4 Features Investigators Want
There’s a growing demand for digital investigations, putting pressure on teams to do more work. Automating the data processing activity can help drive productivity, while also improving data quality and accelerating results.
With that in mind, we wanted to highlight 4 Rampiva features that are important for digital forensics investigations projects:
Digital forensics and investigations work is resource intensive, often requiring the highest processing settings available within Nuix. Being able to queue the processing jobs to run whenever resources are available helps to significantly accelerate the actual speed-to-results for digital investigations teams. Once set up, tasks execute without requiring staff interaction, and processing can continue to take place during weekends and off-shift hours. This acceleration helps ensure teams can have both rigorous settings and speedy results.
Identifying entities—names, locations, personally identifiable information, watermarks, code words, etc.—is essential when investigating an event. Entity analysis can help detect violations, identify the right escalation path, and determine the likely urgency of the event.
Most eDiscovery teams don’t extract entities during processing, because it can be resource intensive. However, if a team is effectively balancing their digital forensics program, then it can be cost effective to extract entities during processing—and this will improve the accuracy of your alerting.
Notifications in typical data processing projects tend to be focused on project management and quality control audits. So, they happen less frequently and can be a manual task.
When used for digital investigations, notifications vary depending on the urgency and type of action the notified party needs to take.
Expert resources are limited, so being able to immediately notify them when a serious issue is identified is helpful – but, so is having a system smart enough to only escalate urgent issues and to report on non-urgent ones using regular channels.
Whereas most eDiscovery matters are unrelated and only make use of compound cases to handle very large datasets, in digital investigations it is often useful to compare results across historical cases of a certain type.
With Cross-Case Analytics, investigators can compare the properties of datasets from all historical cases such as data-ranges, custodians, or responsive results. This helps identify patterns and variations, which adds important context to new violations.