According to recent reports*, each day there are over 108 reported cybercrime** attacks in New Zealand, including theft of important company intellectual property (IP), as well as the misuse of company computer systems for purposes other than performing the employee’s assigned tasks.
Most employers at some time will have the uncomfortable experience of suspecting employees of being involved in cybercrime as defined above.
To prove these suspicions to enable formal punitive or restorative action a formal, forensically sound investigation of the appropriate servers, PCs, mobile phones or tablets is necessary.
The cost of such an investigation is of course fully justified in the event that the suspicions are proved and evidence found.
If no evidence is found then the investment is lost, although proving the employee is innocent.
An employer must therefore essentially gamble the forensic investigation fee to determine whether the employee is guilty.
An indicative preliminary examination to prove or disprove management suspicions of wrongful activities
What is CheckIT
CheckIT is a unique service created by Computer Forensics NZ Ltd, designed to provide information to assist you as an employer, or you as a legal professional, when suspicious, in making an informed decision as to whether further action such as litigation and a full, formal forensic investigation is required. It is a preliminary examination, used for instance when an employee is suspected of misusing company computer/device resources, stealing valuable intellectual property, or similar.
A CheckIT examination will survey all appropriate data files, email repositories, deleted files, and registry details of the use of USB and other removable media
We investigate the computer/device used by the employee (covertly if necessary) and provide a statement as to whether the suspicions are justified, and whether a full forensic investigation will result in definite, incontestable evidence.
When to use CheckIT.
When an ex/employee is suspected of passing on confidential, valuable intellectual property to unauthorised third parties or other wrongful acts. This can often be to competitive companies.
When the decision is made to examine the PCs of key employees who leave the company for whatever reason. This policy has been found to provide disturbing results!
When it is made clear to all staff that random PC/phone/device audits will be carried out on a regular random basis to determine unauthorised handling of company IP. Such examinations are carried out in a public manner and act as a strong deterrent.
* Symantec Internet Security Threat Report (2016)
** Cybercrime is defined by the US Department of Justice as any illegal activity using a computer or storage device for commission/transmission of the activity,