Naqvi S., Dallons G., Ponsard C., "Applying Digital Forensics in the Future Internet Enterprise Systems" - European SMEs’ Perspective, Fifth International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE), In conjunction with the IEEE Security and Privacy Symposium, Oakland, CA, USA, May 16-20, 2010
Digital forensics techniques are still seen as specialized tools for cyber police. Likewise, until a few decades ago, computer and network security had a perception of defence utility for military establishments. But now computer and network security has become a commodity of every corporate system and home PC. Today’s businesses are feeling the need of efficient monitoring mechanisms to protect them from emerging commercial threats such as competitor analysis and steganalysis. Enterprises in the United States have widely embraced the digital forensics technology ; however, European enterprises especially small and medium enterprises (SMEs) have yet to tap the potential of this technology. The European Commission initiative of Future Internet Enterprise Systems (FInES) presents a promising new era for enterprise innovation. However, existing enterprise security solutions and practices generally concentrate on the pre-incidence measures i.e. attack preventions with virtually no considerable approach for the post-accident scenarios. This article presents a framework of digital forensics for SMEs and evaluates the scope of various methodologies and tools for these enterprises. It also presents a detailed analysis of the risks to the competitive-edge of the companies that will not employ the forensics solutions to protect their business interests. This work also provides a high-level roadmap for the adaption of digital forensics in the emerging core business technologies such as cloud computing and virtualization infrastructures.