“Mathias Thurman,” a real security manager whose name and employer has been disguised for obvious reasons, wrote in the May 21 edition of Computerworld [www.computerworld.com/s/article/9227254/Red_Alert_for_Child_Pornography] that an administrator, during a training session with an employee on how to manage the organization’s antivirus infrastructure while reviewing the reports of machines with infected files, spotted what appeared to be a very suspicious file with a “.mov” extension. This particular employee had an MOV file on his G drive with a name that indicated the video potentially involved child pornography. The file was found to be on a device of an employee located in Europe. Thurman posed the question whether an MOV file with a highly suggestive name is enough to kick off an investigation into what is on an employee’s PC. He went on to discuss the various legalities and issues that would surround such an investigation. This all-too-real scenario is out there, lurking, waiting
Tuesday, 04 December 2012 23:21
IT Strike Force: Establishing a Cyber Forensic Response StrategyWritten by ALBERT J. MARCELLA Jr., Ph.D., CISA, CISM
Leave a comment
Make sure you enter the (*) required information where indicated. HTML code is not allowed.