Many organizations try to balance the value of having an in-house team for digital forensics vs. outsourcing the services. To break it down, we are going to look at it from the perspective of the public sector vs. the private sector.
The public sector in the U.S. primarily has in-house teams that do their digital forensic work, with the processing of only certain cases going to outside parties. This system has been the norm for many years and has kept a lot of labs very busy. However, many of the smaller departments do not have the same benefits as the larger labs due to having smaller budgets and fewer officers, who sometimes split their duties between normal casework and digital forensics. This split in duties is when smaller departments must choose between doing forensics in-hours or using a larger lab.
From the perspective of a smaller lab, the value of doing digital forensics in-house allows there to be more control regarding time and returns for casework. Although there are always budget concerns when setting up a digital forensic lab, the cost should not be the primary issue. There is a large range of tools to choose from for digital forensics. Labs can choose from open-source (free) software to budget-friendly software, like that offered by Paraben, Elcomsoft, Sumuri, and others. Investment in digital forensic capabilities for a smaller lab can be under $5,000 for just the software and under $10,000 for the software plus training to get started. Smaller labs can benefit from budget-friendly software options and online training to maximize smaller budgets and to shorten the case closure time.
With the private sector, the lab choices are a little different as they don’t have centralized outside lab options. The private sector is typically competing against one another with casework, so rarely do you see them collaborative with cross-processing or with community tools. Setting up a lab in the private sector can be simpler than setting up a lab in the public sector. However, the setup of a lab in the private sector can impact the end goal of the business, which is to make money. With more and more solo examiners popping up, it is important to understand the fundamentals of offering services that allow your in-house lab to be as profitable as possible.
When looking at service profitability in the private sector, the highest expense is the overhead for the lab. The expense of tools and technology is always the hardest to absorb since multiple tools should be utilized for cross-validation when doing digital forensics. To maximize profit margins, it is smart to choose some of the open-source options for cross-validation. It is also important to consider where the overlap of your tools is and to make sure that you purchase tools with a little overlap to maximize the lab’s capabilities. It is always a good idea to communicate with your tool providers to let them know which features benefit your lab and new features your lab desires. You should also follow the tool providers on social media for tips and tricks they may share and to not miss out on any freebies that they may offer. Working with a vendor in digital forensics is different than just going to your local retail chain since you are starting a relationship. That relationship should be one that will benefit your organization with services that can help you grow your business.
The final concern in the private sector is what happens when an examiner is out of their skill scope. The skill scope is where an examiner feels they are the most proficient with their skills and where they believe they do the best job. When an examiner goes beyond their skill scope, they risk the evidence in the case. Knowing their skill scope allows for examiners in both the public and the private sector labs to explore other options, such as the use of a larger lab. A larger lab typically has more examiners with specific skill sets, which allows the work on a case to be divided. In a lab in the public sector, if you have a case out of your examiner’s skill scope, it is the perfect opportunity to work with a larger regional lab to get help with the case. In a private sector lab, sending the casework to a larger regional lab is not an option, so it is a good opportunity to look at the professional services offered by your technology providers.
Having an in-house lab with smartly budgeted tools can be the most beneficial for both a public sector lab as well as a private sector lab. Looking past some of the higher-priced tools to multiples of the mid-range tools with training and open-source tools are smarter options for smaller labs to increase their examiner’s skill scope. An increased skill scope for an examiner means a larger variety of cases can be booked which leads to an increase in revenue.
Framework for Mobile Forensic Capabilities White Paper
Go through the value of processing mobile devices internally in your lab with this white paper that reviews what it takes.
Forensic-Impact Articles
Making an Investigations Sock Puppet
Transcript Hello and welcome to the next edition of, the Forensic Impact blog. I'm Amber Schroader. I have been off the video blog for a hot minute because I have broken my ankle, as you can see by my scooter. This is the best background I can get going right now. So,...
Empowering Small Businesses: The Significance of Data Governance
Guest Blog Post In today's digitally driven world, data is the lifeblood of businesses, regardless of their size. Small businesses, in particular, stand to gain significantly from harnessing the power of data. This article from Paraben Corporation delves into the...
Customer experience improvements and new features in E3 3.8
When looking for a whole package for technology it is more than just the tool you need to look at it is the company behind it. The 3.8 release of Paraben’s E3 Forensic Platform reminds us of that with a whole new customer download experience incorporated into the E3...
