A system and method for performing a forensic analysis of a subject computer having a non-volatile memory with a second computer is provided. In one embodiment, the method includes executing on the subject computer a first code segment configured to provide communications via a non-proprietary communication protocol such as the Internet Small Computer System Interface (iSCSI) protocol; establishing a connection between the second computer and the subject computer via the non-proprietary communication protocol. The non-proprietary communication protocol includes one or more write operations for writing data to a non-volatile memory in response to one or more write commands and the first code segment is configured to not write data to the non-volatile memory of the subject computer in response to receipt of the one or more write commands. The method may include performing a first forensic analysis of the subject computer via the connection. In addition, the method may further comprise establishing a secure connection, such via the Internet, between the second computer and a remote computer, wherein performing the first forensic analysis is initiated by the remote computer. A pre-defined forensic instruction set may be stored on the second computer and executed to perform the first forensic analysis.