Requirements for Constructing a Standard Computer Forensics Laboratory
Designing and building a forensic laboratory presents a great challenge. Its design puts into consideration different requirements in environmental safety, ways of handling hazardous materials, management and efficiency in how the operations are carried out, adaptability, securing the collected evidence from any external intentional or unintentional interference and also keeping it on budget.
XYZ Company is rapidly growing and hence, it means that its environment is also changing rapidly. Due to this rapid change, forensic lab should be flexible. Flexibility ensures that in the future, when the employees will be many, it will be capable of handling more cases at one given point of time. Computer forensics is a dynamic field that changes rapidly as more discoveries become available on a daily basis. The construction must also involve forensic science consultant who should guide construction design. The design serves the needs of construction and ensures that there is a balance between the cost of construction and the type of the service offered. Although, cost is a limiting factor, hence, there should be no tradeoff between cost and quality. A poorly constructed laboratory may be ineffective since it does not have the required equipment and material needed for conducting any research.
Planning is the first phase in project development; effective planning ensures that the project success is gauged even before construction begins. It is during this phase that the contractors interact with the forensic team to make sure that the plan is developed as early as possible to avoid any inconvenience during the construction phase. Construction of this particular laboratory is constrained by costs and, hence, an effective plan is necessary to ensure that the project remains within the budget to avoid any cash shortage after the commencement of the project.
During the planning process, laboratory director should have a quick fact sheet so as to ensure the laboratory meets the minimum requirements. The first check emphasized is the safety and security of both the assigned personnel and facility operations. A forensic lab is a sensitive place and, hence, many individuals might wish to access the facility for either genuine good reasons that include providing more evidence or for malicious reasons that are to tamper with the evidence. So as to ensure that limitation of the latter, there should be strong monitoring program and also quick response unit accompanied by adequate security.
Although, cost is a great constraint, the size of the laboratory to construct is important. A computer forensics lab involves movement and, hence, the lab should provide adequate space that allows individuals to move freely while conducting a research.
The recommended floor space for each staff member is 800 - 900 square feet. Adequate space provides for convenience while conducting an investigation and also allows interaction of different personnel while the research exercise. The lab requires standardized reception area with a waiting room. The reception should be large enough to accommodate a few people as some cases might need more people to account for their actions and also report the proceedings. There should also be a room allocated for standards and references, all items in the laboratory should comply with a particular standard. The standard ensures that it is easy to compare between the variable results and the standard in order to establish the level of deviation from the latter.
Geographical location of the laboratory is a key issue while setting up the laboratory. It is easy to tamper with the evidence that has already been forwarded to forensic lab either through physical destruction or corrupting it. To avoid such incidents, the lab should be located in a safe place that is easy to monitor both entrance and exits of the building. The laboratory should be in a well-secured place preferably separate from the other buildings so that to ensure that immediate entrance to the compound is detected.
The lab should be in an easily accessible location. As much as the need of having a secure building, it should be ensured that the facility is easily accessible. It should not be a challenge for both the officers working in the facility and the evidence to be delivered at the location. If the facility is far from the company itself, it poses a challenge in delivering the evidence in time.
In this particular forensic lab, there might be cases of high temperatures because of the high level of activity involved. To avoid high temperatures in the building, it is important to have adequate air conditioning. The best air conditioning is provided by the centralized air conditioning equipment. The roof is an ideal location to facilitate the intake of fresh air while at the same time releasing the heat to the atmosphere. Mechanical equipment is placed on the roof, and a connection placed to serve all floors in the building using a single central air handling unit. To avoid large vertical ducts running from the ground floor to the last floor, there should be separate air handling units placed on each floor. Moving air on large distances requires much power, to avoid demand for large quantities of power, a separate air handling units should have openings on each floor. The openings allow for quick uptake of air on each floor; only water should flow vertically on the pipes.
To mitigate the loss that might be caused by any natural disaster, there are plans in place for ensuring a quick response so as to alert all members of staff of any disaster. First there should be a common assembly point left open at all times that can allow assembly of members in time of disaster. The place should be centrally located and easily accessible in cases of emergency.
During emergencies, people tend to panic and rush to the door, which might lead to a stampede; to avoid this, the building should have many exits each on every corner of the building. However, to ensure the exits are not misused and are only used during emergencies, they should remain closely monitored. To ensure they remain effective, they should not remain locked, or if they are locked, they should be made of easy to break material, and clearly labeled as emergency exits.
A map of the building is also important in case of an emergency. The occupants of the building should get the building maps so as they can navigate through the building easily. The building should also be fitted with an alarm for quick alert in case of an emergency so that all workers can be aware of the situation.
The lab workers should be involved in a mock disaster strategy periodically. The mock strategy should be used to test the readiness of the officials to emergencies so as to make it easier to handle real disasters. Mock disasters also help identify loopholes in the set up disaster reaction plan.
Fire break out in a forensic lab can have adverse effects as it destroys all the evidence available in a particular case. To avoid incidents of loss through fire, the building should have enough fire extinguishers. Every personnel should receive training on how to effectively combat any fire that might break whether mild or highly destructive. The building should also have automated alarm and fire extinguisher. With the automated alarm, it will help detect and bring to the attention of all building occupants that there has been a fire outbreak. At the same time, the automated fire extinguisher automatically puts the fire off to ensure that it does not spread.
Fire spreads widely in most cases due to availability of accelerators. In all cases, there must be some form of furniture or something else accelerating the rate at which the fire spreads. To ensure firefighting is easily done during emergencies, there should be as few wooden structures as possible in the laboratory. Where possible, equipment should be made of glass or steel as they are more resistant to fire.
Emergency exits also play an important role in reducing any loss by fire. In the case of extreme fire, all the occupants should leave the building through the strategically located exits as fast as possible and meet at one central location to plan on the extinguishing process. However, care should be taken on the type of extinguishers used. In some cases, only dry extinguishers should be used to ensure that machines that are in the site of fire break are not affected by water that could render them out of order.
Both computers and their parts are sensitive to water and will have faulty functioning even on the slightest instances of contact with water. To avoid incidents of contacts, it is important to keep the building out of reach by water. The first important way is making sure that the building is built on the highest ground level possible. The location should be raised than the rest of the ground to ensure that it is the last building that will be affected by possible flooding.
The most water-sensitive equipment is both the computers being used and the evidence collected, to ensure that they both remain intact even during flooding; they should occupy the highest floor possible. Other operations should occupy the ground floor that is most likely to get flooded during such incidents.
Electrical components are also at a major risk of destruction in case of flooding. Taken as a precaution, all electrical appliances and connections should be raised above any level that the water can reach; raising the appliances ensures that even if the water level rises, the risk will be minimized.
A random power outage can cause huge problems as it might terminate some important activity, or might also destroy some evidence in the process of being refined. To avoid incidents of power outage, the building should have power backup systems in place. There should be both quick system that replaces the power supply source immediately the power goes off and also a more permanent power source that replaces the power that goes out for a long period.
Power outage could also result from faulty systems coming from poor or lack of inspection. When the systems are not timely checked, they might develop a slight problem that could add up to more massive problem later. To avoid such incidents, there should exist automated power systems that detect any fault in the wiring connection. In case the system detects a weak point, it should notify the engineers to rectify the problem. The power system should also have auto control to avoid power outage before the backup system starts. The system should auto-detect loss of power and immediately turn on the backup power source without delay. Such quick response ensures that there is no interference of the ongoing work as it could have equally devastating effects if the backup had to be started manually.