Blog
Book Excerpt on Benefits of Investigative Software for Law Enforcement and Public Safety
For further reading, please refer to:
Digital Forensics for Handheld Devices
Chapter 5: Corporate Investigations on a Netbook, pages 186-187
Eamon P . Doherty
CRC Press 2012
X-FIRE (INCIDENT MANAGEMENT SOFTWARE)
The X-Fire tool is made in Canada and seems very useful for the law enforcement and public safety communities. Agnovi is the company which is the maker of this investigative management software. The company was founded in 2001. The X-Fire case management software lets the AR track the incident or case from its initial reporting until the time it goes to court. The tool supports the investigative triangle that is often studied in computer forensics and in criminal justice. The software allows law enforcement to make customized reports which is important because states in the United States are very different and each has different ways of handling computer incidents. The tool has custom user interfaces which are good because corporate investigations are very different than law enforcement investigations. The details for the case and the information needed to be inputted are different depending on if it is a criminal case or a corporate policy violation. There are fields for the contact management subsystem. The home phone numbers, work phone numbers, home addresses, work addresses, and time of days that one is available could be customized to be part of the contact management subsystem. Functionality can be customized too. Perhaps an onscreen calendar or a calculator might be needed. The tool allows for customized reporting.
There are so many types of regulatory bodies depending upon the industry that one is in. If one is in a health care setting, then HIPAA compliance is an issue. Certain information has to be safeguarded from certain people. Role-based access (RBA) could be important. The person is only allowed to see what he or she needs to based on his or her needs. X-Fire allows for legacy integration. This is important because some offices might have a politically connected person still using an old program on the original IBM AT and a Lantastic network while others are on a different system. It is great when systems can be made to integrate the old with the new. X-Fire also allows for the import and export of data. It gives one the ability to bring data in quickly or export it, or to create a customized report about incidents such as computer hacking incidents at a school. This would be important for the university public safety departments being compliant with the Clery Act. The website for X-Fire also reports that it has a 24 h/7 days a week support. X-Fire also has mobile access which is important because an incident response team may want to add something to the system, look up a related case, or check on the status of an incident.
The X-Fire incident management system is also multilingual which is important. French and English are the languages of Canada. Spanish and English are important languages in the United States. Some tribal governments in the United States such as the Navajo Nation may want things in English and Navajo. The Navajo Nation covers four states and seventeen million acres. X-Fire also allows for group management. Different groups may need to access or input information regarding an incident in different ways. The system also supports multicurrency which is important since the software is used in Canada and the United States. Both countries have different currencies. The X-Fire incident management software runs on Windows, Linux, Mac, Unix, and can also be web based.
There are also subject profiles which might be customized by corporate computer forensic incident response teams. The teams may be defined with a variety of fields such as incident response team members, leader, documenter/photographer, technician, and victim. Each role might be defined with responsibilities and perhaps some personal details of the person that fills that role. Workflow can also be tracked so that if an incident seems to be delayed, one can see where the delay is. Perhaps the investigation cannot continue until the depositions are finished. Events can also be scheduled. Perhaps when a subpoena was served, or a deposition date or court appearance might be noted. In any case, software that helps organize incidents from start to close is very important. It is good that companies are vending incident management systems to a variety of law enforcement, public safety, and corporate environments in many countries.