Data Collection and Preservation

A Defensible Incident Response Starts With Reliable Evidence

When sensitive information is compromised, it’s critical to ensure electronic evidence is handled with precision and care to prevent it from being overwritten, destroyed, or otherwise corrupted. With Kroll, you can feel confident knowing our data collection and data preservation experts follow a strict chain-of-custody protocol at every stage of the process to improve the outcomes of on-site investigation and reduce your potential for litigation and fines.

Mitigate Risk Through Proper Identification and Preservation of Digital Evidence

Preserving critical electronic evidence during on-site investigation and threat containment/eradication paves the way for a successful incident analysis. At Kroll, our trained and certified forensic experts adhere to strict data preservation standards to ensure all potentially relevant data is captured and remains intact during an on-site investigation. We have the ability to quickly and efficiently capture electronic data from:

• Email servers
• Network shares
• Desktop or laptop computers
• Handheld and portable devices
• Backup media

Whether gathering digital evidence from a single source or from multiple sources organization-wide, we apply forensically sound methods to preserve key digital evidence so you can establish a clear picture of the incident and launch an effective response. And because we’ve worked on hundreds of cases involving multiple data collection sites around the globe, you can trust us to perform an optimal on-site investigation, giving you the flexibility to pursue any available legal remedies.

Key Areas

• Cyber Litigation Support
• Data Recovery and Forensic Analysis
• PHI and PII Identification
• RelativityOne Litigation Support Services