Mode of Delivery of the Service
INSIDE provides its Clients with its own expertise in the field of IT security, and is committed to the providing specific consultancy through its own IT Consultants for the execution of the following forensic analysis activities, with provision of documentation:
- Forensic analysis of the content of the Client’s phone to detect any malicious software directing calls to unauthorised numbers or at higher rates;
- Data recovery from digital media (deleted data and/or hidden data) on devices owned by the Client and transfer of the data to an external device (USB - CD ROM).
The analysis of the information extracted from the device will be based on keywords provided by the Client (names, addresses, phone numbers, etc.) and the consultant’s experience in responding to any questions raised by the Client.
Please note that the Client is required to provide all necessary information to ensure access to the device to be analysed (e.g. passwords, PIN numbers, etc.). If these are not known, INSIDE will apply analysis and/or acquisition methods that may not, however, be exhaustive or complete.
Mode of Delivery of the Service
Our methodology of intervention is specific to the services that our Forensics division offers:
The INSIDE Forensics Division uses the best professional equipment available.
Forensic copies are made using professional equipment that is certified and accredited for legal use. The tools we mainly use include the following:
- FALCON DELLA LOGICUBE: for making forensic copies of hard disks;
- UFED: for the extraction and analysis of data from mobile devices;
- CAINE e SLEUTH KIT - AUTOPSY: for analysis of the data;
- Other tools similarly recognised and established in the field of forensics.
The exclusive use of software tools alone, however, is not sufficient to obtain a satisfactory result, which also requires the significant experience and knowledge of the staff assigned by INSIDE to use them. For this reason, careful and thorough manual checks are also carried out to assess the vulnerabilities found and detect any further security breaches.
Documentation Delivered To The Client
On completion of the analysis activities, the Client is provided with two separate documents containing the information recovered from the devices that were analysed, and the complete analysis procedure that was performed, to ensure the repeatability of the analysis.
The documentation is provided on standard INSIDE document forms, or on templates provided by the Client, without prejudice to the possibility of the structure being modified by INSIDE staff to provide the most complete documentation possible of the analysed material.
Service Provision Locations
The activities described above shall be carried out in the forensics laboratory at the INSIDE headquarters, according to the work plan agreed with the technical manager assigned by the Client.
The activities shall be carried out using laptop computers owned by INSIDE, on which all of the tools used shall be installed and duly licensed. These computers shall also have updated antivirus programs and personal firewalls.
The activities shall be completed within 15-20 working days (unless scheduled otherwise).
This time schedule may be changed based on decisions taken while the activities are in progress and ratified during project progress meetings.
The activities of the INSIDE Cyber Security Division technicians are supervised by a Service Line Manager who is exclusively responsible for the activities, has sole authority to receive all formal communications from the Client and is delegated to participate in the project control phases.