Simplifying forensic investigations: 10 questions to ask

Featured eBooks
Changes in State and Local Government Workforces
NASCIO Special Report 2024
A New Era of Social Media Regulation
Insights & Reports
Unlocking digital potential: Strategies for modernizing government services
Presented By Adobe
Download Now
Unlocking public sector potential
Presented By NTT DATA
Download Now
By Maurice (Mo) Cook
 

Connecting state and local government leaders

By Maurice (Mo) Cook

|

To run more efficient forensic investigations, IT managers must uncover, manage and leverage all the data extracted from smartphones, computers and the cloud.

The overwhelming number of mobile phones and computers flooding crime labs are creating a major problem for agencies conducting forensic investigations. Data overloads are causing huge bottlenecks in investigative workflows, which slows time to evidence and ultimately leads to fewer cases being solved. It also places additional pressure on understaffed agencies, which in many cases lack the proper tools to do their best work.

Fortunately, there are a number of digital intelligence solutions that can help alleviate device analysis backlogs, but these solutions must be considered in the context of an agency’s overall environment and workflow. With budgets tightening, agency managers must think about where their challenges lie and how they can best meet them.

Here are 10 questions managers should ask to ensure they are uncovering, managing and leveraging all the digital intelligence -- data extracted from smartphones, computers and the cloud -- to more efficiently run their investigations.

1. Are the right tools available?

The road to digital intelligence readiness starts by assessing current challenges and the assets available meet them. Managers must look at their mission and workflow, but also assess the tools and infrastructure they have in place -- all with an eye to the future. They should look at the trends in the digital intelligence workspace and decide where they need to be in the next three to five years. From there they can perform a gap analysis to help determine what tools should be incorporated into the agency’s workflow to make the whole process run more efficiently.

2. Are frontline officers used to best advantage to gather data at crime scenes?

Frontline officers can be an invaluable resource not only in preserving evidence at the crime scene, but in gathering data on site to jumpstart investigations. Many agencies are equipping their frontline team members with portable data extraction tools that provide a single-point extraction -- a photo or video clip.

When deployed at a crime scene, these tools help frontline officers transfer extracted photos, video clips or other information, secured in a forensically sound manner, back to command-and-control centers, giving agency managers a starting point for investigations. This is the first step in a tiered data-collection strategy where simple information is fed to the police station and then to a forensics lab where the most complicated part of the investigation takes place. 

3. How is data accessed?

Being able to properly access data to expedite investigations requires the right equipment and training for investigative personnel both at the crime scene and the police station. Many agencies are challenged, however, because they don’t have protocols in place to ensure data is extracted properly (and in a manner appropriate with the situation) so that it remains uncompromised and that the evidence chain remains secure.

The goal is to simplify the chain of custody. Sending devices out to third parties for extraction is fine for agencies that may be short on resources, but bringing the extraction process in-house simplifies management of the chain of custody. It also saves time, which can be critical in cases when every second counts. More importantly, keeping extraction in-house affords agency managers far more control over the data and how it can be relayed to key team members to move investigations forward quickly.

4. How is data managed?

With today’s extraction capabilities, accessing data from digital devices is actually not that hard if trained personnel have the right solutions. What to do with the data once it is acquired, however, is a more difficult challenge. Managing data to protect the chain of evidence and ensure compliance has never been more important, especially for departments that are authorized to share information with other units or outside agencies. This is where having a proper digital evidence management system (DEMS) is key.

Agencies must manage digital evidence the same way they manage physical evidence with procedures in place to maintain data integrity and a clear process to get the right information to the right team members when they need it.. By deploying a DEMS, agencies can protect and manage data for appellate processes, simplify discovery, handle retention and comply with expungement requirements.

5. Are artificial intelligence and machine learning applied to data?

A typical case involving digital intelligence may involve multiple devices and terabytes of information. How to parse and filter this data to provide actionable intelligence is key to moving cases forward. This is where the power of analytics is so important.

Modern AI-powered analytics solutions allow investigators to quickly sort through mountains of data to find key insights automatically. Workloads are drastically reduced and agency managers can rest easy knowing that all the digital data is being fully leveraged and securely shared throughout the investigation to obtain critical intelligence. Analysts can merge information from disparate mobile, cloud, computer and CCTV sources to provide teams with a full picture of data insights in a single view.

6. Is the team trained to return actionable intelligence?

Utilizing digital intelligence to its fullest cannot be accomplished unless investigators fully understand what it is, how it works, and how to use it. That takes training. Forward-leaning managers understand that the best investment they can make is in their people. The more they know, the more efficient they can become, and the more knowledge they can share with other team members.

7. How is the agency managing compliance and ensuring the chain of evidence remains secure?

In court, defense attorneys are notorious for trying to poke holes in the chain of evidence to provide an easy out for their clients. Having a DEMS that’s secure is the first step, but that security can only be ensured if there are procedures in place that clearly limit who has access to what data.

Leveraging case management and workflow orchestration tools helps managers enforce standard procedures to ensure that investigations are carried out the right way. These tools also allow managers to audit all the steps that were taken and all the warrants that were necessary to bring the case forward from start to finish and ensure transparency.

8. How is the team collaborating?

By design, law enforcement agencies are hierarchical. The chain of command produces order in a department, but it can also stymie the most important part of the investigation process -- collaboration. When allowed, teams must be able to share information quickly and efficiently. Copying little pieces of data and sharing thumb drives and hard drives -- a common practice in many departments -- is a recipe for disaster. Here again, the right DEMS is critical, but having the right tools to enable collaboration is equally important. A central data and analytics repository is also critical to making the workflow more efficient. Just like physical evidence, data must be managed and tracked. Having the right tools and reference architecture in place to do so is critical.

9. How is information sharing managed?

When allowed, sharing information across departments, agencies and even internationally can be critical to solving crimes and, in many instances, saving lives. Having the right tools and protocols in place to move swiftly when another agency reaches out for help or when investigators need assistance from outside their department is key. Tools with appropriate collaboration capabilities simplify the workflow between forensic operations, investigative operations and courtroom and discovery sharing, allowing forensic agencies to be more proactive and provide better insights during investigations.

10. Is evidence presented to prosecutors in a way that they (and jurors) can easily understand?

Gathering evidence is important, but it is of little value if those prosecuting the case don’t understand what it represents and how the dots in a crime are connected. Data must be presented in a way that is easily absorbed by prosecutors and jurors alike. Visualization and simplification are key. Data points from many sources related to the same person or incident can be correlated and presented in a logical timeline, graph or map that’s easy to understand. Tools that enable the simple creation of such courtroom-ready artifacts are the answer.

NEXT STORY: Iowa launches vulnerability disclosure program for election websites

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.