© 2020 Association of Certified Fraud Examiners, Inc.
Conducting Internal
Investigations
Emerging Technological Trends
© 2020 Association of Certified Fraud Examiners, Inc.
Emerging Technological
Trends in Investigations
▪ Improved technology:
• Gives investigators more options
• Improves efficiency of examinations
• Enhances the abilities of fraudsters
▪ The convergence of various technologies
means that securing sensitive investigation
data is increasingly challenging.
© 2020 Association of Certified Fraud Examiners, Inc.
Proliferation of Various Storage Mediums
▪ Mobile devices
▪ USB flash drives
▪ Memory cards
▪ Hard drives
▪ Network storage
▪ Magnetic tape
▪ Copy/fax machine memory
▪ CD/DVD/Blu-ray
▪ Cloud storage
© 2020 Association of Certified Fraud Examiners, Inc.
Bring Your Own Device (BYOD)
▪ The concept whereby employees bring their
own personal electronic devices to work and
use them as a tool to conduct business from
anywhere
▪ Examples of BYOD devices include:
• Laptops
• Smartphones
• Tablets
• Phablets
• E-readers
© 2020 Association of Certified Fraud Examiners, Inc.
BYOD Policies
▪ Management
should create a
BYOD policy that
states the rules and
expected behavior
of employees who
use their personal
devices at work.
© 2020 Association of Certified Fraud Examiners, Inc.
Difficulties with Collecting Data
from BYOD Devices
▪ Subjecting personal devices to examination
▪ Identifying relevant sources of information
▪ Determining who has control over the data on
employee devices
▪ Preserving and collecting data from personal
devices
© 2020 Association of Certified Fraud Examiners, Inc.
Cloud Computing
▪ The cloud is a
metaphor for the
storage and use of
data online, rather
than on local storage.
▪ Data is typically stored
by a third-party host
and accessible online.
© 2020 Association of Certified Fraud Examiners, Inc.
Challenges of Investigating in the Cloud
▪ Lack of physical access
▪ Lack of data control
▪ Jurisdiction of storage
▪ Preserving chain of custody
▪ Lack of knowledge about storage
© 2020 Association of Certified Fraud Examiners, Inc.
Shadow IT
▪ Use of any unapproved
information technology:
• Unauthorized use of free
cloud services
• Unapproved development
of entire enterprise
applications
▪ Used to circumvent
traditional IT and its
security policies
© 2020 Association of Certified Fraud Examiners, Inc.
Investigating with Social Media
▪ Social media: any online means of sharing
information or assorted media among a
group of people, particularly those with
similar interests
▪ Used to connect friends, acquaintances,
business associates, and strangers
▪ Can be public or private
© 2020 Association of Certified Fraud Examiners, Inc.
Types of Social Media Sites
▪ Social networking sites
▪ Collaboration sites
▪ Blogs and microblogs
▪ Content communities
© 2020 Association of Certified Fraud Examiners, Inc.
Social Networking Sites
▪ Allow individuals to
share with others in their
network.
▪ Examples include:
• Tumblr
© 2020 Association of Certified Fraud Examiners, Inc.
Collaboration Sites
▪ Facilitate collaboration between users to
generate content.
▪ Examples include:
• Wikipedia
• GitHub
• Digg
• StumbleUpon
© 2020 Association of Certified Fraud Examiners, Inc.
Blogs and Microblogs
▪ Blogs: discussion or informational sites
▪ Microblogs: sites through which users post
short messages for others to read
▪ Examples include:
• Blogger
• Tumblr
• WordPress
• SquareSpace
© 2020 Association of Certified Fraud Examiners, Inc.
Content Communities
▪ Sites in which users share multimedia content
▪ Examples include:
• YouTube
• Daily Motion
• Imgur
• Flickr
• Snapchat
© 2020 Association of Certified Fraud Examiners, Inc.
Metadata Tags
▪ Used to index and organize topic
discussions, personal information, photos,
videos, and anything else transferable on
social media:
• Hashtags (#)
• @user
▪ Facilitate searching for specific content