COMPUTER FORENSICS
Our rich experience makes us a reliable and professional partner in a wide variety of forensic procedures ranging from personal computers and mobile phones to cloud computing, etc.
Our services
Thanks to our many years of experience, we offer a wide range of high-quality professional SERVICES that can be specifically tailored to suit your needs!
FORENSIC RESPONSE ASSISTANCE
In the event of an incident, we can assist with the initial emergency measures necessary to prevent further damage, as well as to properly secure evidence.
SECURITY ANALYSIS
Are you familiar with the state of your IT security? Do you want to find out whether you are prepared and will respond appropriately in the event of an incident?
INFORMATION SECURITY CONSULTANCY
If you need advice or assistance in data security, personal data protection, establishing adequate security policies or reviewing internal acts for suitability, you can count on us to provide quality consultancy services.
OTHER SERVICES
We also offer a number of other services, such as video and audio forensics, special device forensics (drones, CNC machines, etc.) and others.
COMPUTER FORENSICS
Computer forensics is the process of the identification, protection, analysis and presentation of evidence in digital form in a manner that is legally acceptable.
The Institute for Forensics of Information Technology (iFIT) has many years of experience in computer forensics.
It was one of the leading actors in the introduction of the basic forensic principles and the basic requirements for appropriate forensic procedures into Slovenian legislation.
Our services can help you address various problems:
- Independent and secure handovers (of IT data)
- Information leakage
- Information system intrusions
- Insurance fraud attempts
- Recovery of deleted data
- Disloyal employees
- ...
FORENSIC RESPONSE ASSISTANCE
Taking action quickly and, above all, legally is essential when a harmful activity is detected.
Our team will help you quickly and effectively prevent further damage and secure the key evidence necessary for further proceedings. Even when you are at a remote location or if action needs to be taken at a separate unit (including abroad), our experts will be able to deliver the necessary support remotely or on-site with the assistance of local partners.
SECURITY ANALYSIS
Do you want to evaluate your existing security and preparedness system in terms of a proper forensic response to incidents?
Or do you want to implement an adequate level of security and proper first emergency measures in case of an incident?
The Institute for Forensics of Information Technology can deliver all of the above. We will examine the state of your information security, personal data protection and appropriate organisational measures. We will also provide assistance and advice in upgrading your existing measures and activities or help you establish adequate policies and organisational measures, and give advice on how to increase your organisation’s level of security.
INFORMATION SECURITY CONSULTANCY
Thanks to our long experience in computer forensics, professional analysis and proper forensic responses, as well as assistance in eliminating the consequences of various incidents and taking action to prevent them, we are one of the most competent partners to provide support with any kind of issue relating to the detection, analysis and prevention of a wide range of criminal offences and other incidents concerning computer forensics.
If you have encountered an incident, have fallen victim to an incident or if you just want to prevent an incident from occurring, then do not hesitate to contact us for an appointment or assistance. We will help you analyse your situation, prepare suitable internal acts, make appropriate arrangements regarding your business and provide instructions for a proper response in the event of certain incidents.
OTHER SERVICES
Our range of services also includes special device forensics, i.e. CNC machines, specialised devices and robots involved in production processes, smart home appliances, drones, etc.
We can also offer assistance with a number of services related to video and audio recordings, e.g. authenticity examinations, the identification of people, etc.
How we work
Computer forensics is a very young science compared to other forensic disciplines. Nevertheless, it is crucial that all forensic scientists adhere to certain basic principles, such as legality, professionalism, traceability, integrity and custody. It is also important that they follow the steps indicated below.
Analysis
At the data analysis stage, all the collected digital data is thoroughly and systematically analysed and evaluated. After excluding any irrelevant data, all the relevant data that could be used as evidence in further proceedings is appropriately secured for presentation in the final stage of the forensic cycle. At this stage, our forensic scientists ensure that their activities are properly recorded, either in minutes or in special reports in the applications that they use for work.
Collection
Data collection is the next stage when our forensic scientists gather all the relevant digital data from all the potential data carriers or locations involved in the investigation. Of course, the data types differ from one case to another. It could be data from a mobile phone or computer, or a whole host of other data types, e.g. server and firewall logs, user settings, network directory data, OS configuration, etc. This is another stage when it is crucial that our forensic scientists ensure the proper recording of the entire data collection process in the minutes. In this case as well, there must be adequate traceability provided via a chain of custody regarding the use of any data copied to other data carriers. This is essential when proving an information leak during an investigation, as well as when proving a manipulation of data during an investigation, and in the ensuing lawsuits.
Preservation
The protection of data is the next crucial stage, which often needs to be carried out very quickly, sometimes even during the first stage. Its primary purpose is to secure all relevant data from being destroyed, damaged or modified. This stage often comprises various activities designed to physically protect data carriers, as well as a host of activities for securing digital data, particularly when the protection of physical data carriers is not possible or sensible (e.g. application servers, etc.). Our forensic scientists ensure that the entire process of the protection of data and, above all, physical data carriers, is properly recorded in the minutes. In cases where data carriers are seized, the process is additionally secured with a chain of custody to ensure the traceability of data use at all times. This is essential when proving an information leak during an investigation, as well as when proving a potential manipulation of data during an investigation, and in the ensuing lawsuits.
Presentation
The presentation of a forensic investigation’s results is the final stage of the forensic cycle. It can be done either through the preparation of relevant scientific/expert opinions or in the form of testimony in court or, alternatively, the results can be presented to the client orally. In the final stage, all the relevant documentation, digital data, carriers of original data and other items are handed over to the client. If the client no longer wants certain data, our experts will ensure that all the client data is securely deleted.
Identification
Identification is the first stage in a forensic investigation. At this stage, our experts collect the initial basic information needed to legally and professionally carry out the forensic tasks that have been requested and agreed on. This stage takes place in close cooperation with the client, by conducting interviews, carrying out site visits, etc. in order to acquire relevant information about all potential sources of data that could serve as relevant evidence for further proceedings.
Documentation
Documenting the procedures is a vital process that runs throughout the forensic investigation. Proper and, above all, accurate documentation of the procedures ensures the traceability and, most importantly, the repeatability of the forensic investigation in the event of a verification of the investigation’s findings. When this stage is appropriately taken into account throughout the forensic cycle, any other investigator should get the same results when performing a verification. If these procedures are not properly documented, however, it can happen that certain results of the investigation cannot be confirmed, or the origin or even the authenticity of the data cannot be confirmed, which raises doubts about the presented results and may even lead to the exclusion of submitted evidence.
ABOUT US
We are fully aware of the importance of working professionally and in compliance with the law, as using the wrong approach could, in addition to the exclusion of the evidence in further proceedings, lead to a claim for damages. We are especially proud of the fact that we have helped establish certain minimum forensic standards in Slovenia and participated in the introduction and observance of some basic forensic principles through our many years of work and expertise, as well as through various lectures, training and support in drafting individual legal norms under procedural laws.
OUR KEY ADVANTAGES
RELIABLE PARTNER
Thanks to our many years of professional and, above all, legal work, iFIT is considered a safe and reliable partner in both domestic and foreign markets.
CONSTANT CUSTOMER CARE
Our professional TEAM is always working to ensure our clients get a complete solution, as well as relevant advice throughout the business process.
EXTENSIVE KNOWLEDGE OF LEGISLATION
Many years of work in computer forensics places iFIT among the institutions that have been active in this field from the very beginning and through to the present boom in information technology use.
Our Team
We boast extensive experience in various fields of information technology forensics.
Tadej Stergar M.A.
The Director of the Institute and an internal auditor for the ISO 9001 and ISO 27001 standards. He has been appointed several times as a computer forensics expert in court proceedings. He has over 10 years of experience in computer forensics, as well as over 20 years in project management and managerial positions.
Janko Šavnik M.A.
A computer forensic scientist with over 15 years of experience in dealing with the most complex investigations in Slovenia and abroad. He is a permanent court expert for information security and computer forensics, an information security specialist by education, a Certified Computer Examiner (CCE), a Certified Information Security Manager (CISM) and a Certified Information Systems Auditor (CISA), working as Chief Information Security Officer and Data Protection Officer at Addiko Bank d.d.
Igor Belič Ph.D.
Igor Belič, Ph.D. is the Chairman of the Institute for Forensics of Information Technology’s Council of Experts and specialises primarily in steganography and the analysis of video and audio recordings.
Matej Kovačič Ph.D.
A member of the Council of Experts of the Institute for Forensics of Information Technology. As a cybersecurity expert, he specialises in cryptography, the security of mobile communications, digital forensics and the investigation of cyber attacks.
David Stergar
With wide experience in computer forensics and having worked in development at AVIAT Networks for many years, he was able to acquire specialised expertise in forensic services relating to special devices and modules (e.g. at the controller level, etc.).
Jože Hočevar MSc
Holds a master’s degree in telecommunications from the Faculty of Electrical Engineering. He has considerable forensic experience and specialised knowledge in CISCO and Palo Alto network equipment and firewalls.
Ivo Švegovič
He has several years of experience in computer forensics. He is an ISO 9001 internal auditor and possesses special expertise in smart installations and home automation. He is also skilled in the establishment and parametrisation of various DMS application solutions.
Uroš Škufca M.A.
Graduated from the University School of Public Administration in Ljubljana, the Faculty of Law in Ljubljana, and earned a master’s degree in information management from the School of Economics and Business, University of Ljubljana. He is an ISO 9001 internal auditor. He has many years of experience in the public procurement of information systems and computer equipment, as well as the design and implementation of business information systems. Thanks to his knowledge of both the legal field and information technologies, he has experience in drafting legal regulations related to information technologies, general terms and conditions of use for information systems, and the legal and business analysis of information processes.
