Beginner’s Guide to Computer Forensics

Introduction
Computer forensics is the practice of collecting, analysing and reporting on digital information in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally. Computer forensics has comparable examination stages to other forensic disciplines and faces similar issues.

About this guide
This guide discusses computer forensics from a neutral perspective. It is not linked to particular legislation or intended to promote a particular company or product and is not written in bias of either law enforcement or commercial computer forensics. It is aimed at a non-technical audience and provides a high-level view of computer forensics. This guide uses the term “computer”, but the concepts apply to any device capable of storing digital information. Where methodologies have been mentioned they are provided as examples only and do not constitute recommendations or advice. Copying and publishing the whole or part of this article is licensed solely under the terms of the Creative Commons – Attribution Non-Commercial 3.0 license

Uses of computer forensics
There are few areas of crime or dispute where computer forensics cannot be applied. Law enforcement agencies have been among the earliest and heaviest users of computer forensics and consequently have often been at the forefront of developments in the field. Computers may constitute a ‘scene of a crime’, for example with hacking [ 1] or denial of service attacks [2] or they may hold evidence in the form of emails, internet history, documents or other files relevant to crimes such as murder, kidnap, fraud and drug trafficking. It is not just the content of emails, documents and other files which may be of interest to investigators but also the ‘meta-data’ [3] associated with those files. A computer forensic examination may reveal when a document first appeared on a computer, when it was last edited, when it was last saved or printed and which user carried out these actions.

More recently, commercial organisations have used computer forensics to their benefit in a variety of cases such as;

  • Intellectual Property theft
  • Industrial espionage
  • Employment disputes
  • Fraud investigations
  • Forgeries
  • Matrimonial issues
  • Bankruptcy investigations
  • Inappropriate email and internet use in the work place
  • Regulatory compliance

Guidelines
For evidence to be admissible it must be reliable and not prejudicial, meaning that at all stages of this process admissibility should be at the forefront of a computer forensic examiner’s mind. One set of guidelines which has been widely accepted to assist in this is the Association of Chief Police Officers Good Practice Guide for Computer Based Electronic Evidence or ACPO Guide for short. Although the ACPO Guide is aimed at United Kingdom law enforcement its main principles are applicable to all computer forensics in whatever legislature. The four main principles from this guide have been reproduced below (with references to law enforcement removed):

    1. No action should change data held on a computer or storage media which may be subsequently relied upon in court.

 

    1. In circumstances where a person finds it necessary to access original data held on a computer or storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.

 

    1. An audit trail or other record of all processes applied to computer-based electronic evidence should be created and preserved. An independent third-party should be able to examine those processes and achieve the same result.

 

  1. The person in charge of the investigation has overall responsibility for ensuring that the law and these principles are adhered to.

In summary, no changes should be made to the original, however if access/changes are necessary the examiner must know what they are doing and to record their actions.

Live acquisition
Principle 2 above may raise the question: In what situation would changes to a suspect’s computer by a computer forensic examiner be necessary? Traditionally, the computer forensic examiner would make a copy (or acquire) information from a device which is turned off. A write-blocker[4] would be used to make an exact bit for bit copy [5] of the original storage medium. The examiner would work then from this copy, leaving the original demonstrably unchanged.

However, sometimes it is not possible or desirable to switch a computer off. It may not be possible to switch a computer off if doing so would result in considerable financial or other loss for the owner. It may not be desirable to switch a computer off if doing so would mean that potentially valuable evidence may be lost. In both these circumstances the computer forensic examiner would need to carry out a ‘live acquisition’ which would involve running a small program on the suspect computer in order to copy (or acquire) the data to the examiner’s hard drive.

By running such a program and attaching a destination drive to the suspect computer, the examiner will make changes and/or additions to the state of the computer which were not present before his actions. Such actions would remain admissible as long as the examiner recorded their actions, was aware of their impact and was able to explain their actions.

Stages of an examination
For the purposes of this article the computer forensic examination process has been divided into six stages. Although they are presented in their usual chronological order, it is necessary during an examination to be flexible. For example, during the analysis stage the examiner may find a new lead which would warrant further computers being examined and would mean a return to the evaluation stage.

Readiness
Forensic readiness is an important and occasionally overlooked stage in the examination process. In commercial computer forensics it can include educating clients about system preparedness; for example, forensic examinations will provide stronger evidence if a server or computer’s built-in auditing and logging systems are all switched on. For examiners there are many areas where prior organisation can help, including training, regular testing and verification of software and equipment, familiarity with legislation, dealing with unexpected issues (e.g., what to do if child pornography is present during a commercial job) and ensuring that your on-site acquisition kit is complete and in working order.

Evaluation
The evaluation stage includes the receiving of clear instructions, risk analysis and allocation of roles and resources. Risk analysis for law enforcement may include an assessment on the likelihood of physical threat on entering a suspect’s property and how best to deal with it. Commercial organisations also need to be aware of health and safety issues, while their evaluation would also cover reputational and financial risks on accepting a particular project.

Collection
The main part of the collection stage, acquisition, has been introduced above. If acquisition is to be carried out on-site rather than in a computer forensic laboratory then this stage would include identifying, securing and documenting the scene. Interviews or meetings with personnel who may hold information which could be relevant to the examination (which could include the end users of the computer, and the manager and person responsible for providing computer services) would usually be carried out at this stage. The ‘bagging and tagging’ audit trail would start here by sealing any materials in unique tamper-evident bags. Consideration also needs to be given to securely and safely transporting the material to the examiner’s laboratory.

Analysis
Analysis depends on the specifics of each job. The examiner usually provides feedback to the client during analysis and from this dialogue the analysis may take a different path or be narrowed to specific areas. Analysis must be accurate, thorough, impartial, recorded, repeatable and completed within the time-scales available and resources allocated. There are myriad tools available for computer forensics analysis. It is our opinion that the examiner should use any tool they feel comfortable with as long as they can justify their choice. The main requirements of a computer forensic tool is that it does what it is meant to do and the only way for examiners to be sure of this is for them to regularly test and calibrate the tools they use before analysis takes place. Dual-tool verification can confirm result integrity during analysis (if with tool ‘A’ the examiner finds artefact ‘X’ at location ‘Y’, then tool ‘B’ should replicate these results.)

Presentation
This stage usually involves the examiner producing a structured report on their findings, addressing the points in the initial instructions along with any subsequent instructions. It would also cover any other information which the examiner deems relevant to the investigation. The report must be written with the end reader in mind; in many cases the reader of the report will be non-technical, so the terminology should acknowledge this. The examiner should also be prepared to participate in meetings or telephone conferences to discuss and elaborate on the report.

Review
Along with the readiness stage, the review stage is often overlooked or disregarded. This may be due to the perceived costs of doing work that is not billable, or the need ‘to get on with the next job’. However, a review stage incorporated into each examination can help save money and raise the level of quality by making future examinations more efficient and time effective. A review of an examination can be simple, quick and can begin during any of the above stages. It may include a basic ‘what went wrong and how can this be improved’ and a ‘what went well and how can it be incorporated into future examinations’. Feedback from the instructing party should also be sought. Any lessons learnt from this stage should be applied to the next examination and fed into the readiness stage.

Issues facing computer forensics
The issues facing computer forensics examiners can be broken down into three broad categories: technical, legal and administrative.

Encryption – Encrypted files or hard drives can be impossible for investigators to view without the correct key or password. Examiners should consider that the key or password may be stored elsewhere on the computer or on another computer which the suspect has had access to. It could also reside in the volatile memory of a computer (known as RAM [6] which is usually lost on computer shut-down; another reason to consider using live acquisition techniques as outlined above.

Increasing storage space – Storage media holds ever greater amounts of data which for the examiner means that their analysis computers need to have sufficient processing power and available storage to efficiently deal with searching and analysing enormous amounts of data.

New technologies – Computing is an ever-changing area, with new hardware, software and operating systems being constantly produced. No single computer forensic examiner can be an expert on all areas, though they may frequently be expected to analyse something which they haven’t dealt with before. In order to deal with this situation, the examiner should be prepared and able to test and experiment with the behaviour of new technologies. Networking and sharing knowledge with other computer forensic examiners is also very useful in this respect as it’s likely someone else may have already encountered the same issue.

Anti-forensics – Anti-forensics is the practice of attempting to thwart computer forensic analysis. This may include encryption, the over-writing of data to make it unrecoverable, the modification of files’ meta-data and file obfuscation (disguising files). As with encryption above, the evidence that such methods have been used may be stored elsewhere on the computer or on another computer which the suspect has had access to. In our experience, it is very rare to see anti-forensics tools used correctly and frequently enough to totally obscure either their presence or the presence of the evidence they were used to hide.

Legal issues
Legal arguments may confuse or distract from a computer examiner’s findings. An example here would be the ‘Trojan Defence’. A Trojan is a piece of computer code disguised as something benign but which has a hidden and malicious purpose. Trojans have many uses, and include key-logging [7], uploading and downloading of files and installation of viruses. A lawyer may be able to argue that actions on a computer were not carried out by a user but were automated by a Trojan without the user’s knowledge; such a Trojan Defence has been successfully used even when no trace of a Trojan or other malicious code was found on the suspect’s computer. In such cases, a competent opposing lawyer, supplied with evidence from a competent computer forensic analyst, should be able to dismiss such an argument.

Accepted standards – There are a plethora of standards and guidelines in computer forensics, few of which appear to be universally accepted. This is due to a number of reasons including standard-setting bodies being tied to particular legislations, standards being aimed either at law enforcement or commercial forensics but not at both, the authors of such standards not being accepted by their peers, or high joining fees dissuading practitioners from participating.

Fitness to practice – In many jurisdictions there is no qualifying body to check the competence and integrity of computer forensics professionals. In such cases anyone may present themselves as a computer forensic expert, which may result in computer forensic examinations of questionable quality and a negative view of the profession as a whole.

Resources and further reading
There does not appear to be a great amount of material covering computer forensics which is aimed at a non-technical readership. However the following links at links at the bottom of this page may prove to be of interest prove to be of interest:

Glossary
1. Hacking: modifying a computer in way which was not originally intended in order to benefit the hacker’s goals.
2. Denial of Service attack: an attempt to prevent legitimate users of a computer system from having access to that system’s information or services.
3. Meta-data: at a basic level meta-data is data about data. It can be embedded within files or stored externally in a separate file and may contain information about the file’s author, format, creation date and so on.
4. Write blocker: a hardware device or software application which prevents any data from being modified or added to the storage medium being examined.
5. Bit copy: bit is a contraction of the term ‘binary digit’ and is the fundamental unit of computing. A bit copy refers to a sequential copy of every bit on a storage medium, which includes areas of the medium ‘invisible’ to the user.
6. RAM: Random Access Memory. RAM is a computer’s temporary workspace and is volatile, which means its contents are lost when the computer is powered off.
7. Key-logging: the recording of keyboard input giving the ability to read a user’s typed passwords, emails and other confidential information.

 

How To Wisely Buy A New Computer

We are now into 2012, and your old computer just quit. Do you fix it or buy a new computer? If the computer is 5 years old or older, then probably buying a new computer is the better strategy. Many computers manufactured 5 to 9 years ago have hardware components that fail mandating replacement of the computer. Please read on to understand how to buy the best computer for your needs.

The first decisions to make in buying a new computer are very basic. By answering these questions you determine your basic purchase strategy:

1. Please ask yourself “How much can I spend?” The computer prices range from $200 to $400, $450 to $800, and $900 and up.

2. Next determine the computer type (or style) that works best for you. The types of computers are desktop, laptop, and tablet. These types of computers differ in their size, portability, and functionality. Desktop computers are the least portable. They are good for using multiple displays and heavy workloads. Laptops vary in size and portability. The big ones have 17-inch display making them luggable for occasional trips. Big laptops have most of the capabilities of a desktop but the computing horsepower is lower than a desktop in order to conserve laptop battery power. Similarly, the display is smaller with lower resolution than displays used with desktop computers. Tablet computers are the most portable. They can do a lot, but with a much smaller display. The tablets are a powerful, portable information tool that is one step above a smartphone.

3. Finally, the timeless question is: Do I buy an Apple or another computer? The other computer main selections are Windows 7 operating system or Android operating system computers. There are also Linux computers. Linux is free General Public License software operating system. Linux computers are equivalent for everyday users to Windows and Apple computers. The single difference between Linux and Windows is that with a Linux computer you only pay for the computer hardware which is a huge savings over Apple and Windows computers.

The market for Apple computers is tightly controlled. This means that Apple computers work very well with few problems. They are seldom attacked by malicious software. Everything an enthusiastic Apple owner says about their Apple is true. They are also beautiful looking computers. The down side is that they are expensive. When an Apple does malfunction, you have a big problem. If the Apple computer is under warranty, then you schedule a visit to the Apple store and wait in line to get it fixed. Also, you pay a lot for the repair.

In contrast Windows 7 computers are like the Wild West. In the Wild West anything can and does happen. There are many competing hardware and software products for Windows 7 computers. Windows 7 computers are the most malware, spyware, and virus attacked computers. Because there are more Windows computers sold than any other computers, Windows computers are the biggest target to attack. Apple computers also get viruses, but much less often than Windows computers. Windows computers can be cheap computers but they are not cheaper than Linux computers.

4. The final question is: What computer manufacturer do you like? Each manufacturer has its approach to selling computers. My preference is manufacturers that do not add fancy frills beyond the basics that come with Windows or the computer operating system. Most of the frills try to sell you something, provide functions that a redundant with the operating system, they occupy screen space getting in the way of what you are doing, and they overload and slow down the computer. For example, HP computers are like Big MACs, they taste great but come with a lot of software fat. Lenovo computers are like a bank vault. They secure your data but are miserable to fix because of the security. It seems that all computers come with an annoying “dock” or application launcher. It takes up a lot of screen space and really adds little beyond what Windows itself provides. It is always cheaper to purchase a package than to build a custom computer. Purchasing custom computer parts is always more expensive than buying a packaged system from a manufacturer because the manufacturers purchase computer components in such high volume.

Once your basic strategy is determined, then it is time to find a computer. The approach here is to use the Internet to perform the initial shopping and then go to the store to make the final decision and purchase. Please go to the web site of a computer retailer near you such as Best Buy or Staples. Search their site based on the type (or style) of computer that works best for you. The site should produce a list of computers from which to choose. Sort them by “Best Selling” and check the “Customer Reviews”. Please determine how the price compares to your budget. Most retail store sites permit comparing the features of three computers side by side. Carefully select three computers for comparison.

This approach was used to compare from one retailer three desktop computers moderately priced. They ranged from $429.99 to $699.99. The $429.99 computer used a 3.3 GHz Intel i3 CPU chip, had 6 GB RAM, and a 1 TB disk drive. The 549.99 computer used an AMD 2.4 GHz CPU chip, had 8 GB RAM, and had a slower 5,400 rpm 1.5 TB drive. The $699.99 computer used an Intel 3.0GHz i5 CPU chip, had 6 GB RAM and a 7,200 rpm 1 TB drive. The differences between these systems are not likely to make the most expensive system perform that noticeably better to a user than the least expensive system. As long as the hardware features are generally in the same range the performance seems to be the same for each computer.

All systems used the latest DDR3 RAM. The computer with 8 GB of RAM may perform better than those computers with 6 GB of RAM. One thing is certain; all these computers would be decidedly faster than a Windows XP system with 2 GB of RAM. While special performance test programs can measure the performance difference between a 2.4 GHz AMD CPU chip computer and a 3.3 GHz Intel i5 CPU chip computer, people barely notice the difference. What people do notice is that AMD chip computers usually are cheaper by $100 or more than Intel CPU chip computers.

The Windows Performance Index is a measure of the combined performance of all the components of a Windows Vista or a Windows 7 computer. The Windows Performance Index is a single number that varies between 1 and 7.9. Low end systems have Windows Performance Index numbers in the 3.4 to 4.5 range. A computer with a 3.4 score perform the same as a computer with a 4.5 score to a human. To see a performance difference the Windows Performance Index would need to go from a 4.5 to a 7.5.

The Windows Performance Index is not mentioned in any advertising to my knowledge. It is found on Windows 7 computers by opening START, clicking the right mouse button on the COMPUTER menu selection and then selecting PROPERTIES from the drop down menu that appears. To see Windows Performance Index you would need to have a store sales person fire up the computer and help you view it.

Apple computers usually have hardware operates at slower speeds and has smaller capacities than Windows computers. The Apple computers perform as well as or better than their Windows competitors because they use a different and tightly controlled operating system. The software interaction with the hardware makes up for the slower Apple hardware.

The final comparison area is in the display. Monitors today use Light Emitting Diode (LED) backlighting. The LEDs use little power and should last seemingly forever. Monitor physical size contributes to visibility. A character on a 14-inch monitor is smaller than the same character on a 24-inch monitor. The bigger monitor images are more easily viewed. Monitors resolution is expressed in horizontal by vertical dots or pixels. Typically they are something like 1600 by 900 dots. Monitors with a larger number of dots of vertical resolution have a better display. Often monitors will be advertised as 1080p. The 1080p resolution is 1080 dots of vertical resolution with each line refreshed on each scan cycle. On a 1600 by 1200 monitor you can see a full 8.5 by 11 inch page when it is viewed at full size or 100% zoom. Monitors with 900 dots vertical resolution often cut off the bottom of the page when it is viewed at full size.

The final bit of wisdom to consider in purchasing a new computer is not to purchase the most expensive computer. Here is why. A client asked me to get him a computer. At the Dell web site I configured a computer with what seemed to be modest features. This computer cost $3,000. At Costco they offered a computer package that had somewhat lower performance features for under $1,000. If the client purchased a new $1,000 computer every year for three years, at the end of three years he would have better computer than if he purchased the $3,000 Dell computer. Only purchase the most expensive computer if you must absolutely have the features and performance it provides. Otherwise stay with more moderately priced computers and purchase them more often. Buying two $400 computers is better than going for a single $800 computer in the long run.

 

Health Insurance for Canadian Immigrants

One of the first things you’ll want to do after arriving is apply for health insurance cards for every member of your family. Applications are available in many places, including doctor’s offices and pharmacies. These cards allow you to receive care through the Canadian health insurance program for the following services:

o Examination and treatment by physicians and most specialists

o Many types of surgery

o Hospitalization

o X-rays and laboratory tests

o Immunizations

You will not have to pay for these services, these expenses are covered by the taxes that you will be paying as a working Canadian permanent resident.

In most provinces in Canada, you can begin receiving medical coverage as soon as you apply. In Ontario, Quebec, New Brunswick, and British Columbia, however, you must wait 3-months from the date you apply for your coverage to begin. In the meantime, short-term health insurance is available through private companies.

You may also want to ask potential employers about their health coverage options as well. Many employers provide additional health insurance benefits that cover expenses, such as prescription drugs and dental care.

Social Insurance Number

Before you begin working in Canada, you need to have a Social Insurance Number (SIN). This 9-digit number is used to help you receive the social benefits you are entitled to as a Canadian permanent resident and to ensure that you are paying taxes to help support those benefits.

To apply for a SIN, you should visit a local office of the Human Resources and Skills Development (HRSD) to complete an application. You should also bring along your Permanent Resident card to proof your identity and your residency status.

The cost of application is $10, and it takes about three weeks for you to receive your card.

You can begin working before your receive your SIN card, however. You simply need to provide your employer with proof that you have applied.

Employment

In most cases, you will also want to begin searching for work almost immediately. It is possible to have a position lined up even before you apply for permanent resident status, but chances are that you’ll be unemployed when you first arrive.

Depending on the type of work you are searching for, you may first need to apply for permission to engage in that profession. In Canada, some careers are classified as regulated fields. These fields included doctors, lawyers, teachers, etc. In order to obtain work in these areas, you will need to contact the regulatory office in the province where you intend to work. The regulations vary from province to province.

The regulatory board will have to evaluate your experience and credentials then decide whether you need to take further steps to meet their standards.

Some trades, such as carpenter or plumber, are also considered to be regulated. Therefore, you must make sure that you have the appropriate licensing before attempting to work in those fields. Carpentry and plumbing, as well as 43 other trades, are considered Red Seal Trades. This means that the regulations for that trade are the same in all provinces. Therefore, if you are a licensed welder in Quebec, you can also do that type of work in New Brunswick without having to go through another assessment.

Fortunately, the majority of jobs in Canada are non-regulated, so you can begin searching for a position in your chosen field as soon as you arrive.

One of the best ways to find a position in Canada is to use the Job Bank service. This online site allows you to post up to 3 employee profiles that can be viewed by employers. You can also view postings placed by employers throughout Canada. The daily newspapers in all of the provinces also include job listings.

A Changing Industry: All About Family Insurance in Canada

Comprehensive family insurance in Canada today is a million dollar industry that encompasses a large number of private and public insurance companies. These companies cover families for the many potential risks that often leave people in a financial bind, including mandatory coverage such as car insurance, and other coverage such as health, home and life insurance.

Canadian families have many options when it comes to protecting themselves against life’s unexpected dire consequences. Over time, the insurance industry in Canada has grown, developed, and changed to meet the needs of its residents, embracing current trends, and providing desired products while keeping costs under control.

Medical Care for Loved Ones: Health Insurance

Medical coverage falls under the umbrella of optional family insurance in Canada. Although Canadians are fortunate to be provided with medical coverage under provincial health plans, there are nevertheless gaps in the program that can be filled with additional private health insurance. For instance, provincial health plans do not typically cover dental or vision care, or medical expenses when travelling outside the country. Many Canadians obtain private coverage for prescription drugs if they are not among those who qualify for assistance.

Canada’s health insurance system has a long history. Saskatchewan was the first province to pass laws providing coverage in 1946, and by 1961 all the provinces had followed suit. In 1984, the Canada Health Act set forth federal standards by which provinces could receive funding from the federal government. According to a 2009 poll, more than 86% of Canadians state that they support the provincial health care system.

Health insurance in Canada has faced several challenges over time. More recently, there is a push to privatize health care in some areas, in spite of popular opinion. Canada’s health care system is relentlessly scrutinized and its policies are a topic of ongoing discussions, but in the meantime, families can obtain additional medical coverage from private insurance providers in order to fill the gaps left by provincial plans.

Public and Private: Car Insurance

One of the largest areas of family insurance in Canada is the car insurance industry, a field that has undergone much change over the years. When cars first became available in Canada, a few large companies were already offering personal lines of coverage to Canadians. One of the oldest insurance companies in the nation is the Dominion of Canada General Insurance Company, which opened its doors in 1887 and still offers auto policies and other types of coverage today.

As the need for auto insurance increased, things changed across the country. Some provinces devised their own system of public coverage, such as Manitoba’s Autopac, while others chose a public system of insurance similar to that used in the United States. With more and more cars on the road, provinces eventually passed laws requiring that all drivers carry a liability insurance policy. With insurance now mandatory, the competition for Canadians’ insurance dollars became fierce.

In time, provinces with a public system had to improve the laws in order to protect consumers from overpaying for insurance. Several provinces have now implemented maximum rates that insurance providers must adhere to, and have established control over when and how rates can be raised, in the hope of decreasing the number of people driving without insurance because they cannot afford it.

The Roof over your Head: Home Insurance

Homeowners insurance is also a major consideration when it comes to comprehensive family insurance in Canada. In time, the need for coverage grew as the cost of homes rose and more families were unable to recover from fire and other damages. At the same time, mortgage companies required some protection from substantial financial losses when homes were destroyed. Homeowners insurance is designed to protect both parties. In Canada, this type of insurance is sold by public companies in all provinces, as opposed to auto insurance which is public only in certain provinces.

Started in 1839, the Gore Mutual Fire Insurance Company is the oldest property and casualty insurer in Canada. Since that time, many more companies have opened their doors, providing Canadians with coverage to protect their homes and property from many risks including fire and theft.

Protecting Those Left Behind: Life Insurance

When you think about family insurance in Canada, one of the first things that probably pops into your mind is life insurance, most likely because of its direct human connection. Life insurance protects families from financial disaster when the main breadwinner in the household passes away unexpectedly. It offers an immediate financial cushion to a family experiencing instability, and provides them with time to recover without having to worry over finances.

Two of the oldest life insurance companies in Canada are the Canada Life Insurance Company which started in 1874, and Great West Life which started in 1881. Today, the two companies have merged to form a powerful and venerable player in the life insurance scene. Many other companies are also in the business, some of which are wholly Canadian based, while others have branches in foreign countries.

Although life insurance was once considered somewhat of a luxury for the wealthy, today it has become a vital part of family insurance in Canada, and addresses all levels of income. With so many companies selling life insurance, rates have become competitive over the years, making it easier for Canadian families to choose the coverage they need at a price they can afford.

Coverage for your Family Today

It is easier than ever to provide your family with comprehensive insurance coverage. There are multiple insurance companies operating in Canada that offer a wide range of policies for Canadian families. Although the basic three – auto, home and life- are the most common policies, other significant areas of family insurance should be taken into account, such as health insurance, travel insurance and dental and vision care insurance.

Canada’s insurance providers have grown and improved over time to keep up with the ever-changing needs of Canada’s families. Their purpose is to provide you with the comprehensive protection required to keep your family, home, quality of life and financial assets safe.