Advances, Systems and Applications
Table 4 Expert reviews of the legal factors
From: Experts reviews of a cloud forensic readiness framework for organizations
Factor | Expert | Comment |
|---|---|---|
Service Level Agreements (SLAs) | A | “This is one of the main issues these days, as cloud forensics are considered afterwards – guidelines on to what extent a provider will assist with or take ownership of issues”. |
J | “Readiness involves mainly monitoring and collecting personal information. It is important to have an agreement prior to implementing this aspect”. | |
K | “As the cloud is shared between consumers and providers, SLAs form a critical part when it comes to stating the roles and responsibilities of each party”. | |
D | “We need to be able to obtain the digital evidence; if we are not able to do so, then we may not be able to fully investigate the crime. If we do have SLAs that include forensics scenarios, then we have the evidential requirement to support the investigation”. | |
I | “The geographical separation between clients and the CSP is one of the main challenges in defining SLAs. SLA assessment and standardization might be needed to preserve the digital data in a forensically sound manner and to preserve the rights of both the CSP and clients. Enhancing SLAs definitely needs to be considered in the readiness framework”. | |
E | “It is not crucial but very important to have SLAs in place because the proactive nature of cloud forensic readiness might impede the productivity of a system due to the additional overhead that cloud forensic readiness is prone to exhibiting”. | |
Regulatory | A | “Regulatory compliance is a very important factor to consider in this framework; organizations and CSPs need to comply with laws and regulations to avoid regulatory and financial consequences”. |
L | “The absence of regulations produces many different explanations for the same matter, while in these situations, consumers are the big loser”. | |
D | “If we do not follow the regulatory codes or ISO or others, then potentially our evidence will not be available in the criminal justice process”. | |
Jurisdiction | F | “The physical borders in the cloud are not clear, so it is necessary for possible perimeters and related laws to be drawn or proposed”. |
J | “Though each jurisdiction varies, this is an important aspect in ensuring that crimes are prosecuted per the jurisdiction”. | |
E | “Multi-jurisdiction is very important to consider in cloud forensics because the nature of public clouds often spans multiple jurisdictions, which may have different laws. However, it is not absolutely crucial because I think most organizations are focused on their own jurisdictions with some disregard for others”. | |
I | “The geographical separation between clients and the CSP is one of the main challenges in cloud forensics. Multi-jurisdiction assessment and standardization might be needed to preserve the digital data in a forensically sound manner and to preserve the rights of both the CSP and clients. Multi-jurisdiction definitely needs to be considered in the readiness framework”. |