executive proposal for the Done Right Accounting Company (DRAC). You must persuade the company’s upper management to approve the purchase of a mobile forensic tool.
For more information on DRAC, read the case study below.
This proposal requires you to do the following:
Research and evaluate a forensic tool to be used to investigate incidents involving mobile devices and to be added to the list of acceptable applications used by the digital forensics team. Here are some tips for researching the tool:
Select a tool you learned about in class or heard about elsewhere.
Use a vendor’s website to gather information about the tool. Also look at third-party reviews, case studies, and customer feedback.
Integrate your research with your own experiences. You can draw from class exercises to do this.
Analyze your findings so as to determine whether or not the tool would be beneficial in the investigation of cyberincidents. Consider the company’s needs and make sure the tool you have chosen is the best tool for the company’s purposes. You may want to research a few tools before making a final decision.
Provide a detailed summary of the purpose and benefits of the tool you chose. Describe the software so that the CIO can understand what the tool does and why you are recommending it to the company.
Provide information on cost. In your cost estimate, include all additional costs, such as for software management (e.g., updates and upgrades) and training.
Use at least three authoritative outside sources (note that anonymous authors and non-vetted entities such as Wikipedia are not acceptable). Use at least one third-party endorsement and one case study (not the one below).
Cite all sources used. See the syllabus regarding plagiarism policies.
Provide a References page at the end of the proposal that gives full references of the sources you cited.
Conform to American Psychological Association (APA) standards. See the writing guidelines in the classroom for further guidance.
Done Right Accounting Company (DRAC) Background
The Done Right Accounting Company (DRAC), located in Baltimore, Maryland, is a small company that offers accounting services primarily to small to midsize companies, although it has some individual clients.
The company is successful even with a great deal of competition. To set itself apart from similar organizations, DRAC has started offering what it calls Convenient Accounting Right Away, or CARA. CARA is a service offered for a small fee to both business and individual clients. Those who sign up for CARA have the luxury of having an accountant on call to visit their place of work or home at any time to process documents and/or discuss financial matters. CARA became a popular service as soon as it was offered. Over 80 percent of the company’s clients have signed on, even though CARA has been available for only three months.
Because of CARA, DRAC’s accountants are now completing many of their accounting tasks at remote locations.
Each accountant has been assigned both a company-owned laptop and a cell phone. The accounting software used by DRAC is compatible with both the Windows and the Macintosh operating systems. Because of this, each accountant has a choice of using either a Windows or a Macintosh laptop. Each also has the choice of using an Android cell phone or an iPhone.
Because of the small size of the company and the strict policies and procedures that it upholds, it has experienced few forensic investigations. However, there have been some cases in which advanced data recovery or data carving technology could have been used to recover data that was accidentally deleted.
The owner of the company, Mr. George L. Smith, has a strong desire to keep DRAC financially healthy. He is hesitant to invest in equipment and technology that he does not understand. Although the CIO, Mrs. Jennifer Anson, is familiar with current technology, she has a hard time convincing Mr. Smith to invest in new forms of IT. Two years ago, Mr. Smith reluctantly agreed to invest in a small digital forensics lab. The tools and equipment used by this lab are primarily associated with traditional desktop forensics. Up until now, Mr. Smith has been convinced that these types of tools should work on tablets and cell phones. Your proposal will give Mrs. Anson the information she needs to persuade Mr. Smith to invest in a new tool.
You are the manager of the PC and Security Support (PASS) department at DRAC and are in charge of configuring and supporting all the IT equipment used by the staff. You specialize in data recovery techniques and have been researching the operating systems used on the various mobile devices provided by the company. You understand the benefits of incorporating mobile devices into the company’s operations, but you are also aware of the risks that these devices bring to the company. You have been asked to find the mobile forensic tool that best suits DRAC’s needs and to write a proposal explaining why it is critical that the company acquire the tool and equip the IT department to support mobile devices.
Your education and your professional responsibilities have occasionally required you to perform forensic investigations. Some of these involved mobile devices, but you were never equipped with mobile forensic tools, and the investigations suffered because of it. You would like to do your best to be prepared in your current role.
To show how the tool you have chosen will benefit DRAC, you’ll need to research the product as much as possible. If the tool was part of the hands-on exercises in this course, it is recommended that you practice using the tool beyond the scope of the exercises. Based on your research and analysis, you’ll write a proposal that Mrs. Anson can understand and that she can use to persuade Mr. Smith to invest in the tool.
The chart below shows the executive management team of DRAC.
As the head of PASS, which handles IT, you are excited and enthusiastic about the initiative to make the company mobile, but at the same time, you’re worried about meeting the company’s need to be equipped with forensic tools that can be used in conjunction with mobile devices. Offsite, DRAC’s accountants are able to VPN into the company’s headquarters to store and retrieve information from the file server or the client database. The IT environment contains a mix of network servers running Microsoft- and Linux-based operating systems, various Windows and Macintosh desktops and laptops, and the newly purchased Android and Macintosh tablets and cell phones.
four Windows 2008 servers
three CentOS Linux servers
30 Windows 7 desktop computers
12 Macintosh OS X desktop computers
web server: Apache
services: FTP, SMTP, DNS, DHCP, DNS, VPN
databases: MySQL, Oracle
network management and security: Cisco routers and firewalls