Software from Redmond, Washington always seems newsworthy. This software project was going well and beginning to get national attention. One day the focus turned inward, however. During a test of the project, the boss discovered that the new software was providing links to pornography on the Internet. Ouch! He made solving this problem a high priority and called to provide a forensic investigation of the issue.
Computer forensic imaging and analysis of a server at work didn’t give any clues. Our investigation moved to the exec’s home on a nearby island. We made forensic images of computers, looked at the network and interviewed staff to understand general activity at the home. The answer turned out to be inside a computer at the house. Looking at a timeline of PC activity clearly showed that the problem was house staff surfing the web and a browser that wanted to return to yucky web sites. Wow, a forensic investigation really can provide answers.
It was not a problem with the company software but was a problem with usage of this computer.
There is a security lesson here. The advantage of great network security at work can be lost if a computer can be accessed by your babysitter’s boyfriend. For more great tips on how to secure computers in a world of imperfect humans see: http://securingthehuman.sans.org/resources/newsletters/ouch/2016
These tips are free and can be distributed without cost… but the advice that they have from SANS experts is top notch.