ACC's past projects demonstrate the
company's broad scope. Highlights include:
- ACC has provided civil and
criminal computer forensic investigation in a wide range of cases
including theft of trademarks and copyrighted data, check forgery,
inappropriate or criminal use of company resources, piracy, tax evasion,
concealment of assets, sexual harassment, denial of service, threats of
violence, sale of stolen merchandise, email spoofing and others.
Investigation and resolution of an array of arcane technical points
critical to the understanding of pivotal case-related issues.
- ACC managed a project to
replace an access control system of 8,000 active cardholders for a major
entertainment studio, including creation of the RFP, management of the
vendor review process and final vendor selection, development and
implementation of numerous processes, techniques and applications that
enabled replacement of the system with no adverse impact on the
activities of system users. Vendors who observed the efficiency of
the rollout stated that they had never seen a system replacement of that
size proceed anywhere near as smoothly.
- ACC specified and programmed a
comprehensive analysis and integration system to ensure the integrity of
and enforce business rules on access control cardholder information,
interface corporate security with other repositories of information such
as parking management, HR, and corporate directory systems, and generate
email-based notification of operators and cardholders on anomalies,
approaching expirations, etc. As
part of this, ACC made extensive modifications to the cardholder
interface of the Lenel OnGuard access control system, using Lenel's
Forms Designer utility, to track additional needed information as well
as to enable operators to send instructions to back-end processes that
perform a variety of tasks, including on-demand synchronization with
external corporate systems, consolidation of duplicate records,
propagation of flags, etc.
- Management of a “warez” and
corporate sabotage forensic investigation team as team director and
principal forensic investigator collecting and analyzing more than half
a billion records in 20 databases including Citrix, DHCP, Web Inspector,
email and email gateway, access control, firewall log, internet piracy
tracking, phone traffic, hard drive examination, timecard, trouble
ticket, accounting, video surveillance and other information leading to
multiple convictions in the case. The case required development of
numerous additional databases and applications to perform analyses,
capture and manage the enormous number of details and issues in the
case, generate comprehensive reports and ensure the investigation
proceeded in an orderly and thorough manner.
- Successful data recovery on
hard drives that have become corrupted logically, that have undergone
failure of drive electronics, or that have begun to breakdown
magnetically. ACC recovered the drive data through signature searches,
keyword searches, programmatic execution of externally calculated
extraction configuration files, or through manual reconstruction of
allocation sequences based on direct inspection of sector data. One case
required recovery of a windows file system binary encryption key from
unallocated clusters, with password provided by the user, byte-level
reconstruction of the key file and successful decryption of the
information.
- ACC designed and implemented a utility to
extend the Lenel OnGuard access control system to make it possible to
turn on visitor badges at remote locations purely through the use of
authorized badges on readers, thereby significantly increasing the
security of those locations.
- Statistical analysis for
corporate management on a wide variety of data sources and types in
support of the decision-making process, ranging from annual statistics
extraction and tabulation on metrics encompassing all departmental
activities enterprise-wide to ad hoc analysis of questions related to
manpower assignment, risk assessment, process efficiencies, resource
reassignment, etc.
- ACC developed a crime
heuristics tool to analyze access control information for thousands of
active cardholders to identify persons most likely associated with a
series of crimes linked by modus operandi. The analysis exposed
the one person out of 9,000 potential suspects who was present for all
of the crimes, and who subsequently was found to be the perpetrator.
- Creation of a perpetrator-centric Threat
Management system for a corporate client designed to manage information
on threats received by the company.
- ACC created a policy management database to
facilitate the development and management of complex policy structures
allowing aggregation of policy according to topic or division of labor.
ACC coordinated with company staff to identify more than 500
responsibilities requiring documentation and to generate detailed policy
documents that allow both integrated overview of policies as they affect
all related posts as well as materials for training individuals on all
policies within their scope.
- ACC produced financial analysis and batch
billing tools and user interfaces for a large corporate department that
recovered more than $3,000,000 in inter-departmental billings that, due
to the complexity involved, had been considered unrecoverable by the
department.
- In order to facilitate rapid and reliable
synchronization of database information on individuals between systems that do not share a unique identifier, ACC created a
utility that made it possible to synchronize tens of thousands of
records extraordinarily rapidly and reliably, saving hundreds of man
hours.
- ACC programmed two applications to maintain
contract and contract date information for a national television
network.
- Programming of an application to capture
information for a variety of reports generated by corporate security,
including crimes, fires, threats, medical emergencies, lost and found,
etc., and a sister application to track all calls received by a dispatch
center, manage information on access authorization for areas not under
hardware access control, provide immediate access to emergency
procedures, generate email notification on critical event types, and
generate statistics for management on a variety of metrics.
|