Emergency TSCM Sweeps
Call us for an emergency TSCM Sweep if you suspect you are a victim of eavesdropping, or there has been suspicious activity.
If you have a sense that something isn’t quite right, trust your instincts, the thought would not have occurred to you if everything was all right. Conduct a TSCM sweep ASAP. Time is of the essence, and you may get only one chance to “do it right.”
Our experience indicates that the need for emergency TSCM sweeps are usually triggered by someone inside your organization. For example:
- braggarts oftentimes try to impress coworkers with “insider” knowledge,
- even the most senior executives can overlook a minor security protocol exposing valuable data,
- and disgruntled employees are always a threat if valuable information is available to them.
Conduct an Emergency TSCM Sweep First
Even if you are positive a specific person is privy to information they should not have, the best practice is to conduct an emergency bug sweep first. Do not confront the suspect until you are sure electronic surveillance is not a factor.
We find most information losses can be traced back to people. Big mouths and poor information security practices top the list of transgressions. However, the possibility your information was lost via illegal electronic surveillance has to be considered before accusing people.
An Emergency TSCM Sweep Answers Many Questions
Emergency TSCM sweeps are commissioned because electronic surveillance always tops the list of suspects. Why? Bugs are easier to get, get smaller everyday, and are incredibly cheap now. Don’t believe me? Try this Ebay search for Surveillance Bug.
We go into an emergency TSCM sweep knowing a real loss has occurred. Almost all of these cases are successfully solved even though electronic surveillance is the sole factor only 2%-5% in any given year. Our high success rate is due to our focus on solving our clients’ problems, not just finding bugs and saying good-bye. The vast majority of our emergency TSCM sweeps find non-electronic surveillance information loss issues too.
Other triggers that require emergency TSCM sweeps come from poor or lapse security practices. Regardless of how well intentioned your security and practices are, if your security plans are poorly designed, improperly implemented, or use outdated hardware – you represent a rich target for employee snooping and industrial espionage.
Fortunately, how your information loss occurred can usually be determined during an emergency TSCM sweep, if it’s conducted quickly and quietly.
Solving emergency TSCM cases requires more evaluation than what you will get from an ordinary bug sweep. A complete and thorough emergency TSCM sweep also takes into consideration:
- general security policies,
- information security safeguards,
- employee implementation of these policies and safeguards,
- physical security design,
- and a review of security hardware to discover decay and inadequacies.
The Murray Associates team has this combination of skills, knowledge and experience.
Sometimes emergency TSCM sweeps are requested because someone found a bug or a suspicious device. In these cases, the following steps should be followed to protect the crime scene and help facilitate catching the perpetrator:
The “I think I found a bug” procedural checklist:
Do not disturb the device. It is evidence.
Do not alert the eavesdropper by talking.
Secure the area. It is a crime scene. (Use a non-alerting excuse.)
Document your evidence. Make notes. Take photos.
Notify only people who have a real need-to-know.
Tell all persons involved to keep it confidential.
Contact us. When you make your call use a safe phone in a secured area.
After the Sweep, our Technical Surveillance Countermeasures specialist will work with you to:
complete the documentation process;
inspect for additional, or supplementary devices;
evaluate the situation; answer your questions;
make suggestions as to how to identify the eavesdropper;
help you develop an information protection strategy for the future.