Being the ‘data experts’ that we are, we get called to test and validate procedures revolving around data security and destruction quite often. With our advanced knowledge of file systems and data structures, we can test your data security or sanitation policies and provide you with written affidavits or certificates as needed.
We provide 3rd party validation for OEM’s looking to test their drive sanitation policies within their service centers. We also validate hardware sanitation devices for many hardware manufacturers.
Validation is important for laboratories so that they can be trusted to produce accurate results every time. At Flashback Data, we can check your data security or sanitation policies to make sure they are reliable and precise.
Principles of Digital Forensics Testing
The basis of digital forensics is being able to repeat processes and obtain quality evidence. If the results are not accurate, then it is difficult to trust the laboratory and company. Digital forensic test results need to be repeatable and reproducible to pass as electronic evidence, according to the National Institute of Standards and Technology (NIST).
What is Repeatable and Reproducible Evidence?
Repeatable evidence means there are always the same results when the same process is used with the same test items, operator, and equipment inside the same laboratory. Reproducible evidence means the same results are produced with the same methods on the same items but in a different facility with different operators and equipment.
How Does the Daubert Standard Connect to Forensic Validation?
The Daubert Standard is a legal guide that can be used for software and tool validations. In the ruling of Daubert v. Merrell Dow Pharmaceuticals Inc., there are five questions that influence the reliability of a scientific method:
- Has the method undergone any empirical testing?
- Have peers reviewed the method?
- Are there standards to control the method’s operation?
- Does this method have a potential error rate?
- Has the scientific community generally accepted this method?
This ruling was not directed toward the digital forensics field and validation, but it is useful as a starting point. The ruling also recognized that scientific principles should be flexible and should be the product of reliable methods and principles, which means that although a method may be lacking peer reviews or have acceptance from the community doesn’t mean it’s not valid.
Other Factors to Consider in Validation Testing
Another factor of validation testing is that it examines precision, accuracy, and sensitivity. This also connects to reliability, reproducibility as well as robustness. When data is not accurate and reliable, it is difficult to be accepted in court cases, because digital forensic data is scrutinized in court to ensure that it is admissible evidence. When items are tested, they should always yield accurate results no matter the facility. A strong method should fit all of these standards.
Expert Forensic Witness Testimonies
Expert forensic witnesses should be able to uphold the data recovered and be capable of explaining the evidence in a way where the court will understand. They should have confidence in the subject and in telling the story that the recovered data produced. This helps with cases involving digital forensic evidence because each aspect supplements each other and creates a more solid case together.
Importance of Digital Forensics in Law Enforcement
Law enforcement has used digital forensics since the beginning to recover evidence to support investigations. As technology continues to develop, the more of a digital trail people leave on the internet. Peoples’ movements on the internet and on their computers is no longer private. Databases store information about everything, so it can be easy to retrieve information on every detail about people. Finding a trail that can support an investigation could be the evidence needed to prove a case. Therefore, it’s important to have reliable and accurate digital forensics systems.
Having accurate equipment and methods to repeatedly produce reliable and precise results is important to a data forensics organization because it improves the company’s reputation and trustworthiness. Good, experienced forensic witness testimony brings more meaning to recovered digital data in a court case because it helps explain the evidence and proves the evidence is reliable. At Flashback Data, we can help test and validate your procedures to help you improve your services.