Monday, 30 July 2012

CCTV Forensics in Malaysia

Last month (12 June 2012), I’ve posted that I’m gonna devise An Analytical Framework for Digital CCTV Forensics and Data Recovery as part of my research. Please refer to the link below if you hadn’t read before.

This idea came as part of my years of experience on the ground as a practitioner in digital forensics. Please refer below link if you want to know about me…not personality or whatsoever…hahaha…but for my work and contribution in digital forensics especially in Malaysia.

And yesterday, I’ve read an online article by Nicholas Cheng on “More homes with CCTVs now”. Fyi, Nicholas works with The Star, the famous and biggest circulation of newpaper in Malaysia. Below is the link if you wish to read further and I’m adding an excerpt of it.

“PETALING JAYA: Concern over house break-ins have led an increasing number of middle-income urbanites to install closed-circuit television that allows them to observe what is going on in their homes even when they are away.
Security equipment distributors said most of their customers are middle- income people living in terrace houses, condominiums and flats who pay between RM3,000 and RM10,000 to install a default package of eight cameras, a television set and a DVR recorder.
Market prices for CCTV cameras range from RM150 to RM600 a unit. A basic DVR recording device costs around RM1,500.
Checks by The Star showed that homeowners usually had CCTV cameras installed in the porch, side and back areas, living room, kitchen, stairs and bedrooms.”

Well, I’ve seen it earlier, you’ve got some CCTV solutions but who’s gonna process it so that the digital video with timestamps could be accepted as an exhibit in the court of law.

Of course we need the CCTV as a solution but it is not enough if the video file extracted is not forensically sound and according to legal requirement/proceeding.

We need a CCTV forensics framework, isn’t it?

Think about it.

Ps: The picture of this post was taken from CyberSecurity Malaysia e-security bulletin.

Sunday, 8 July 2012

Tips on Developing an IT Security Policy

As of 22 June 2012, I’ve written 100 posts on my blog; mainly on digital forensics. It is not easy though. You need to do experiments. You need the facts.

And now I’m busy doing forensic analyses on mobile phones. I do not have much time left to update my blog and write up for publication. Hopefully, I will be successful on my “Mobile Phone Forensic Data Recovery” research. This should be the last few experiments that I need to do for this year.

Today, I want to share on an interesting article by Joe Schembri from University Alliance, my guest blogger. Joe has over 10 years of IT experience including 4 years of IT security. Today, he works with University Alliance and CISSP certification prep courses.

There are obviously many factors to consider when developing an effective IT security policy. Just as when considering home security, inherent vulnerabilities and specific unique factors must be weighed carefully. Identifying parameters like the most critical assets to protect, potential threats, and specific intruder profiles can assist in making security stronger and computer systems less penetrable.

1. Mission and Policy Cohesion
The mission of an organization is important to consider, especially if you are brought in as a consultant with limited knowledge of the corporate culture before the initial consultation. The terminology you use to introduce the project, the manner in which you approach team leaders, and the assets considered most valuable will vary from organization to organization. Effective communication and background knowledge will help build a team dynamic between departments collaborating on the policy.

2. Items to Protect
Part of the IT policy provider’s job is to educate the stakeholders in items they may not consider. Whether it is increasing building security, decreasing after-hours access, enhancing employee responsibility, or initiating the discussion for improved server security, the policy needs to be logical and comprehensive.
From a security perspective, your insider knowledge may be “common sense” to you since you are immersed in these situations with clients every day. For an executive with limited knowledge of more stealthy threats, time is needed to share that information so that informed decisions and more effective policies can be developed and proceed smoothly.

3. Use Data to Convince Stakeholders
When building your case for increased security or specific additions of items in the policy document, use industry examples and other pertinent data. Logically building your case gives managers information to take back to their teams, especially when you are introducing change into employee behavior or corporate culture. The same rule applies for working within a family or civic organization to improve security. People are much more likely to change a routine behavior if they have a tangible example to illustrate how the change will benefit the organization, family or company. Larger organizations will have more at stake, but no matter the size of the organization, using examples, case studies, and other pertinent data in an accessible team-oriented way can greatly contribute toward personal engagement.

Today’s threats to cyber security are constantly evolving in both scope and complexity. Mitigating the threats involves staying current on the issues, but also being able to effectively communicate about the threats in ways that are accessible to all members of a team. While policies can frame the best practice solutions to today’s ubiquitous IT security challenges, the policies are only as strong as the stake-holders’ actions regarding policy protocol. When every effort is made to keep the communication inclusive, informative, and collaborative, the resulting policy has shared ownership. In such an environment, the policy becomes dynamic and continually evolving, supported by many as a way to keep shared assets safe for the good of the entire group.