inference Internal Investigations and the Cloud
The consumer cloud - personal accounts • “Friending” targets is risky • “Friending” as yourself may not be that helpful • Impersonation is a criminal offence (s. 403) • Do your professional rules prohibit the use of fake profiles to gain information? Internal Investigations and the Cloud
Related Resources • J. Cheng, “IBM‟s Siri ban highlights companies‟ privacy, trade secret challenges” • Digital Forensics Laboratories, “Digital investigations in the Cloud” • T. Harbert, “E-discovery in the Cloud? Not so easy.” • W. Manning, “Investigating in the Clouds” • K. Ruan et al, “Cloud forensics: An overview” • A. Savvas, “Cloud providers cave into more flexible contracts.” • T. Trappler, “In the Cloud, Your Data Can Get Caught Up in Legal Actions” • K. Zetter, “FBI Uses „Sledgehammer‟ to Seize E-Mail Server in Search for Bomb Threat Evidence Internal Investigations and the Cloud
Internal Investigations and the Cloud Dan Michaluk ACFI Fraud Conference May 28, 2012

Recomendados

Law Practice Management - Organization, Cloud, Social Media and Ethics
Law Practice Management - Organization, Cloud, Social Media and EthicsLaw Practice Management - Organization, Cloud, Social Media and Ethics
Law Practice Management - Organization, Cloud, Social Media and EthicsJennifer Ellis, JD, LLC
 
The Online Court - CTC 2017
The Online Court - CTC 2017The Online Court - CTC 2017
The Online Court - CTC 2017David Harvey
 
Systemising advice
Systemising adviceSystemising advice
Systemising adviceDavid Harvey
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereJim Brashear
 
Epiq E Discovery Faq Hong Kong
Epiq E Discovery Faq Hong KongEpiq E Discovery Faq Hong Kong
Epiq E Discovery Faq Hong KongDmitriHubbard
 
How would AI shape Future Integrations?
How would AI shape Future Integrations?How would AI shape Future Integrations?
How would AI shape Future Integrations?Srinath Perera
 
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...MongoDB
 
Trends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the RisksTrends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the RisksNicole Garton
 

Recomendados

Law Practice Management - Organization, Cloud, Social Media and Ethics
Law Practice Management - Organization, Cloud, Social Media and EthicsLaw Practice Management - Organization, Cloud, Social Media and Ethics
Law Practice Management - Organization, Cloud, Social Media and EthicsJennifer Ellis, JD, LLC
 
The Online Court - CTC 2017
The Online Court - CTC 2017The Online Court - CTC 2017
The Online Court - CTC 2017David Harvey
 
Systemising advice
Systemising adviceSystemising advice
Systemising adviceDavid Harvey
 
BYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereBYOD - Bringing Technology to work | Sending Data Everywhere
BYOD - Bringing Technology to work | Sending Data EverywhereJim Brashear
 
Epiq E Discovery Faq Hong Kong
Epiq E Discovery Faq Hong KongEpiq E Discovery Faq Hong Kong
Epiq E Discovery Faq Hong KongDmitriHubbard
 
How would AI shape Future Integrations?
How would AI shape Future Integrations?How would AI shape Future Integrations?
How would AI shape Future Integrations?Srinath Perera
 
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...
Bangalore Executive Seminar 2015: Case Study - Text Analysis on MongoDB for a...MongoDB
 
Trends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the RisksTrends in Law Practice Management – Calculating the Risks
Trends in Law Practice Management – Calculating the RisksNicole Garton
 
Humans Are The Weakest Link – How DLP Can Help
Humans Are The Weakest Link – How DLP Can HelpHumans Are The Weakest Link – How DLP Can Help
Humans Are The Weakest Link – How DLP Can HelpValery Boronin
 
2010 za con_stephen_kreusch
2010 za con_stephen_kreusch2010 za con_stephen_kreusch
2010 za con_stephen_kreuschJohan Klerk
 
Effective Internal Investigations
Effective Internal InvestigationsEffective Internal Investigations
Effective Internal InvestigationsDaegis
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)Hussein Al-Sanabani
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRBMichael Zimmer
 
Efficiently Handling Subject Access Requests
Efficiently Handling Subject Access RequestsEfficiently Handling Subject Access Requests
Efficiently Handling Subject Access Requestsjcscholtes
 
Let the Trees Live. Go Paperless by KTL Solutions and PaperSave
Let the Trees Live. Go Paperless by KTL Solutions and PaperSaveLet the Trees Live. Go Paperless by KTL Solutions and PaperSave
Let the Trees Live. Go Paperless by KTL Solutions and PaperSaveKTL Solutions
 
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...Nelson Petracek
 
Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Nelson Petracek
 
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...Cynthia Sharp
 
Delivering a Linked Data warehouse and realising the power of graphs
Delivering a Linked Data warehouse and realising the power of graphsDelivering a Linked Data warehouse and realising the power of graphs
Delivering a Linked Data warehouse and realising the power of graphsBen Gardner
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...Jisc
 
The Sherpa Approach: Meeting the Demands of the Digital Age
The Sherpa Approach: Meeting the Demands of the Digital AgeThe Sherpa Approach: Meeting the Demands of the Digital Age
The Sherpa Approach: Meeting the Demands of the Digital AgeSherpa Software
 
Clio logikcull- leveraging e discovery date in legal practice
Clio logikcull- leveraging e discovery date in legal practiceClio logikcull- leveraging e discovery date in legal practice
Clio logikcull- leveraging e discovery date in legal practiceClio - Cloud-Based Legal Technology
 
E-Lock digital signature solutions
E-Lock digital signature solutionsE-Lock digital signature solutions
E-Lock digital signature solutionsE-Lock digital signatures
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
 
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...Robert Ambrogi
 
Mobile Security
Mobile Security Mobile Security
Mobile Security James Sutter
 
Kill the Dinosaurs, and Other Tips for Achieving Technical Competence
Kill the Dinosaurs, and Other Tips for Achieving Technical CompetenceKill the Dinosaurs, and Other Tips for Achieving Technical Competence
Kill the Dinosaurs, and Other Tips for Achieving Technical CompetenceAntigone Peyton
 
Managing a security program (when you are not a security expert)
Managing a security program (when you are not a security expert)Managing a security program (when you are not a security expert)
Managing a security program (when you are not a security expert)jikbal
 
Supply Chain Present
Supply Chain PresentSupply Chain Present
Supply Chain PresentUdomsak Suntithikavong
 

Más contenido relacionado

La actualidad más candente

Humans Are The Weakest Link – How DLP Can Help
Humans Are The Weakest Link – How DLP Can HelpHumans Are The Weakest Link – How DLP Can Help
Humans Are The Weakest Link – How DLP Can HelpValery Boronin
 
2010 za con_stephen_kreusch
2010 za con_stephen_kreusch2010 za con_stephen_kreusch
2010 za con_stephen_kreuschJohan Klerk
 
Effective Internal Investigations
Effective Internal InvestigationsEffective Internal Investigations
Effective Internal InvestigationsDaegis
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRBMichael Zimmer
 
Efficiently Handling Subject Access Requests
Efficiently Handling Subject Access RequestsEfficiently Handling Subject Access Requests
Efficiently Handling Subject Access Requestsjcscholtes
 
Let the Trees Live. Go Paperless by KTL Solutions and PaperSave
Let the Trees Live. Go Paperless by KTL Solutions and PaperSaveLet the Trees Live. Go Paperless by KTL Solutions and PaperSave
Let the Trees Live. Go Paperless by KTL Solutions and PaperSaveKTL Solutions
 
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...Nelson Petracek
 
Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Nelson Petracek
 
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...Cynthia Sharp
 
Delivering a Linked Data warehouse and realising the power of graphs
Delivering a Linked Data warehouse and realising the power of graphsDelivering a Linked Data warehouse and realising the power of graphs
Delivering a Linked Data warehouse and realising the power of graphsBen Gardner
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...Jisc
 
The Sherpa Approach: Meeting the Demands of the Digital Age
The Sherpa Approach: Meeting the Demands of the Digital AgeThe Sherpa Approach: Meeting the Demands of the Digital Age
The Sherpa Approach: Meeting the Demands of the Digital AgeSherpa Software
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
 
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...Robert Ambrogi
 
Kill the Dinosaurs, and Other Tips for Achieving Technical Competence
Kill the Dinosaurs, and Other Tips for Achieving Technical CompetenceKill the Dinosaurs, and Other Tips for Achieving Technical Competence
Kill the Dinosaurs, and Other Tips for Achieving Technical CompetenceAntigone Peyton
 

La actualidad más candente (20)

Humans Are The Weakest Link – How DLP Can Help
Humans Are The Weakest Link – How DLP Can HelpHumans Are The Weakest Link – How DLP Can Help
Humans Are The Weakest Link – How DLP Can Help
 
2010 za con_stephen_kreusch
2010 za con_stephen_kreusch2010 za con_stephen_kreusch
2010 za con_stephen_kreusch
 
Effective Internal Investigations
Effective Internal InvestigationsEffective Internal Investigations
Effective Internal Investigations
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)
 
Research, the Cloud, and the IRB
Research, the Cloud, and the IRBResearch, the Cloud, and the IRB
Research, the Cloud, and the IRB
 
Efficiently Handling Subject Access Requests
Efficiently Handling Subject Access RequestsEfficiently Handling Subject Access Requests
Efficiently Handling Subject Access Requests
 
Let the Trees Live. Go Paperless by KTL Solutions and PaperSave
Let the Trees Live. Go Paperless by KTL Solutions and PaperSaveLet the Trees Live. Go Paperless by KTL Solutions and PaperSave
Let the Trees Live. Go Paperless by KTL Solutions and PaperSave
 
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
TIBCO Innovation Workshop Series: Reducing Decision Latency with Streaming An...
 
Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017
 
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
The Ethics of Law Practice and Legal Marketing in a Social Media Environment ...
 
Delivering a Linked Data warehouse and realising the power of graphs
Delivering a Linked Data warehouse and realising the power of graphsDelivering a Linked Data warehouse and realising the power of graphs
Delivering a Linked Data warehouse and realising the power of graphs
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Group
 
"We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec..."We're all in this together" - educating users on the importance of cyber sec...
"We're all in this together" - educating users on the importance of cyber sec...
 
The Sherpa Approach: Meeting the Demands of the Digital Age
The Sherpa Approach: Meeting the Demands of the Digital AgeThe Sherpa Approach: Meeting the Demands of the Digital Age
The Sherpa Approach: Meeting the Demands of the Digital Age
 
Clio logikcull- leveraging e discovery date in legal practice
Clio logikcull- leveraging e discovery date in legal practiceClio logikcull- leveraging e discovery date in legal practice
Clio logikcull- leveraging e discovery date in legal practice
 
E-Lock digital signature solutions
E-Lock digital signature solutionsE-Lock digital signature solutions
E-Lock digital signature solutions
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)
 
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
The Innovation Gap: Why the Justice System Has Failed to Keep Pace with Techn...
 
Mobile Security
Mobile Security Mobile Security
Mobile Security
 
Kill the Dinosaurs, and Other Tips for Achieving Technical Competence
Kill the Dinosaurs, and Other Tips for Achieving Technical CompetenceKill the Dinosaurs, and Other Tips for Achieving Technical Competence
Kill the Dinosaurs, and Other Tips for Achieving Technical Competence
 

Destacado

Managing a security program (when you are not a security expert)
Managing a security program (when you are not a security expert)Managing a security program (when you are not a security expert)
Managing a security program (when you are not a security expert)jikbal
 
Internal Investigations
Internal InvestigationsInternal Investigations
Internal Investigationsalberto0
 
Supply Chain Threats, Risks, and Trends | Global intelligence report
Supply Chain Threats, Risks, and Trends | Global intelligence reportSupply Chain Threats, Risks, and Trends | Global intelligence report
Supply Chain Threats, Risks, and Trends | Global intelligence reportUdomsak Suntithikavong
 
Incident Response
Incident Response Incident Response
Incident Response InnoTech
 
Internal Investigation What To Expect
Internal Investigation What To ExpectInternal Investigation What To Expect
Internal Investigation What To ExpectBill Banowsky
 
Building an Effective Supply Chain Security Program
Building an Effective Supply Chain Security ProgramBuilding an Effective Supply Chain Security Program
Building an Effective Supply Chain Security ProgramPriyanka Aash
 
CONDUCTING A WORKPLACE INVESTIGATION
CONDUCTING A WORKPLACE INVESTIGATIONCONDUCTING A WORKPLACE INVESTIGATION
CONDUCTING A WORKPLACE INVESTIGATIONEnercare Inc.
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? PECB
 
Network Solutions Supply Chain Industry Day_May28_2014_Consolidated
Network Solutions Supply Chain Industry Day_May28_2014_ConsolidatedNetwork Solutions Supply Chain Industry Day_May28_2014_Consolidated
Network Solutions Supply Chain Industry Day_May28_2014_ConsolidatedKBIZEAU
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk ManagementHamed Moghaddam
 
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...festival ICT 2016
 
Supply Chain Security
Supply Chain SecuritySupply Chain Security
Supply Chain Securityguest031790
 
Crisis comunication powerpoint
Crisis comunication powerpointCrisis comunication powerpoint
Crisis comunication powerpointMeaganTaylor16
 
How to manage a crisis ?
How to manage a crisis ?How to manage a crisis ?
How to manage a crisis ?Philippe Roques
 
Crisis Communication Plan
Crisis Communication PlanCrisis Communication Plan
Crisis Communication PlanBeth Wilson
 
Crisis management presentation
Crisis management presentationCrisis management presentation
Crisis management presentationiChange
 

Destacado (19)

Managing a security program (when you are not a security expert)
Managing a security program (when you are not a security expert)Managing a security program (when you are not a security expert)
Managing a security program (when you are not a security expert)
 
Supply Chain Present
Supply Chain PresentSupply Chain Present
Supply Chain Present
 
Internal Investigations
Internal InvestigationsInternal Investigations
Internal Investigations
 
Supply Chain Threats, Risks, and Trends | Global intelligence report
Supply Chain Threats, Risks, and Trends | Global intelligence reportSupply Chain Threats, Risks, and Trends | Global intelligence report
Supply Chain Threats, Risks, and Trends | Global intelligence report
 
Incident Response
Incident Response Incident Response
Incident Response
 
Internal Investigation What To Expect
Internal Investigation What To ExpectInternal Investigation What To Expect
Internal Investigation What To Expect
 
#NISWAW Session 2
#NISWAW Session 2#NISWAW Session 2
#NISWAW Session 2
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
Building an Effective Supply Chain Security Program
Building an Effective Supply Chain Security ProgramBuilding an Effective Supply Chain Security Program
Building an Effective Supply Chain Security Program
 
CONDUCTING A WORKPLACE INVESTIGATION
CONDUCTING A WORKPLACE INVESTIGATIONCONDUCTING A WORKPLACE INVESTIGATION
CONDUCTING A WORKPLACE INVESTIGATION
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation?
 
Network Solutions Supply Chain Industry Day_May28_2014_Consolidated
Network Solutions Supply Chain Industry Day_May28_2014_ConsolidatedNetwork Solutions Supply Chain Industry Day_May28_2014_Consolidated
Network Solutions Supply Chain Industry Day_May28_2014_Consolidated
 
Cissp- Security and Risk Management
Cissp- Security and Risk ManagementCissp- Security and Risk Management
Cissp- Security and Risk Management
 
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
 
Supply Chain Security
Supply Chain SecuritySupply Chain Security
Supply Chain Security
 
Crisis comunication powerpoint
Crisis comunication powerpointCrisis comunication powerpoint
Crisis comunication powerpoint
 
How to manage a crisis ?
How to manage a crisis ?How to manage a crisis ?
How to manage a crisis ?
 
Crisis Communication Plan
Crisis Communication PlanCrisis Communication Plan
Crisis Communication Plan
 
Crisis management presentation
Crisis management presentationCrisis management presentation
Crisis management presentation
 

Similar a Internal Investigations and the Cloud

Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Bianca Mueller, LL.M.
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 
What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?John Kinsella
 
Getting Started in the Nonprofit Cloud
Getting Started in the Nonprofit CloudGetting Started in the Nonprofit Cloud
Getting Started in the Nonprofit CloudAbila
 
CNIT 50: 1. Network Security Monitoring Rationale
CNIT 50: 1. Network Security Monitoring RationaleCNIT 50: 1. Network Security Monitoring Rationale
CNIT 50: 1. Network Security Monitoring RationaleSam Bowne
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
An information management update for in house counsel
An information management update for in house counselAn information management update for in house counsel
An information management update for in house counselDan Michaluk
 
Meeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldMeeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldHostway|HOSTING
 
GDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyGDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyPaul McQuillan
 
cloud session uklug
cloud session uklugcloud session uklug
cloud session uklugdominion
 
Ignite Presentation
Ignite PresentationIgnite Presentation
Ignite PresentationBrad Stauber
 
Correlation does not mean causation
Correlation does not mean causationCorrelation does not mean causation
Correlation does not mean causationPeter Varhol
 
ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast Logikcull.com
 
Small and solo in the cloud
Small and solo in the cloudSmall and solo in the cloud
Small and solo in the cloudOmar Ha-Redeye
 
CRMCS GDPR - Why it matters and how to make it Easy
CRMCS GDPR - Why it matters and how to make it EasyCRMCS GDPR - Why it matters and how to make it Easy
CRMCS GDPR - Why it matters and how to make it EasyPaul McQuillan
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloudJulian Knight
 
[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...
[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...
[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...DataScienceConferenc1
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Valencell, Inc.
 

Similar a Internal Investigations and the Cloud (20)

Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data?
 
Risks and Benefits of Cloud Computing
Risks and Benefits of Cloud ComputingRisks and Benefits of Cloud Computing
Risks and Benefits of Cloud Computing
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?What is Cloud Security, and Can I Have Some?
What is Cloud Security, and Can I Have Some?
 
Getting Started in the Nonprofit Cloud
Getting Started in the Nonprofit CloudGetting Started in the Nonprofit Cloud
Getting Started in the Nonprofit Cloud
 
CNIT 50: 1. Network Security Monitoring Rationale
CNIT 50: 1. Network Security Monitoring RationaleCNIT 50: 1. Network Security Monitoring Rationale
CNIT 50: 1. Network Security Monitoring Rationale
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloud
 
Bird&Bird
Bird&BirdBird&Bird
Bird&Bird
 
An information management update for in house counsel
An information management update for in house counselAn information management update for in house counsel
An information management update for in house counsel
 
Meeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand WorldMeeting the Demands of an On-Demand World
Meeting the Demands of an On-Demand World
 
GDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it EasyGDPR - Why it matters and how to make it Easy
GDPR - Why it matters and how to make it Easy
 
cloud session uklug
cloud session uklugcloud session uklug
cloud session uklug
 
Ignite Presentation
Ignite PresentationIgnite Presentation
Ignite Presentation
 
Correlation does not mean causation
Correlation does not mean causationCorrelation does not mean causation
Correlation does not mean causation
 
ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast ACEDS-Zylab 4-3-15 Webcast
ACEDS-Zylab 4-3-15 Webcast
 
Small and solo in the cloud
Small and solo in the cloudSmall and solo in the cloud
Small and solo in the cloud
 
CRMCS GDPR - Why it matters and how to make it Easy
CRMCS GDPR - Why it matters and how to make it EasyCRMCS GDPR - Why it matters and how to make it Easy
CRMCS GDPR - Why it matters and how to make it Easy
 
Security and governance in the cloud
Security and governance in the cloudSecurity and governance in the cloud
Security and governance in the cloud
 
[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...
[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...
[DSC Adria 23] Miro MIljanic Telco Data Pipelines in the Cloud Architecture a...
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
 

Más de Dan Michaluk

Ecno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxEcno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxDan Michaluk
 
Critical Issues in School Board Cyber Security
Critical Issues in School Board Cyber SecurityCritical Issues in School Board Cyber Security
Critical Issues in School Board Cyber SecurityDan Michaluk
 
Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Dan Michaluk
 
Higher Education Sexual Violence Presentation
Higher Education Sexual Violence PresentationHigher Education Sexual Violence Presentation
Higher Education Sexual Violence PresentationDan Michaluk
 
Cyber class action claims at an inflection point
Cyber class action claims at an inflection pointCyber class action claims at an inflection point
Cyber class action claims at an inflection pointDan Michaluk
 
The pandemic and privacy
The pandemic and privacyThe pandemic and privacy
The pandemic and privacyDan Michaluk
 
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Dan Michaluk
 
Union access to information
Union access to informationUnion access to information
Union access to informationDan Michaluk
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk GovernanceDan Michaluk
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Dan Michaluk
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOIDan Michaluk
 
Cyber, secrecy and the public body
Cyber, secrecy and the public bodyCyber, secrecy and the public body
Cyber, secrecy and the public bodyDan Michaluk
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsDan Michaluk
 
Advocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateAdvocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateDan Michaluk
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice Dan Michaluk
 
Role of a breach coach
Role of a breach coachRole of a breach coach
Role of a breach coachDan Michaluk
 
PHIPA for school boards
PHIPA for school boardsPHIPA for school boards
PHIPA for school boardsDan Michaluk
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Finding internet evidence
Finding internet evidenceFinding internet evidence
Finding internet evidenceDan Michaluk
 

Más de Dan Michaluk (20)

Ecno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptxEcno cyber - 23 June 2023 - djm(137852631.1).pptx
Ecno cyber - 23 June 2023 - djm(137852631.1).pptx
 
Critical Issues in School Board Cyber Security
Critical Issues in School Board Cyber SecurityCritical Issues in School Board Cyber Security
Critical Issues in School Board Cyber Security
 
Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)Introduction to FOI law (the law of information)
Introduction to FOI law (the law of information)
 
Higher Education Sexual Violence Presentation
Higher Education Sexual Violence PresentationHigher Education Sexual Violence Presentation
Higher Education Sexual Violence Presentation
 
Cyber class action claims at an inflection point
Cyber class action claims at an inflection pointCyber class action claims at an inflection point
Cyber class action claims at an inflection point
 
The pandemic and privacy
The pandemic and privacyThe pandemic and privacy
The pandemic and privacy
 
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
Cyber security for the regulator and regulated - Ontario Regulatory Authorit...
 
Union access to information
Union access to informationUnion access to information
Union access to information
 
Cybersecurity Risk Governance
Cybersecurity Risk GovernanceCybersecurity Risk Governance
Cybersecurity Risk Governance
 
Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?Cyber Incident Response - When it happens, will you be ready?
Cyber Incident Response - When it happens, will you be ready?
 
The Current State of FOI
The Current State of FOIThe Current State of FOI
The Current State of FOI
 
Cyber, secrecy and the public body
Cyber, secrecy and the public bodyCyber, secrecy and the public body
Cyber, secrecy and the public body
 
The privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analyticsThe privacy and security implications of AI, big data and predictive analytics
The privacy and security implications of AI, big data and predictive analytics
 
Advocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy UpdateAdvocates' Society Tricks of the Trade 2019 - A Privacy Update
Advocates' Society Tricks of the Trade 2019 - A Privacy Update
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam Compliance
 
Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice Cyber Insurance and Incident Response Practice
Cyber Insurance and Incident Response Practice
 
Role of a breach coach
Role of a breach coachRole of a breach coach
Role of a breach coach
 
PHIPA for school boards
PHIPA for school boardsPHIPA for school boards
PHIPA for school boards
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam Compliance
 
Finding internet evidence
Finding internet evidenceFinding internet evidence
Finding internet evidence
 

Último

Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂EscortCall Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escortdlhescort
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Sheetaleventcompany
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceDamini Dixit
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizharallensay1
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...allensay1
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceDamini Dixit
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsIndeedSEO
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLkapoorjyoti4444
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Anamikakaur10
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 

Último (20)

Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂EscortCall Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort ServiceEluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
Eluru Call Girls Service ☎ ️93326-06886 ❤️‍🔥 Enjoy 24/7 Escort Service
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 

Internal Investigations and the Cloud

  • 1. Internal Investigations and the Cloud Dan Michaluk ACFI Fraud Conference May 28, 2012
  • 2. Internal Investigations and the Cloud • What is cloud computing? • Why is it a problem for investigators? • What‟s the solution? • The problem with the consumer cloud • The consumer cloud – personal accounts • Good resources Internal Investigations and the Cloud
  • 3. What is cloud computing? • Model for delivery of computing services • Services outsourced and accessed through the internet, on demand, at desired scale • Data resides on servers owned by third- parties, often with the data of others and often in one or more foreign countries • Consumer services differ from enterprise services Internal Investigations and the Cloud
  • 4. What is cloud computing? • It is related to a “data portability” phenomenon • “We‟ve got work information on personal devices and personal information on work devices” • Add to that, multiple companies on physical servers • This creates ambiguity that can be dealt with by contract (and I assume by technology) – i.e. we need to replace physical control with legal control Internal Investigations and the Cloud
  • 5. Why is it a problem for investigators? • It threatens to timely access to reliable evidence • Providers default to low cost rather than service • Investigations and e-discovery are afterthoughts • Specialized forensic data capture services are rare • Logs and other forensic data can be intermingled • Proprietary software can make interpretation hard • Access restrictions create a chain of custody issue • Law of other jurisdictions may be restrictive Internal Investigations and the Cloud
  • 6. Why is it a problem for investigators? • Discussion • Do your employers or clients use cloud-based services for business? • Has this affected your investigations? • How? Internal Investigations and the Cloud
  • 7. What’s the solution? • The solution is simple (in theory) • Outsourcing process requirements definition, vendor selection, due diligence and contracting and administration • You need to insert yourself in all aspects of this process to communicate your requirements and see that they are met • But… be prepared to compromise because the cloud is the cloud and physical control is supreme Internal Investigations and the Cloud
  • 8. What’s the solution? • The solution is simple (in theory) • Understand the system and the data it generates • Develop investigation scenarios • Develop investigation requirements • Prioritize requirements • Discuss requirements • Ensure requirements can be met • Service level agreement is key, but is not everything Internal Investigations and the Cloud
  • 9. What’s the solution? • Assume your employer or a client is moving its accounting system to the cloud. As a fraud investigator, what are your key needs? Internal Investigations and the Cloud
  • 10. What’s the solution? • Key questions (among others) • In what jurisdiction(s) will data reside? • How is data stored at application & system levels? • Can our data be extracted independently from others‟ data? • What forensic data do we want? Will you make it available to us? How? To others? How will that affect us? Internal Investigations and the Cloud
  • 11. What’s the solution? • Key questions (among others) • Will your employee give evidence to establish the chain of custody? • How fast will you make all this happen? Internal Investigations and the Cloud
  • 12. The problem with the consumer cloud • It is a data security risk – business information is leeching into personal accounts and home computers • Example – employee sends work home via a web based personal e-mail account • Example – business unit starts using Google docs to collaborate though the company has no enterprise services relationship with Google Internal Investigations and the Cloud
  • 13. The consumer cloud - personal accounts • The Calgary Police Service case (April 2012) • Internal sexual misconduct investigation • E-mail review… search for “password” • Found login credentials for personal e-mail account • Accessed on “data leakage” theory • Found (unanticipated) evidence of sexual misconduct • Alberta OPIC finds a violation of privacy legislation Internal Investigations and the Cloud
  • 14. The consumer cloud - personal accounts • Why unauthorized access is a bad idea • Except in extraordinary circumstances it is likely to be a criminal offence – Criminal Code s. 342.1 • A labour arbitrator may exclude evidence • Though not ideal, there is a work-around Internal Investigations and the Cloud
  • 15. The consumer cloud - personal accounts • The work-around • Finish the covert investigation • Confront the employee • Make a preservation demand • Make a reasonable inspection demand • Be prepared to manage a refusal through an insubordination charge and an adverse inference Internal Investigations and the Cloud
  • 16. The consumer cloud - personal accounts • “Friending” targets is risky • “Friending” as yourself may not be that helpful • Impersonation is a criminal offence (s. 403) • Do your professional rules prohibit the use of fake profiles to gain information? Internal Investigations and the Cloud
  • 17. Related Resources • J. Cheng, “IBM‟s Siri ban highlights companies‟ privacy, trade secret challenges” • Digital Forensics Laboratories, “Digital investigations in the Cloud” • T. Harbert, “E-discovery in the Cloud? Not so easy.” • W. Manning, “Investigating in the Clouds” • K. Ruan et al, “Cloud forensics: An overview” • A. Savvas, “Cloud providers cave into more flexible contracts.” • T. Trappler, “In the Cloud, Your Data Can Get Caught Up in Legal Actions” • K. Zetter, “FBI Uses „Sledgehammer‟ to Seize E-Mail Server in Search for Bomb Threat Evidence Internal Investigations and the Cloud
  • 18. Internal Investigations and the Cloud Dan Michaluk ACFI Fraud Conference May 28, 2012

Notas del editor

  1. Dan MichalukHicks MorleyWe work for managementSupport internal investigation workArgue cases that flow from internal investigation workWorked with organizations on outsourcings to cloudNot an IT proNot an forensics pro…About how cloud computing will affect your job as an internal investigator and what to do about itImportant topic for investigators because the success of your work depends on access to informationBusiness us of the cloud is a threat, but it can be managedIn a more obvious way social media use is a potential source of evidence… talk about one issue that’s come up recently… access to personal accounts
  2. Let’s cover the basicsAnyone volunteer to describe what cloud computing is?Key features that create a problem-third-party owned-cost effectiveness supersedes control-distributed-server provision is “virtualized” (some degree of intermingling problem)Great trend-tell story about education sector pitchDeveloping distinction between consumer cloud (“public”) and enterprise (“private”) cloud-very important distinction for business-if business has any control, it must have the primary agreement with the cloud provider
  3. Bigger problem for business is data portabilityToo easy to move data between systems nowTell story about Crown’s pitchA bunch of information that should be organization’s control is now “out there”Evidence trails will lead you to data sources that you can’t access through routine and authorized meansWhat do we do about that?There will be some compromise to your investigationYou’ll have to live with thatQuestion is how do we manage the risk when corporate security is not ideal
  4. Summarizes the cloud problemLow cost – comment on cloud provider bias-Computer World UK article from Friday… cloud providers will compete on flexibilityInvestigations and e-discovery afterthought-Barry Murphy, eDJ Group Inc. survey-Anecdotally, investigation rights focused on data breach investigation rights-Forensic issues-Meaning from information-e.g. time stamps… beg more questions about how they are generated
  5. Facilitated discussionLet’s draw from your current experience
  6. This is a business problem not an investigation problemYou need to get identified as a stakeholder and make your needs knownUltimately there will be compromiseThere will be risksIt’s a less than ideal computing model for your needsBe open to thatThe cost savings will compel some level of adoption
  7. Here’s the process I foreseeVery tailored approachThere will be great resistance to this type of analysis from most vendorsBut if you’re going in blind you should at least know that
  8. Facilitated discussionLet’s brainstorm about potential requirements
  9. Here’s what you must know-must know the jurisdiction -less willing to disclose than you think -will affect access to data -good due diligence will entail a local opinion on access to PI-how is data stored -data map/model-intermingling key -stories about law enforcement seizing whole servers -how are you protected from that-last bullet are the “money” questions -can only ask them if you have a good data map
  10. -more questions-might have to prove authenticity of exports or images -cooperation essential -what’s arrangement? -what’s the protocol? -think ahead-how fast -speed of investigation is critical -delay increases exposure to risk of financial harm -increase cost of paying employees on leave -increase risk of employment damages claims
  11. New topicInformation beyond your control Investigations lead to personal devices, computers and accounts
  12. Example
  13. Risks of hacking in
  14. Here’s the solution
  15. Here’s the solution