ABSTRACT
The methodologies and approaches used to gather, process, and handle evidence ultimately affects the meaningfulness, relevancy, and admissibility of electronically stored information (ESI) as digital evidence. Safeguards must be taken to maintain authenticity and integrity of metadata so that is can be effectively used during an investigation and meets legal and regulatory requirements for admissibility in a court of law. Complimentary to the architectural design of an enterprise data repository for ESI work must be done to incorporate industry best practices and standards for how to provide adequate security and reliability of digital evidence through its entire lifetime. This chapter provides an overview of log management solutions where organizations can preserve their digital evidence. Organizations must employ a complimentary series of administrative, physical, and technical controls to effectively maintain the authenticity and integrity of business records that could be used a potential digital evidence.
