So, I'm thinking about starting a co-op project to develop best practice standards for "ethical data recovery" procedures. Obviously no one could develop an exhaustive how to manual for how to do the work, but what I'm picturing is more of a standard of what should and shouldn't be done in the course of data recovery work. For example a first coule rules of ethics that I would present would be:
I think that with enough feedback from all of you professionals out there, we can develop (and probably debate about) a set of standards that should be followed. I think this may come in handy when we see people giving bad advice on forums, or describing the blunders they are making on their client's data. We can then just direct them to the data recovery ethics page, and tell them which rule they are breaking.
Ideas? Standards? I know that as we add to this list we'll need to come up with an overall structure to it so it's an easier reference.
- To the extent possible, logical data recovery operations shall be performed only against a copy of the data rather than against original media.
- A first objective in data recovery should always be to obtain a copy of the data containing sectors regardless of the assumed condition of the media.
- Exception 1: If media is determined to be fully functional by obtaining a full sector by sector copy of the data, logical operations may be performed against original media so long as a copy is set aside for the sole purpose of backup.
- Data Recovery equipment and software shall be configured such that no modification of the original media's data shall occur. If imaging/cloning is performed using software only methods, a hardware write block device shall be used. If a hardware imaging tools are used, channels for source & destination drives shall be clearly labeled and/or numbered to avoid confusion which may result in data being copied from destination to source media.
I think that with enough feedback from all of you professionals out there, we can develop (and probably debate about) a set of standards that should be followed. I think this may come in handy when we see people giving bad advice on forums, or describing the blunders they are making on their client's data. We can then just direct them to the data recovery ethics page, and tell them which rule they are breaking.
Ideas? Standards? I know that as we add to this list we'll need to come up with an overall structure to it so it's an easier reference.