Investigations and all types of litigation must now consider automated data.  Correspondence, e-mail messages, spreadsheets, accounting records and many other types of data files can contain critical information that could either decide the matter or provide important clues to the investigator.

Many times people will examine computer media, and will only copy the directories and files from the storage media.  In these cases there may be a significant amount of data that is completely missed.  Previously deleted files, data from file slack and data written to unallocated areas of the media will not be copied unless a forensic copy is made of the media.

In most cases when files are deleted from computer media, the data is not actually erased until it is later overwritten.  Many times this will mean that a deleted file can be easily recovered and examined.  Even with the new version of Windows (which has the capability of "shredding" a file to render it unrecoverable), there are still other places where the data from a deleted file might be recovered.

Many operating systems and software applications create additional temporary copies of files on the computer hard disk drive.  Then even if the original file is deleted and/or overwritten, the data from these files can still be recovered -- providing that a forensic copy of the hard drive has been generated.

Just being computer literate is not sufficient in these cases.  Computer forensics specialists have received specialized training in this field, and have the forensic tools to ensure the integrity of any computer data involved in an investigation or matter in litigation.  Rigorous forensic methodologies developed over many years also help to respond to any questions related to how evidence is produced and protected.

Be safe rather than sorry, and make use of professional and qualified computer forensics specialists.