Skip to main content

Advances, Systems and Applications

Journal of Cloud Computing Cover Image

Table 3 Expert reviews of the technological factors

From: Experts reviews of a cloud forensic readiness framework for organizations

Factor Expert Comment
Cloud infrastructure C In order to facilitate potential digital investigations and be forensically ready, organizations should prepare the underlying infrastructure to support digital forensics”.
B Infrastructure has a direct impact on forensic readiness, so cloud infrastructure should correspond to digital forensics requirements”.
H “It is important to prepare the infrastructure, but it is very difficult to amend it to fulfil forensics requirements”.
I Historically, security and forensics by design have proved to be efficient and necessary approaches to provide sound forensics services”.
F This is important to consider because of the chain of custody: it’s necessary to trace every location of evidence”.
Cloud architecture B Excellent architecture means excellent readiness for forensics”.
D Correct architecture is required, as the digital forensic operator may not be involved and this piece is provided by the relevant ICT structure within the organization”.
C Cloud architecture is required to facilitate extra information (e.g., logs, flows) to corroborate findings”.
J The architecture has to support the running of processes”.
K Correct architecture is important, as it standardizes the data flow, which means that it is far easier to track and retrieve”.
Forensic technologies C Although a good analyst can make do with existing tools, up-to-date forensics technologies are very important”.
J The type of technology we choose determines if we can get credible evidence or not”.
K Without cutting-edge gadgets, the forensics process is going to be difficult to conduct”.
E I believe that forensic technologies are very important since those technologies will be the enablers of cloud forensic readiness”.
I Given the distributed nature and massive computing technology, forensics technologies need to be designed in a way that takes advantage of the computing power and encapsulates intelligence to serve forensic acquisition, examination and analysis”.
Cloud security B Security is a very important part, specifically for a forensics team, as it can provide them with a secure environment in which to conduct their investigation”.
E Obviously, security is still important because security measures are often more proactive than digital forensics measures”.
C Security helps eliminate false positives if properly configured, understood, and monitored”.
H Forensics and security bodies need to work together to gather evidence in a secure and forensic manner”.
G When security and forensics teams work together, it can assist in evidence correlation and integration between incident handling and digital forensics practices”.