You: Information Security Specialist Greenwood Company
Hubert Jenkins: Human Resources Director Greenwood Company
Mike McBride: (former) engineer New Products Division Greenwood Co.
**Characters will carry through Project 1 2 and the Final Project. However please remain conscious of who you are/what roll you play in EACH project and in regards to specific questions.
For the purposes of this project imagine you are an Information Security (InfoSec) Specialistan employee of the Greenwood Company and assigned to the companys Incident Response Team.
In this case you have been notified by Mr. Hubert Jenkins Human Resources Director for the Greenwood Company that the company has just terminated Mr. Mike McBride a former engineer in the companys New Products Division for cause (consistent tardiness and absences from work). Mr. Jenkins tells you that at Mr. McBrides exit interviewearlier that day the terminated employee made several statements to the effect of it is okay because I have a new job already and they were VERY happy to have me come from Greenwood with ALL I have to offer.
McBrides statements made Mr. Jenkins fear he might be taking Greenwoods intellectual property with him to his new employer (undoubtedly a Greenwood competitor).In particular Mr. Jenkins is worried about the loss of the source code for Product X which the company is counting on to earn millions in revenue over the next three years.Mr. Jenkins provides you a copy of the source code to use in your investigation.Lastly Mr. Jenkins tells you to remember that the Company wants to retain the option to refer the investigation to law enforcement in the future so anything you do should be with thought about later potential admissibility in court.
The 4thAmendment to the U.S. Constitution reads The right of the people to be secure in their persons houses papers and effects against unreasonable searches and seizures shall not be violated and no warrants shall issue but upon probable cause supported by oath or affirmation and particularly describing the place to be searched and the persons or things to be seized.While the 4thAmendment is most commonly interpreted to only affect/restrict governmental power (e.g. law enforcement) the fact that a formal criminal investigation is a possibility (and the Company has no desire to be named in a civil lawsuit) means you must consider its effect to your actions.
With the above scenario in mindthoroughlyanswer the following questions (in paragraph format properly citing materials used in this course as well as outside research where appropriate).
Prior to any incident happening it is important for any company to implement a forensic readiness plan. Discuss the benefits of a forensic readiness plan and name what you believe are the top three (3) requirements to establish forensic readiness within a private sector business. Support your answers. (Please note that while cyber security and digital forensics have overlaps in incident response preparation please limit your answers here to forensic readiness in the digital forensic arena not cyber security.)
Mr. Jenkins out of concern for the theft/sharing of the Product X source code is requesting that you or your supervisor start searching the areas in which Mr. McBride had access within the building. Can you or Mr. McBrides supervisor search McBrides assigned locker in the Companys on-site gym for digital evidence?Support your answer.
Can you or Mr. McBrides supervisor use a master key to search McBrides locked desk for digital evidence after McBride has left the premises?Support your answer.
The police have not been called or involved yet however Mr. Jenkins asks how involving the police will change your incident response. Develop a response to Mr. Jenkins that addresses how the parameters of search and seizure will change by involving the police in the investigation at this time. Support your answer.
There is a page in the Companys Employee Handbook that states that anything brought onto the Companys property including the employees themselves are subject to random search for items belonging to the Company. There is a space for the employee to acknowledge receipt of this notice. Mr. McBride has a copy of the handbook but never signed the page. Does that matter? Explain.
Greenwood Company uses a security checkpoint at the entrance to the building. A sign adjacent to the checkpoint states that the purpose of the checkpoint is for security staff to check for weapons or other materials that may be detrimental to the working environment or employee safety. Screening is casual and usually consists of verification of an employees Company ID card. Can security staff at this checkpoint be directed to open Mr. McBrides briefcase and seize any potential digital evidence? Support your answer.
You know that it is important to document the details of your investigation if the company wants to insure admissibility of any evidence collected in the future. However Mr. Jenkins has never heard of the term chain of custody. Write an explanation to Mr. Jenkins of what the chain of custody is why it is important and what could occur if the chain of custody is not documented. Support your answer.
Each questions should be answered with aminimumof 1-2 paragraphs so do your research be specific be detailed and demonstrate your knowledge; submit your project to the assignments folder.
Answers to the above questions should be submitted in a single document (.DOC/.DOCX/.RTF) with answers separated and/or numbered in respect to the question so as to make it clear which question is being answered;
The submission should have a cover page including course number course title title of paper students name date of submission;
Format: 12-point font double-space one-inch margins;
It is mandatory that you do some research and utilize at least 3 outside resources!You must have a reference page that is consistent with APA citation style (seehttps://owl.english.purdue.edu/owl/resource/560/01/for help).