New Features

Meet compliance needs with category extractions in Magnet Verakey

In today’s digital investigations, smartphones hold vast amounts of potentially critical insights. For many of us, our smartphone has become central to our daily lives. On one device there can be tens to hundreds of gigabytes of data stored as communications, apps, games, photos, videos, music, and documents. It makes sense that 65.5% of corporate DFIR professionals indicated that the number of mobile devices in investigations is increasing in this year’s State of Enterprise DFIR report.

That’s why efficiency, accuracy, and protecting data privacy is critical when performing mobile investigations. For forensic examiners, the ability to filter through massive datasets and extract only what is relevant to a case is invaluable.

This is where focused, precise data extraction comes into play, and category extractions in Magnet Verakey takes this capability to the next level for mobile forensic investigations.

(Category-based extractions are available in Magnet Greykey as well. In this blog, we’re focusing on mobile forensics for the purpose of internal or corporate investigations, civil lawsuits, and incident response using Verakey.)

The challenge of data overload

The sheer volume of data on today’s smartphones poses a significant challenge for forensic examiners. Each smartphone could contain thousands of messages, countless images and videos, and a wealth of information from various applications. Sifting through this data to find pertinent evidence can be time consuming, resource intensive, and may even delay crucial case outcomes. This approach also introduces risks to privacy, as irrelevant information may be inadvertently included in forensic extractions.

For eDiscovery purposes, internal investigations, phishing, business email compromise, and compliance teams alike, ensuring only relevant data is collected is increasingly critical.

What is a “category extraction”?

With category extractions in Verakey you can select and collect only specific categories of mobile data, such as messages, message attachments, mail, and locations. Instead of performing a full file system extraction, this targeted approach offers several benefits and is especially useful when time is limited or where privacy and regulatory concerns require limiting the scope of data collection.

You can use it to quickly extract intelligence from a device to point you in the right direction, or to build a case for collecting a full file system extraction.

Screenshot of selected data categories for category extraction.

In addition to the categories noted above, the Communications and Multimedia categories have optional subcategories enabling you to be even more targeted with your collection. For example, the Communications category breaks down the data available to SMS, mail, voicemail, and call history.

To further refine your dataset, you can filter by a date range such as 7 days, 14 days, 30 days, and a custom range.

Benefits of category extractions in Magnet Verakey

1. Compliance with privacy and data protection regulations

  • Privacy and data protection regulations vary from country to country. For example, data privacy regulations—like GDPR—impose strict requirements on data handling, including the collection, processing, and sharing of personal information. Over-collection can expose organizations to compliance risks, including penalties for unnecessarily exposing personal data.
  • Verakey is designed for consent-based mobile investigations. With the addition of category extractions, we’re helping you to stay within regulatory boundaries, reducing the risk of capturing and exposing sensitive data. This is especially valuable for organizations that operate globally, where data privacy laws can vary significantly.

2. Increased efficiency and speed

  • While a full file system extraction offers you the most complete picture and preservation of a mobile device, it can take hours to extract and process due to the sheer size of the dataset.
  • When only specific data types are of interest or permitted for collection, category extractions reduce the overall volume of data collected, which can significantly cut extraction and processing times. This streamlined collection lets investigative teams spend less time sifting through irrelevant data and more time on key insights.
  • Category extractions speed up the time to actionable insights, which can be crucial in fast-moving cases like incident response, insider threats, or IP theft.
  • Bonus: Verakey provides you with an anticipated extraction time for each data type so you can estimate how long the collection will take if you’re in an especially tight time crunch!
Screenshot of estimated time for category extractions

3. Enhance investigative precision, align with proportionality standards

  • With category based extractions, the scope of collection can be aligned precisely with the case requirements, ensuring only pertinent data is included. This aligns with the courts goal to guard against costly over-discovery and “proportional” to the needs of the case.
  • In addition, discovery is limited to non-privileged material. Combine this approach to mobile data extraction and the ability to remove privileged material from analysis in Axiom Cyber and you have a powerful solution for forensic data collection and analysis in support of legal proceedings.

4. Reduce data storage costs

  • Data volume directly impacts costs in eDiscovery. Every additional gigabyte of data collected and processed results in increased expenses for storage, review, and analysis. By focusing only on specific, relevant data categories, legal teams can drastically reduce the amount of data processed, significantly cutting costs.

5. More accessible for non-technical stakeholders

  • Category extractions allow a higher degree of accessibility and effectiveness across different stakeholders—especially those who may not be deeply technical—by focusing only on what’s needed without overwhelming them with an entire file system extraction. (While Verakey and Axiom Cyber provide powerful forensic collection, processing, and analysis capabilities, sharing the data with non-technical stakeholders is best achieved using Magnet Review.) 

Ready to see Verakey in action? Check out how easy it is to perform category-based extractions in this interactive demo:

Magnet Verakey: Advanced consent-based access of mobile data

As digital forensics approaches and technology continue to evolve, solutions that support targeted collections like Magnet Verakey will play an essential role in making your job easier and protecting organizations, employees, and clients from legal risk.

Additional resources

Related Resources

Blog

Blog

Quickly uncover the history of your case with Magnet Review’s Timeline View

Magnet Review empowers your investigative team members—both inside and outside your organization—to securely collaborate and review digital evidence from any of your data sources anywhere in the world.   When working

November 6, 2024 • About a 4 minute view
Blog

Blog

Magnet Griffeye 24.5 and Project VIC GID now available

Magnet Forensics is excited to announce the release of version 24.5 of the Magnet Griffeye suite! This update brings key enhancements to the Griffeye Intelligence Database (GID) in Griffeye Operations

October 30, 2024 • About a 3 minute view
Blog

Blog

Making Magnet Copilot’s AI capabilities available offline

Across almost every industry and application, advances in AI have been prompting changes that can have major effects on digital forensic examinations. While the rapid development and availability of AI

October 24, 2024 • About a 4 minute view
Resource Center Home

Subscribe today to hear directly from Magnet Forensics on the latest product updates, industry trends, and company news.

Start modernizing your digital investigations today.

Top