Austin-Chamber-Logo

Flashback Data Wins 2011 Greater Austin Chamber of Commerce Innovation Award

For the 2nd time in 3 years, Flashback Data has won the Innovation Practices Award at the 2011 Greater Austin Business Awards in the small business category. We are honored to be recognized for our forward-thinking achievements including our highly acclaimed ASCLD Lab International and ISO 17025 Accreditations.  Flashback Data is still the only non-governmental digital forensics lab in the world to hold this accreditation.  Press Release.

For more information on the awards and a list of finalists please visit: http://www.austinchamber.com/membership/events/signature-events/business-awards.php

You’re Just Using Me For My Services

In forensics, one of the recurring themes we note when talking to professionals – both in the electronic evidence field and in other professions – is the calculus between client sophistication as a consumer of their profession and the quality of the service they can provide.

It’s not unusual for us to get a call from an attorney directing us to perform a specific task in a specific manner. When the client knows (i) exactly what they’re asking for and (ii) exactly what they will get back, everyone is happy. The challenge comes when what they’re asking for won’t result in what they want.  Too often, this is because the client wrongly believes he is asking the right question or using the right methodology to attain his goal. Nearly every attorney is aware of electronic evidence, but often only casually so.

For example, let’s say someone is facing discovery in a lawsuit. Counsel recalls a continuing education seminar from the previous year talking about “deleted isn’t really deleted” and something about “how to use keywords effectively.” Before you know it, he’s drafted and negotiated an entire discovery plan without help.  And by the time we’re involved, it’s an agreed Order signed by a judge. And it stinks.

Having some familiarity with a skillset and its complexities, and recognizing (i) one’s own relative inexperience and (ii) the consequences of making mistakes, are the things that drive a person to use professionals in the first place.

A colleague recently related a story that illustrates the above perfectly. His front lawn had begun to look a little shabby and he told his wife they needed to do something about it. “We’re not going to spend a bunch of money on a landscaper for such a simple job!” she replied. After a lot of digging and scraping, there was an uneven, ragged trench in the yard. Realizing that some DIY had made it worse, they called a landscaper, who fixed the problem and exceeded their expectations in the process. They underestimated the difficulty of the project and the degree of skill necessary to complete it. The cost of hiring someone seemed prohibitive because of this miscalculation. When they saw the situation more clearly, they realized the cost-benefit worked out in their favor.

It seems that when a client is aware of the limits of their knowledge, they accept a professional’s expertise much more readily. Another good example is a surgeon – most of us would never think to perform our own surgery on a loved one because we are aware of our ignorance of medicine and the potentially fatal repercussions of any mistake.

When we are deeply knowledgeable about a subject, even though it may not be our profession, we lean to the other side of the equation. There are a great many people that repair their own cars, for example, while not being certified auto mechanics.

It is the middle ground – when we have a casual familiarity with a subject – where the danger lies. We overestimate our skills and underestimate the project, leading to disaster. Even having faced disaster, we feel as if we have learned enough from our mistake to avoid making another. This new enlightenment isn’t enough to clear the hurdle and we end up in another disaster.

The key is for professionals to accurately assess the sophistication level of the client and then to inform without offending. Clarify their desired objective and propose the methodology you think is best to achieve it. Find out what they want and then tell them what they need.

1 finger, 2 fingers, 3 fingers

Making things easy for the customer

Data Recovery and Computer Forensic Examinations are relatively new concepts compared to the Rubik’s cube. The services we provide are incident driven and are usually only needed when a disaster occurs. The person experiencing the disaster usually has very little time to research and explore. Thus, it requires them to go off of a referral, scan the internet, or pull out the yellow pages without really understanding what is all involved in the service and what are the potential outcomes after the service has been provided.

With all new concepts, a degree of education has to take place for customers to understand the value. Visualization is one of the best vehicles in offering education to customers. What happens when you’re discussing data recovery or computer forensics over the phone, through an email, or to a potential customer that is a couple of states away?

Process, positioning, and wording are critical when you’re under a tight timeline and a frantic customer. We have seen businesses make the process to interact with the customer almost impossible or at the very least frustrating with automated dialing, excessive paperwork, or too many processes for payment.  The business usually has the best intentions for the customer and provides these steps to assist the customer with either speed, security, or to give them as many options as possible. Positioning is also an important factor. Positioning the company as A) We will take any clients, or B) We will only take qualified clients makes a difference. Companies that run through scripts and don’t fully understand the capabilities of their products or service to match it to the prospective clients usually take any client. This usually positions the company as a drive through vendor. Companies that qualify their customers usually address the customer’s exact concern, which positions the company as an expert.

Wording plays a role in positioning. Usually, big words can be sniffed out pretty quickly as B.S. and the customer will not understand the value. We like to use words or tell stories to show the customer the value. Explaining how a hard drive is like a jet airplane flying a mach 3 four feet off the ground with little room for error gives more meaning to a client than a hard drive is a sensitive storage device with moving parts that may fail at any given time.

At Flashback Data we have examined our processes throughout the six years and have come to the realization that easier is better. I believe Michael Jackson and the Jackson Five says it best with “easy as 1, 2, 3”.  We have changed our process to three steps: 1 –We evaluate the device;  2 – We give a quote for the work; and upon approval 3 – We recover the data. Not only are we walking the customer through the process, but also visualizing our process and paperwork with the 1, 2, 3 steps. This allows the customers to have an expectation as well as it keeps them dialed in on where they are in the process. This will be available manually or automated via our Client Portal depending upon the customer’s preference. All incoming inquires will still continue to receive live, qualified personnel to answer their specific concerns, but the simplification in our process allows for our qualified personnel to have a further reach with incoming inquiry.  Flashback Data’s approach is continuing to be recreated and made as simple and visual as possible, so that the difficult concept of data recovery and computer forensics are easy to understand.

men in a meeting

We know how to grab it

Neil: ”How do you get this information?”
Kelso: ”It just comes to ya. This stuff just flies through the air. They send this information out, I mean it’s just beamed out all over the damn place. You just gotta know how to grab it. See, I know how to grab it.”

 

Our attorneys are frequently called upon to review motions or consult about the scope of discovery in a case. A lot of the time the advice we give isn’t big science. Unlike paper, electronic information is everywhere. In fact, multiple copies of the same information tend to live in multiple places at the same time.  Our job is to help you grab it.

 

Much of the time our clients come away with simple wins just by thinking through, say, how folks use technology in their lives, or how an employee conducts her business in a company. For example, lawyers ask for email, but more often than not it turns out what they really want is all electronic correspondence. Because it turns out a key employee also did a lot of text messaging at work, and online chatting. And she also sent messages to clients and coworkers through Facebook. And she frequently used her internet browser to send webmail through Yahoo!

 

Deleted email? Not ideal, but you still have aces in your deck. Can the deleted data or data fragments be directly recovered from the hard drive? If not, what about those backup tapes the company used to copy its mail server each weekend? What about reviewing the employee’s Sent folder? Did she delete incoming emails but forget to delete her replies to those emails?  Most people do.

 

What about other computers? There are at least two parties to every communication. Did you think about checking the recipient’s computer? What about the employee’s personal email accounts, thumb drives and a laptop? After all, you have evidence she may have used these to receive the 900 stolen documents she emailed herself in the days before she was fired.

 

Did the employee have an iPhone or a Blackberry? (Nods.)  Excellent! Phones are great sources, not only because they hoard data and sync with just about everything, but also the privacy expectations of their users tend to be high. Our suspect probably gets right to the point in communication, manages her data more carelessly, etc. There’s also a good chance she configured her phone to sync with her email account at the company. Maybe she also connected the phone to her office computer each day to charge it and keep her calendar and music organized.  If so, that may be a big win, since there are now probably a bunch of iPhone backup files sitting quietly on her computer, and data that is long gone from her iPhone may still exist in one of those backups.

Etc.  Etc.

 

Again – none of this is big science. It’s just an appreciation that computers and cell phones have become like third kidneys in our 21st Century society. Data is everywhere:

 

Office / Home

  • Desktops, Laptops
  • Mail & document servers
  • Palms, Blackberrys, iPhones (text messages, voicemail, calendars, GPS data, app-related data)
  • Portable storage devices (thumb drives, external USB drives)
  • Backup tapes, floppy disks, and optical media (CDs, DVDs)
  • Network copiers / printers / scanners
  • Online data storage
  • Voicemail

[Edited to add shameless plug.]  P.S. If any of the above clicks like a mofo, fails to power on, gets fished out of the employee’s toilet, or ends up doused with alcohol and set on fire – remember the guys in Austin have an app for that, too!  It may not be elegant. It may be that they end up building Frankenstein to get it breathing again. But they’ll get what you need.

 

2011.

customer

It’s All About the Customer

It’s midnight and you’re working against a deadline, trying to finish your taxes or edit those last wedding photos and suddenly, the unthinkable happens. Your computer can no longer see your hard drive. What happens next? If you call a lot of data recovery companies you may get a series of annoying menus, a far away call center, or some guy working out of his basement. Not what you need in a time of crisis.

If you call our number you’ll get a Flashback Data team member on the phone 24/7, 365 days a year. After business hours we might be at the grocery store, a soccer game, or even in a hunting blind, but we’ll pick up the phone. We’ll take the time to answer all your questions and get the data recovery process started right away. The personal attention doesn’t stop there. What we lack in overhyped marketing glitz we make up for in service. A Flashback Data representative will guide you through the entire data recovery experience from intake to the final shipment of your recovered data. We’ll call you throughout the process with a personal explanation of your results, and we’ll monitor your job multiple times a day to make sure it is flowing through the queue. In short, we’ll go out of our way to make sure that every customer has an exceptional experience with Flashback Data. Just ask the thousands of satisfied customers so far. You can view some of our positive reviews here.

CPE1704TKS

We love movies, but it’s probably because of Hollywood that we get at least a few calls each month asking us to brute force someone’s password.  Folks want to know how much we charge, and can we finish by Thursday? 

Sadly, brute forcing passwords is not like the movies.  In WarGames, the WOPR brute forced the “CPE1704TKS” launch code in a few hours.  Makes for high drama, but the reality is a 10-character password using only uppercase letters and numbers has 3.7 quadrillion possible combinations.  Even being kind and allowing that a 1983 supercomputer could test ~48,000 unique password combinations per second (approximately same as today’s technology), it would have taken WOPR about 2,415 years to get it.

But we know what you’re thinking.  That’s nuclear launch codes.  What about my Facebook password?  How computationally secure is my Facebook page against an all-out brute force “racc-a-tacc” by a supercomputer?  What about a dedicated rack of 1,000,000 secret government supercomputers???  I’ve seen Enemy of the State!

Well, putting aside for a moment things like entropy, rainbow tables, and those unethical Facebook employees who admit to stealing your account login from time-to-time to snoop photos, the answer is – it depends on your password.  For example, the “bigboy1” you use for your fantasy football page isn’t nearly as strong as what your IT manager gave you to access the company’s network.  Something like “A$r1;05q6,” right?

By definition, a brute force attack eventually gets it right.  But believe it or not, how long that takes everywhere on Earth except Hollywood gets real big real fast.  Into the billions, trillions –even MILLIONS—of years!

To give a little perspective:

password cracking table details

Longer, more complex passwords get even more ridiculous.  So it’s easy to see why your gym membership requires a 4-digit pin and your online bank requires 12-characters using at least 1 upper case letter, 1 number, and 1 symbol.

Of course, if you’re like most folks, this is all academic because your arsenal of complex, super-strong passwords are all saved in one unprotected document called “Passwords” someplace on your C: drive (so you don’t forget them).

If NORAD’s IT guy was like most folks, WarGames would have been a lot shorter.

New Kids On The Block – Top Five Data Recovery Company in the US

Flashback Data was founded in 2004 as the A-Team or SEAL Team (depending on what generation you are from) for the IT industry. We are laser focused on data recovery and computer forensic investigations which have allowed us to stay on top of recovering evolving technology such as flash memory and solid-state drives.

We find it very interesting that other data recovery competitors continue to market themselves as the oldest recovery company. Recovering media back in 1980 gives no relevance to recovering data from media developed in 2010.  However, the age of the company does show that they understand their customers.  Flashback Data is continually working to ensure that each customer has an exceptional customer experience.  We innovate our customer experience in ways that the bigger data recovery companies have not by being the first to offer online access to the status of your recovery and always having a human answer the phone (no frustrating menus or call centers.)

We were recently evaluated by Top Ten Reviews and not only chosen as one of the top ten recovery companies in the country, but we were selected within the top five.  Flashback Data was the youngest company out of all ten selected.  The criteria used to evaluate the companies were drive recovery effectiveness, service plans, ease of use, speed, help and support, and data security.

Help and support, recovery effectiveness, speed, and data security were Flashback Data’s highlights from the evaluation. The future looks bright for the us at Flashback Data as the verdict from Top Ten Reviews was quoted, “Solid Company with versatile products and services.”  We are not only on the cutting edge for recoveries, but we also have proven that we understand our customers.

ASCLD logo

Flashback Data receives ASCLD/LAB International Accreditation

Flashback Data is proud to announce that we have received our ASCLD/LAB International accreditation. This makes us the first private/non-government organization in the world to be accredited for digital forensics. This puts our digital forensic lab at the same standard as the FBI’s digital investigation labs. We have been working hard on this and are extremely excited by the opportunity to broaden our client base.

Sifting for Gold in a River of Gold-plate

Most investigations begin with a suspicion. Someone suspects that something has occurred on a computer and wants to determine what it is or what significance it has. Sooner or later, the computer ends up in our laboratory for examination. Whether it’s “sooner” or “later” may have a dramatic impact on the complexity and corresponding cost of the investigation.

Suppose, for example, that you suspect that an employee may be stealing company secrets – intending to work for a competitor. You make a mental list of competitors that might be interested in your intellectual property and set to work to confirm your suspicions.

You search through the internet history visible from within Internet Explorer during the evenings, after they have left work. When you don’t recognize a site, you visit to determine what it is.

You enter the names into the Windows Search box to see if anything comes up and review any document with any results in it.

You browse through folders on your network that contain your files and try and determine if the “Last Accessed” date is later than it should be. You open any document with a “Last Accessed” date later than you expect and print it.

Whether you think you’ve found it or not, you realize you should hire licensed investigators to prepare a legal case and the computer works its way to us.

You explain your suspicions, provide us with a list of competitors and relevant access dates and project names. We begin our investigation.

Almost immediately, we find a slew of relevant data.  Indeed, it seems as if everything you’ve suspected is present on the computer! This computer was used to search for your project names, research your competitors, it accessed many sensitive documents on your network – we may have a suspect!

During a conference call with you to report our preliminary findings, you mention that these were all your actions. Here’s the first problem – are they all your accesses? In order to determine that, we need to know when you accessed things and what you did during those times.

You think back and try and recall what you’ve done, but you never made any notes about it – was it you who searched that term on that date?

As you can likely conclude, not only does this complicate the investigation itself, but it can be a nightmare in court. The opposition’s counsel can call into question every unfavorable result as a potential “contamination” by you – rather than unauthorized activity by the employee. With enough ambiguity, even a winning case can be lost to doubt on the jury’s part.

REMEMBER: If possible, do not access a device you intend to have investigated. If you must access it, document the start and end times (according to the computer’s clock) and exactly what actions you’ve taken.

Flashback Data Wins 2009 Small Business Innovation Award

Last night in front of hundreds of businessmen and women of Austin, Flashback Data took the first award of the night in the Small Business Innovation category at the 2009 Greater Austin Business Awards. We are very excited to be recognized for our hard work in innovating our industry’s technology and processes. This is a big step forward for Flashback Data to continue our mission of providing outstanding service and fantastic customer support.  We would like to thank the whole team at Flashback Data and everyone who has supported us throughout the years.

 

 

2009WinnerInnovation-278x300