Stroz Friedberg deploys staff and equipment rapidly to multiple national and international locations, often simultaneously. Our professionals are equipped to harvest electronic data associated with dozens to hundreds of computer users.
This data can be harvested from e-mail and file servers, desktops and laptops, as well as home computers, removable media and PDAs. We design protocols to search for information relevant to the inquiry at hand.
Our expertise in rendering consulting advice and structuring a protocol in advance of harvesting allows clients to make more accurate representations to regulatory agencies, courts or other interested parties regarding the time-frames necessary to produce responses. By targeting and producing exactly what counsel required our clients save time and money.
We have deftly helped lawyers in these matters with both “electronic discovery” services (identifying, searching and producing easy-to-access documents and e-mails) and forensic processes (using forensic software and expertise to search for deleted or unsaved documents or e-mails, and profiling computers for data wiping, mass deletions and other obstructive behavior).
When computers must be harvested or forensically imaged covertly – to avoid ruffling political feathers or to protect a sensitive investigation – Stroz Friedberg is able to do so discretely and remotely over the client’s network with specialized forensic tools, without physically touching the targeted computers, and without the computer users’ knowledge.
Some detailed examples of our experience include:
- Preserving and harvesting files and forensic data from over 1000 desktop and laptop computers, and conducting imaging of live multiple mission-critical, multi-hundred gigabyte file servers across the country over a 22-month period for a large corporate client in response to a financial investigation by federal authorities.
- Deploying seven forensic examiners to the West Coast for several 100-hour-per-person weeks to locate existing and deleted workstation-based and server-based e-mails and documents relating to a high-profile conflict of interest scandal, addressing serious encryption issues relating to the e-mails of certain subjects, and then key-word searching all retrieved data for terms pertinent to the investigation.
- Using enterprise-level forensics to covertly image our client’s network of 50 computers in four East Coast locations, as well as harvest server-based e-mails, home-directory-based files, and public-share-based documents in an internal investigation relating to fraudulent conduct in the financial services industry.
- Imaging, preserving, key-word searching and producing e-mails from six e-mail servers in three countries in support of an internal investigation of misappropriation of funds and ultra vires action at a large corporation.
- Deploying eight forensic examiners for three weeks, working on a 20-hour per day basis, to covertly image, key-word search, and forensically profile the computer data of 25 users on the East Coast and Europe for an internal anti-trust investigation. We were able to image dozens of computers over the client’s network notwithstanding complex firewall and networking issues that were exacerbated by a cumbersome outsourced IT function.
- Harvesting and key-word searching active and forensic data from approximately 275 desktop and laptop computers, and collecting home-directory-based as well as e-mail-server based data for 100 computer users for an Audit Committee investigating alleged accounting abuses at a large corporation.