The topic of mobile device encryption is more talked about than ever before. Many individuals and companies alike are spending time thinking about whether or not it is a good idea to encrypt mobile devices. But what about the risk that exists when an employee refuses to hand over the encryption password to their employer regarding a company cell phone?
One clear benefit of mobile device encryption is the extent to which potentially sensitive information is protected. If the encrypted device falls into the wrong hands, the owner of the device can be sure that the data will not be used for unwanted purposes. The owner of that particular mobile device can be assured that the thief will be unable to access important or personal information on the phone. This becomes especially important if the device is used for sensitive work related purposes.
Having said that, choosing to use encryption could cause a problem for the company later down the line. If an employer grants a work-purpose mobile device to an employee, it is important that the employer be confident in the ethical standards of the employee. It is too often the case that a work related mobile device is taken advantage of and, with encryption in place, the employer can do absolutely nothing about it.
When litigation becomes involved and motions for discovery arise the scope changes and it tends to revolve around the ability to not only recover and preserve previously encrypted and password protected files but also defensibly collect the information. That is where forensic data collection comes into play.
With a forensic data collection approach:
- Password-protected or otherwise encrypted files can be opened and examined for evidence.
- Social media accounts can be recovered and collected
- System files and logs can be analyzed to answer the question of intent or determine if an external storage device has been used.
- Device files can be collected in a native format for review
Forensic investigations allow you to take a deep dive into the data to determine and interpret intent, but in the end all rely on your ability to collect from a device while maintaining the integrity of the data.