Collecting and extracting evidence is half the battle when it comes to seizing evidence and processing a crime scene. When you don’t have the right supplies or resources it can impede your investigation or even ruin the chain of custody.
I have seen much while being a crime scene investigator and one of the most devastating things is when pulling out a piece of evidence on a shelf and the bag is ripped, or even worse has damage. This alone can ruin your investigation and the integrity of your evidence.
When your evidence is contaminated, your case suffers. Even in the world of digital evidence, there are potential contaminators out there that can change your evidence forever. Paying attention to your procedures and how the evidence is collected and maintained can make all the difference with any type of evidence.
Always have a set procedure checklist that will ensure that you will receive the best possible evidence. First responder cards like those made at Paraben allow for a simple procedure that will ensure the best preservation of some popular mobile evidence.
There are a lot of roadblocks that can change what you can and cannot get from your evidence. One of the most common issues that are rarely addressed is the lack of resources. In many places, forensic labs are backlogged. Much of that problem is because of a lack of employees. In many places having a computer forensic analyst in-house or nearby is rare. In addition to employee shortages, there is always an issue of budget. When it comes to processing digital items, the costs are high, and the skills are unique. Many times, people are intimated by this type of analysis. However, when trained properly, it can become second nature, just like other aspects of forensic investigation can. Even with basic level skills, data can be processed properly, and information found can be critical evidence.
When working with anything digital evidence-based it is all about the tools. There are multiple tiers to the types of digital evidence that will be collected, processed, analyzed, and then stored. There are steps that are done have different unique tools at each stage. This is where many organizations will hit barriers that will stop them from being able to process digital evidence in-house.
There are multiple programs available that allow for grants to be used to outfit your organization with the proper tools. In addition, there are training programs that include equipment that will allow you a bonus of getting things all in one place.
When storing your electronic evidence, it is all about having the proper procedure as well as media in place that will ensure the integrity of the data is maintained. Many times, the storage side of digital evidence is the lowest cost in the process.
Many organizations will need to invest in certain specialized storage such as faraday bags, anti-static bags, and specific storage areas that are dry and free of potential contaminates for digital items.
With the world of digital devices and storage always growing the need for being able to process digital data is growing as well. Organizations need to take a proactive approach to train examiners at least with basic skills to be able to manage the demand that is rising. The turnaround time with an internal staff member being able to process vs outsourcing can show an immediate return that will be felt for years to come.
Training organizations include:
Forensic-Impact Articles
Understanding the Risks of AI in Investigations
When data integrity is everything, hooking an AI tool directly into your investigation workflow is a major security gamble especially when dealing with sensitive evidence, login credentials, or PII. As AI becomes a standard feature in forensic tools and other digital...
OSINT and Infidelity with Private Investigations
Guest Blogger: Taylor Weddington Digital footprints are nearly impossible to erase; the art of uncovering infidelity has undergone a profound transformation in 2026. Open-Source Intelligence (OSINT) resources such as social media platforms, public records, online...
Why do tools show different results?
Since I started working in the DFIR space many years ago I always remembered the rule of two tools. That rule, although stated, is not always followed by every examiner. With the rising costs of DFIR tools many organizations have only funded one tool for their teams,...