As a supplement to the video blog on conducting remote collections using Oxygen Forensic Extractor Enterprise let me offer some of the same suggestions in written form as I often get a little excited on film. If you missed the video content, here ya go!
What does this satisfy?
Since we are all secluded and trapped in our home offices, it has been difficult, if not impossible, to conduct a collection of a custodian’s device for obvious reasons. We could have them send the phone via post, conduct the collection once received, and then send the device back, but there are several reasons why this is not the best solution. The most obvious being not receiving the device to begin with. We could fly to the location, as before, to conduct the collection, but this puts us at the peril of the airline and the travel ban. Another option would be to put it off until we can show up to conduct it onsite, which of course could put a company out of business.
What if we could do the collection on the custodian’s terms or the business hiring us to conduct the collection who is in possession of the device(s)? Profit!
How can this work?
We are one of the limited companies that have always had an enterprise solution that allows for a single dongle to distribute out concurrent licenses to users. So, when you have a mobile workforce all over the world but do not want to be shipping dongles around when needed to conduct a collection, bingo-enterprise solution. Plug in an enterprise dongle into an accessible computer to the intranet or internet, install the enterprise software on the practitioners machines and you are up and running using a license provisioned somewhere else in the world (wherever the dongle is plugged in). Of course practitioners do not want to have to install an entire version of Oxygen Forensic Detective to do the collection remote, so we have Oxygen Forensic Extractor Enterprise. Now practitioners can install the small Extractor on the clients machine remotely, remote into the computer, ask them to plug the phone in, conduct the extraction on a single device or multiple devices simultaneously, and save the output to a shared internet based drive like Google Drive, DropBox, or OneDrive, for example.
Break that down even more please
- Let your client know they will need access to an on-site computer that you are able to:
- Remote into using RDP, TeamViewer, Zoho Assist
- Have rights to install software
- Create an internet shared folder (e.g., DropBox, GoogleDrive, NetworkDrive)
- Log in and install Oxygen Forensic Extractor (Enterprise version)
- Ask the customer to plug in the device to be collected
- Make sure device is connected
- Launch Oxygen Forensic Extractor
- Advise the customer on placing the device into the correct mode depending on the device (Apple, iOS)
- Connect to the device with extractor and begin the collection
- Save output to the created internet shared folder
- Once the image is across, import it into Oxygen Forensic Detective to verify all information has been collected
- Uninstall Extractor, disconnect shares, and remove custom information from the client computer
This solution is currently available and will fulfill the “out of the box idea” and twist on the current remote use case to continue working and keep your company afloat during these unusual times. However, even when the dust settles and we get back to the “new normal”, this method will still save money, not only in travel costs, but in time. Imagine how many more mobile devices you could be capable of collecting simultaneously? I am not only talking at one location, but you can have this installed on multiple clients on the same day having concurrent connections. Wow! Think about it, now that everyone is using Zoom you could even have all of your customers on the video call talking about how to set up an iOS and Android device once the software is up and running on their computers. We are now more connected than ever before.