The Fundamental Computer Investigation Guide for Windows
Is Now Available
The Solution Accelerators-Security and Compliance team is pleased to announce
the Fundamental Computer Investigation Guide for Windows, which is now available.
Best Practices and Tools for Computer Investigations
Microsoft customers are facing a rising tide of illegal or improper activity on their
computers and networks. Unfortunately, most IT Professionals in these organizations
don’t have the expertise to respond successfully to this growing problem. They’re
unsure about when to turn the case over to law enforcement if evidence indicates a
crime has taken place. In cases in which company policy appears to have been
violated, many organizations don’t have the right methods or tools at hand to uncover
key evidence while protecting their organization should the case end up in civil court.
The Fundamental Computer Investigation Guide for Windows provides IT Professionals
with information about the best practices and tools they need to investigate suspicious
use of their organizations' computers and networks. The guide helps customers determine
when to turn an investigation over to law enforcement. It provides guidance on how to collect, preserve, analyze, and report on key data they uncover in their investigations—using
methods that will stand up in a court of law.
Developed by Microsoft security experts, partners, and customers, the guide presents
a reliable, 4‑step investigative process based on best practices and proven tools used
by the computer investigation community.
Key Customer Questions Answered by the Guide
· Should I contact law enforcement? If so, which agency?
· How do I look for evidence on a hard disk image that has hundreds of thousands of files?
· How can I collect data remotely without tipping my hand?
· What investigative methods and tools should I use to protect my organization, if I expect this case to end up in court?