Brett's Ramblings

Font size: +
10 minutes reading time (2002 words)

How to Start a Digital Forensic Lab in Your Police Department

So, you want to start a brand new, right-out-of-the-box, digital forensics lab in your police department?  Want some tips? 

If you (1) work for a large-sized department, you probably already have a digital forensic lab staffed with full-time, commissioned examiners.  But if you (2) work for a small to mid-sized agency, your department may either farm out forensic work to an outside agency (OSA) or simply doesn’t even do any forensic work on any seized electronic device.  Hard to believe, but yeah, it still happens.

If you fit the second situation, the first question that I have for you is, does your department want a digital forensic lab or is it just you? This is a crucial question, because if your department is behind implementing a forensic lab, then you have a gravy meal ticket to get it done, within whatever budgetary means allowed. For this scenario, there’s not a whole lot I can tell you, other than congrats! You have it easier than most. I’m not going to talk about that scenario since the hard part is done, that is, having pre-approval to build out a lab.

Now, for the rest of you, where your department doesn’t even know it needs a digital forensics lab, or refuses to consider it, or may not have a penny in the budget to spare, this blog post is for you 😊.  If you want a lab, you can have it by you doing what needs to be done, in a manner that works with your agency, not against it.

Let’s picture the lab you want before we get started. Given an unlimited budget, what would you want? Would it look something like this?


Enjoy that moment you had with your dream lab, because unless you control the checkbook, dream on….your dream lab isn’t going to be even close to this.  But, you can still start a lab using a few tips and tricks. Think big and accept you most likely will start out small…very very small..

Common obstacles


There is no ‘free’ person to be assigned to a new forensic position. Staffing is already (always) short.


The mysterious budget is never enough to cover the basics as it is, let alone build out a forensic lab.


We have no room to spare to create a forensic lab.


Spending months to train someone on department time probably won’t happen when the department doesn’t see the benefit.

Examiner selection

Maybe you won’t be the person selected for the position that you suggested ☹


We need cops on the street, not on a computer. Plus, we’ll send out any evidence to an OSA and accept the length of time it takes for someone else to do our forensic work.

Examples of not the best methods to try (not just my agency)

I have seen a detective take one basic course in forensics, come back and demand that the agency spend $30,000+ on gear and training to create a forensic lab. The agency agreed to spend a little, but the detective said “all or nothing” and the result was nothing. The detective never did get into forensics…

I have also seen detectives who were selected for forensic spots turn down training and gear because of the strings attached to it, such as sharing with another agency, or sharing forensic work with other agencies, or having to attend (free) training that didn’t fit the detective’s personal schedule (even one turned down a conference because lunch wasn't being paid by the agency..). If you turn down something free, like a two-week forensic course or a conference out of spite or whatever else, you probably set yourself back a year. Not the best idea. Plus, if you have someone like me working in your agency, I'm coming for your spot because I'll do whatever I can to get it.....keep that in mind.

Some ways that I have seen work

The mobile lab

Before I started a forensic lab in my agency, I first saw a ‘mobile lab’ that a patrol officer created, and I was both impressed and inspired. The patrol officer took a lot of training on his own time (vacation) and own dime (he paid out of his own pocket). He even bought the basic gear needed for the most basic of forensic work with his own money. He carried around the gear in the trunk of his patrol car, ie, a “mobile lab”.

Whenever there was an electronic evidence item seized, if he could do the work, he did it in addition to his handling calls. It took several exams of the most basic nature before his agency took notice and eventually, crowned him the department forensic examiner. However, he was still in patrol. The good news was that he had the title of 'forensic examiner' as an added duty. The better news was that the tab for his continuing education training and gear was picked up by his agency.

The closet lab

My personal example is the closet lab. Having seen how the mobile lab example worked, I took this route to start a forensic lab in my department. At the time, my department was sending out any forensic work to either the state lab, agencies that would take the work as their time allowed, and sometimes even hired private sector examiners. I figured the path of least resistance would be best, where making an offer that can't be refused to be the goal.

Here are some of the things I did in preparation:

  • *  Took vacation and paid out-of-pocket for training courses
  • *  Joined the local high-tech crime association
  • *  Gathered FOSS tools, paid for some basic software (WinHex, etc…)
  • *  Became certified in the basic of tech (A+, etc…)
  • *  Hosted forensic courses for a free seat in the courses
  • *  Visited every lab within driving distance for tips, guidance, and ideas
  • *  Wrote an entire policy on forensics (merely customized what others had done in other agencies)
  • *  Wrote a proposal for the implementation of a digital (computer) forensics lab
  • *  Created a list of every ‘free’ training and gear available (coming back to this list later…)
  • *  Found a closet full of junk that I could fit a small desk and chair
  • *  Made friends with the IT department (important!)
  • *  Joined the local ICAC
  • *  I did a lot of little things too, like read books, talk to anyone/everyone in forensics that would talk to me, etc...

All of this took my personal time and my own money. It took a lot of time. I don't even know how long I worked on it before I even proposed it.

A personal point on spending your own money. I am a believer in that if I want something to use in my job, that I feel best fits me or helps me, and my job doesn’t provide it, I will buy it. This is a personal decision based on personal factors and your opinion may vary.

Then I waited for a case. As soon as I saw one, I jumped on it and helped the case detective with the forensic part. I did that what I knew how to do. Easy things at first.  I did this as much as I could and luckily, I was in a position where I could do it in between other work I was assigned.  As a side note, I carried over 100 cases at a time, including major casework, and undercover assignments...and more. It can be done if you want to do it.

Then came the big ask.

Remember what I mentioned about creating a list of free training/gear? Get it ready. There are plenty of federal grants for free software, hardware, and training. Print out the forms, fill them out, and bring it along with your proposal and policy to whomever can crown you the forensic examiner. At that point, your agency will have not spent any money (sorry, but you had to), they will have a basically trained examiner at the ready (turnkey, on the spot), and be able to sign an agreement for free stuff that you already put together.

Hopefully, you kept stats on what you have done in forensic casework, the results of the cases (plea deals, convictions otherwise not have happened, etc…), plus records of any and all training you have done on your own.  Maybe have some recommendations from detectives that you have helped in their cases. You’ll be amazed at how happy a detective becomes when you find all the PC they need for their case on a hard drive…

Remember that closet you found earlier? If at this point you aren’t given a ‘lab’, point out that as long as you have a locked room, like that unused closet in the basement, you are happy and good to go. I was given my closet, which became the "Computer Forensic Lab". I tossed out the garbage, put in a desk, chair, and all the scraps from IT to build out a lab. The grant gear came in piece by piece until I had it all. The goal is to get your foot in a door, any door. You can expand everything in time.

Excuses and roadblocks

I believe that an excuse is merely giving up.  I also believe that some roadblocks can’t be overcome easily, and a few cannot be overcome at all. It is difficult to know which is in front of you. Sometimes you work hard on one of the insurmountable roadblocks and other times you may give up on something that you could have gotten with a little more time and effort. You just never know. Also, government work is different than the private sector. In most instances, it is not merit that is rewarded or compensated in government work. That is just the way it is. In the private sector, if an employee comes up with an idea that makes money, that employee is given a whole lot more leeway in doing things. In government, not so much. Sometimes, it is just the opposite.

I have seen more people in police work try to get into forensics and give up than I have seen succeed, due to both personal reasons and the office roadblocks. Politics plays a part. Staffing plays a part. Even personability plays a role. But if you want it, prepare yourself for lots of work, a long period of time, and possible rejection at every step. As for me, I was getting into forensics one way or another, in or out of government service.

The short story of this guidance is simply:

  1. Become a forensic examiner on your own time and own dime.
  2. Prep everything your department needs to start a lab.
  3. Be the only person fit and competent to carry out the position when you ask for it.

I’m sure other methods work too, but as for me, I rather plan it out, prep everything up front, become the only person for the position (at least the only turnkey ready person), be happy with what I get, and work forward from there. The negative in doing nothing more than asking to be sent to training and be given everything up front probably will result in either a terse ‘No’ or a ‘Good idea!. We’ll need a committee to discuss, request for next year’s budget, and then the following year open the position up to everyone in the department’.

Getting in is the hard part. It’s a cakewalk after that.

If you read this far and already have a forensic lab in your agency, they probably went through something like this in the beginning just to get started in a small closet 😊

If you have done something like this, or especially if you did it differently, let me know. I'm curious to the innovators in police work in this field. By the way, if you can get something like this done in police work, you are extremely marketable outside of police work. 

Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

101+ Tips & Tricks with X-Ways Forensics
X-Ways Forensics Cheat Sheet and “Three Things”