CSI SQL Server

Methods for collecting digital evidence

Contemporary information systems, such as eLearning, eGovernment, eUniversity, eVoting, and eHealth, are frequently used and misused for irregular data changes (data tampering). Those facts force us to reconsider our security measures and find a way to improve them. Proving a computer crime act occurred requires very complicated processes that are based on digital evidence collecting, forensic analysis, and an investigation process. Forensic analysis of database systems is very specific and demanding task, and it was main inspiration for writing this article. In this article you will find information about what digital forensic is and what kind of methods you can use for collecting digital evidence on SQL Server. Some of them are efficient and some are less efficient. Also, I will cover SQL Server Audit feature

Business processes produce a large amount of data in government agencies, universities, and enterprises on daily basis. Therefore, having a secure environment for storing a data is imperative. Cases in which data is maliciously modified (e.g., data tampering, data fraud, unauthorized data gathering) can produce serious, long-term consequences. Data tampering can be done with unauthorized access, and in some cases through authorized users. Results of that action can be unpleasant for both businesses and their clients.

For example, a highly “motivated” candidate for data tempering can be a medical person. A physician gives a diagnosis and prescribes therapy with or without the use of medications. Unintentional or intentional mistakes in that process can produce serious complications and can even result in the death of a patient. In order to cover his actions, the physician might try to modify a patient’s medical record and add some extra notes or prescription.

To Continue Reading: Click Here
------------------------------------------
Source: sqlmag.com
By: Jasmin Azemovic