When an employee steals sensitive data from a company it can cause irreparable harm to the reputation and finances of that business. When these events do occur, there is recourse available. In the process of performing a digital forensics examination, it can be determined what data was taken, how it was taken and who took it.
Data theft can take multiple forms, including stealing data internally from issued company computers and mobile phones or using personal devices to store work product. Data can even be exfiltrated from a company externally after an employee has left the organization by connecting to shared drives and cloud accounts.
Whether intellectual property was stolen using complex means, or through a simple exfiltration by emailing sensitive data to personal email accounts or uploading it to personal cloud storage, these methods all leave forensic artifacts on electronic devices that can be utilized as evidence in litigation.
Speaker: Jason Conley, CECI, Digital Forensics Examiner, Envista Forensics