Building a Digital Forensic Laboratory: Establishing and Managing a Successful Facility
By Andrew Jones and Craig Valli; Reviewed by K.J. Kuchta, CPP
Those looking to establish a digital forensics laboratory, should look elsewhere.
*** Building a Digital Forensic Laboratory: Establishing and Managing a Successful Facility. By Andrew Jones and Craig Valli; published by Elsevier/Butterworth-Heinemann, www.elsevierdirect.com (Web); 312 pages; $69.95.
The practice of digital forensics is complex in and of itself. Establishing a digital forensic laboratory requires both hands-on experience in the field and a sophisticated understanding of investigative process management and the law. This work provides some fodder for the would-be lab operator, but it is far from being a complete how-to for such a monumental task.
The forensic investigator must have the critical skill of identifying which data is relevant to the case at hand, and he or she must be able to access and document it while being able to prove later that it has not been manipulated. The investigator can avoid invalidating evidence through proper procedure and documentation.
Authors Andrew Jones and Craig Valli explain that digital forensic evidence must not only be acceptable and credible in a court of law, it must also be understandable.
In the chapter on chain of custody, Jones and Valli explain that hand-signed paper forms remain prevalent in the forensic process, but electronic documentation is growing. They offer no explanation, however, of how to implement critical elements of a system for signing and verifying documents electronically. Other topics of great importance for digital forensics are mentioned too briefly or are omitted altogether. Also, the book’s numerous lists of sources for evidentiary or technical items are often incomplete or inconsistent.
Overall, the authors provide a large amount of information to help a person start a forensic laboratory, and they provide a great amount of food for thought. Given its major omissions, however, Building a Digital Forensic Laboratory should not be relied on as a primary reference for the job.
Reviewer: K.J. Kuchta, CPP, is president of Forensics Consulting Solutions, LLC, in Phoenix, Arizona. He is a member of the ASIS International Information Technology Security Council.