IT Forensics, Infrastructure and Security

Finding and eliminating faults is an essential task of IT forensics. Ideally, these can be prevented in principle, for example by appropriate preventive measures. It is equally important to classify which company data is particularly sensitive/safety-critical and thus interesting for external access. Whereas hackers have so far focused primarily on technical information and payment flows, details of the organizational structure and personnel data of potentially enticable specialists are now regarded as targets for attacks.
The question of the modus operandi, who did what and when, then consumes IT resources to a large extent when searching for the corresponding data leak. Especially private devices that are wirelessly networked are much more difficult to control than local networks. Even data rooms such as the cloud, external servers and different communication platforms are considered far too rarely in terms of IT forensics.
In summary, this is referred to as shadow IT, i.e. those parts of the IT infrastructure that are not subject to permanent control. The data process is substituted from the USB stick through smartphones to the home office. Employees are used to and dependent to no small amount on having access to functional, comprehensive and high-performance applications at all times.
In addition, data leaks are repeatedly caused by internal perpetrators, i.e. employees who deliberately or negligently misuse information. This can be browsing of questionable websites via the office computer or the use of private devices that connect to the company network via WLAN and can thus also infiltrate viruses.