discussion 3086
Crisis Management
Crisis management is the procedure in which companies deal with events that are disruptive and threaten to harm their stakeholders. The management of IT plays an essential role in the regulation of disaster since most activities are accomplished on the system.
During the process of imaging, the data may be compromised if the information on suspect media is changed. The investigators of the system have frequently confused destination disks with the compromised pictures when performing the imaging process. Therefore, the write blocker significantly protects the process, making it difficult for third parties to access the information (Whitman, Mattord, & Green 2013). White blockers enable individuals to acquire data from a drive without the option of accidentally destroying the contents of the drive. This is made possible through reading commands that are allowed to pass as write commands are blocked.
The blockers may either be in hardware or software form. The hardware write blocker is easily identifiable and accomplishes one command at a time. The software blocker is more potent since it adds to the assessor’s burden of proof. The general imaging process is detailed, making it easy to identify the irregular bug that may result in a crisis to the system (Cook 2015). The first process of crisis management involves gathering evidence from the storage and performing a physical validation. The images on the disk should be loaded on forensic tools to enable the collection of enough evidence.
Cartwheeling is a legal method of developing search items that may be challenging. Therefore, the users of the system must be educated to ensure they understand the safe sites and items to download that may not compromise company information.
Question
How can crisis management assist inadequate security measures in the system?