In this Article you will read about the topic “Extract Forensic Evidences from Live@EDU Account”.
As we know that with the development of advanced technologies, the crime rates have also increased tremendously. Every individual uses one web-based service or another for multiple purposes like emailing, exchanging documents, retrieving information, educational services, etc. One such area that requires forensic investigation is Microsoft Live@EDU, which is now known as Office 365 for Education. It is a free suite of hosted Microsoft Services & applications, which has been developed mainly for educational needs.
Microsoft provides various convenient services for each individual whether he/she is an employee, student or teacher. Microsoft Live@EDU is a cloud-based platform that is meant for the interaction of students and educators. It provides educational institutions with a Microsoft platform for delivering email, calendaring, communication, collaboration services and storage capabilities without any fee involved. It is the combination of Microsoft Outlook Live feature with 10 GB Exchange Experience and Windows Live benefits such as 25 GB SkyDrive online storage, Windows Live Messenger and Office Web Apps with SkyDrive.
As we knows that Live@Edu is a subset of Exchange Online and Office Web Apps for academic institutions, students and teachers use it for storing or sharing information online. The main arena that needs to be focused while talking in terms of investigation purpose is the storage locations. Two main storage locations that we need to look for evidences in Office 365 for Education are:
The users of Office 365 for education has the most confidential & sensitive data in these storage area where mail contents, group feeds, activities or assignments updates by teacher for their students are stored. Need for investigation arises when the data stored are leaked or if it has been modified/accessed by un-authorized users for illegal purpose.
The most important part of this investigation is the ability to extract forensic evidences From Live@EDU Account. The procedure of carrying out investigation on a cloud-based service such as Office 365 for Education is a cumbersome task, as there is no control over the data. Imaging is an important part of the investigation procedure, which can be accomplished only by downloading the data to a local platform. A third party tool can best serve this purpose by downloading the cloud storage to the investigation machine, making sure that it remains safe throughout and results can be generated in the form of presentable evidence. In order to overcome this issue and carry out the investigation efficiently a tool like MailXaminer can be taken into usage. It can be defined as a reliable solution that helps in examining multiple email clients to fulfill the need of email forensic analysis. Moreover, its provision of support for creating a clone of the cloud data on the software itself makes it an appropriate choice.
The blog has been focused to study the need of carrying out to Extract Evidence from Live@EDU account. Since it is cloud-based platform for enhancing interaction between students and teachers, the information exchanged related to school activities can be misused or modified. It has further discussed the challenges and possible ways to carry out the investigation. However, due to inability to extract presentable evidences using manual approach, a third party email investigation tool has been suggested in the end of the blog.