It is a fact of modern life that an enormous volume of information is created, exchanged, and stored electronically. (ESI) electronically stored information is commonplace in our personal lives and in the operation of businesses, public entities, and private organizations. All businesses, regardless of size, eventually encounter some sort of litigation, investigation or a business dispute. Corporate directors and officers have fiduciary obligations to safeguard these assets, and lawyers additionally have an ethical obligation to their clients. When a breach happens, reputational, regulatory, financial and legal risks proliferate. Unfortunately, the key question that never seems to get answered is: What exactly are we at risk from and what are we supposed to do about it?
Digital4nx Group serves its clients’ needs by systematically identifying, preserving, extracting, analyzing, and interpreting digital evidence. Their services are used proactively or reactively – where they provide litigation support services for plaintiffs or defendants, as well as providing expert testimony and consulting, both in and out of court.
They specialize in “Digital Autopsy’s” using proprietary methods, technology and tools to recover active and deleted information off computer systems and other electronic devices. Additionally, Digital4nx Group provides “Ethical hacking”, as they define it as a service where they attack network and computer systems using real-world tools and techniques in order to find security weaknesses. Digital4nx identify specific risks to business systems, critical data, and help customize proven mitigation strategies.
As a boutique firm, Digital4nx Group’s focus is on providing strategic and tactical consulting services related to all digital devices under the “lens” where legal issues arise from an incident. Their senior professionals have decades of “in-the-trenches” experience, working on hundreds of matters, some of which have helped shaped some case law. Digital4nx Group develops long-term relationships with their clients, approaching each engagement with a focus on bringing value.
“We have been seeing a growth in being requested to conduct proactive ethical hacking assessments”, says Rob Kleeger, Founder and Managing Director. “We have found that the executives are able to sleep a little better at night once we provide our remediation plans and expose the firm’s weak spots.”
Digital4nx Group’s illustrious clientele ranges from the Fortune 500 clientele to the small, family owned businesses. Elaborating a case study that brought benefits to one of its clients, Rob says, “A small third party medical billing company who has additional staff outside the United States had recently migrated from a Microsoft 2003 Exchange environment to a newer Microsoft Exchange server environment. Within two weeks of that migration, a camera crew and well known investigative news reporter shows up at the company asking the CEO to provide a statement on how nearly one hundred thousand patient records have been publically available (i.e. PHI breach).”
Digital4nx Group were called in and dispatched onsite that afternoon. They began the forensic preservation of the old server and the new servers, capturing various system log files, interviewed the clients outside managed IT firm, the CEO, and began conducting an analysis within a few days.
In the end, it was discovered that the cause of the data breach was from the migration which had caused the FTP setting to default to an anonymous login, therefore it was publically facing and cached by Google’s bot. Kleeger says, “The IT firm had simply forgotten to “check the box” to close the publicly facing FTP port. That technical 101 could have avoided this reputational and financial hardship the client has suffered!”