Scheduled TSCM (Technical Surveillance Countermeasures) inspections ensure critical information and data remains protected from unauthorized electronic surveillance.
We are often asked…
“Why should we have a TSCM inspection?”
Because electronic surveillance is at the core of many business problems.
• Business Espionage
• Competitive Intelligence
• Mysterious Leaks
• Personal Privacy (including spycams in expectation of privacy areas)
• Malignant Activism
• Internal Intrigue
• Strategy Spying
• Media Snooping
• Eavesdropping Concerns
• Adverse Publicity
“What do scheduled TSCM inspections protect?”
• Sensitive Communications
• Boardroom Discussions
• Mergers & Acquisitions
• Delicate Negotiations
• Lawsuit Strategies
• Employee Safety
• Trade Secrets
• Personal Privacy
• Vulnerable Off-site Meetings
• Wireless Local Area Networks (WLANS)
• Executive Residences & Home Offices
• Executive transportation (vehicles, aircraft)
Direct Benefits of Scheduled TSCM Inspections
• Increased profitability.
• Intellectual property protection.
• An environment secure from long-term electronic surveillance invasions.
• Advance warning of intelligence collection activities (spying).
• Double check the effectiveness of current security measures and practices.
• Document compliance with many privacy law requirements.
• Discovery of new information loopholes before they can be used.
• Help fulfill legal the requirement for “Business Secret” status in court.
• Enhanced personal privacy and security.
• Improved employee moral.
• Wi-Fi Security and compliance with privacy laws.
• Increase employee respect for information security.
• Increase effectiveness of established security measures.
• Reduction of consequential losses, e.g. an information leak sparks a stockholder’s lawsuit, or… an activist releases wiretaps to damage good-will and sales.
You can learn more about the benefits and enterprise best practices, here.
Security Department Benefits of Scheduled TSCM Inspections
• Zero capital investment for expensive instrumentation.
• No need to attend expensive and time-consuming training schools.
• A specialist’s recommendations can fortify your own recommendations.
• No risk to your reputation.
• Periodic inspections are now a standard business practice.
• They are usually conducted quarterly, or biannually.
• Our scheduled TSCM inspections include an information security survey of the areas at no extra charge.
“I agree, a TSCM inspection is a good idea. How do we start?”
• Plan a Strategy.
• Define your security experience, concerns, and goals.
• Create a priority list of the locations requiring a detailed inspection. Even though some tests may cover the entire building, not every space requires a detailed inspection. Focusing attention on critical areas provides better results, and reduces costs.
• Determine the proper frequency of follow-up scheduled TSCM inspections — everyone’s window-of-vulnerability is different. Most organizations find quarterly or biannual inspections suit their needs. Some use a mixture of both.
• Schedule supplementary inspections, as required, for: off-site meetings, Board meetings, and situations where risks are elevated.
We will prepare a no-obligation written proposal for you based on the information you provide. Upon deciding to have us help you, here is how it works:
Your Scheduled TSCM Inspection
Together, we arrange a mutually convenient time to conduct your inspection. Our services are available any time, any day or night. If required, we handle all the travel arrangements. Simply pick a time and date and we will be there.
Upon arrival, we will both define and refine your concerns, goals and any late-breaking events. This is when we ask for you to give us an orientation tour of your facility where we will look for vulnerabilities you may have overlooked.
Each TSCM inspection unfolds differently. Information (visual, audio and data) can be transferred from sensitive areas in a variety of ways. There is no “one” test, technique, or gadget which will detect every method. we have developed custom protocols, aided by specialized instrumentation, which we modify to fit your explicit organization’s security needs.
Elements Common to Most TSCM Inspections
• Radio Reconnaissance Spectrum Analysis™ – A search for illegal surveillance devices which transmit (audio, video or data) information via radio waves.
• Thermal Emissions Spectrum Analysis™ – Detection of heat emitted by spycams, bugs and other electronic circuits. Heat signatures can be found even when the device are hidden in ceiling tiles, walls, or furniture.
• Communications Systems Surveillance Analysis™ – a proprietary test method developed by Murray Associates – which identifies surveillance methods used to extract information from: telephones, faxes, computer networks, etc. In addition to inspecting the actual equipment (phones, speakerphones, faxes, video teleconferencing systems, etc.), wireless networks, LANs, and networked printers are also inspected. We also examine your wiring for taps and transmitters.
• Wi-Fi Security Audits with Compliance Analysis – This is an examination of how the wireless network security is configured. This is important because it only takes one loophole for hackers to get in and your data to get out. Lack of proper network security can also create compliance issues; fines are very expensive.
• Malicious USB Spy Cable Inspection – A malicious cable is any cable (electrical or optical) which performs an unexpected, and unwanted function. The most common malicious capabilities are found in USB cables. Data exfiltration, GPS tracking, and audio eavesdropping are the primary malicious functions.
• Mapped Physical Inspection™ – Areas are systematically mapped for physical inspection. Each area is combed with several objectives in mind:
• physical penetration evaluation of the premises;
• location of hidden surveillance devices;
• discovery of evidence indicating prior installations;
• alerting you to future surveillance possibilities;
• reporting on other security and safety issues encountered.
This is the most important phase of the inspection, and relies heavily on security knowledge, experience, and intelligence. Example: A clear thread seen in a drape or carpet may look normal. Our technical investigators may suspect a fiber optic microphone… and search further.
• Non Linear Junction Detection – Areas are re-examined using non-destructive radar. This safe technique reveals semiconductor electronic components (transistors, diodes, etc.), the building blocks of electronic surveillance devices. Devices hidden in – or built into – furniture, ceiling tiles, and other objects can be identified with this technology… even if they are not active during the inspection!
“Will I receive a written report?”
Yes. Your written report will detail:
• locations inspected,
• recommendations for remediation,
• non-electronic information security vulnerabilities seen – with recommendations,
• and explanations of our inspection methodology and instrumentation.
On most assignments, photographs and an Inspection Log are also included.
Your report is prepared by Kevin D. Murray, CPP, CISM, CFE, CDPSE, MPSC, an independent and credentialed security consultant with over four decades of experience. His report is proof of your due diligence.
“Let’s schedule a TSCM inspection. What do I need to do?”
Engaging our services is easy. Call us from a “safe” phone. Tell us about your organization’s concerns and goals. We can help with suggestions and strategy development.
Complete our one-page TSCM assignment details sheet. It is located in our Introductory Booklet. If possible, include a floor map which indicates the sensitive areas requiring inspection. Tip: Create a priority list of sensitive areas requiring inspection. Not every square foot will require a detailed inspection. The radio-frequency portion of our inspections will cover large areas surrounding your sensitive areas anyway.
We will send you an accurate written estimate – expenses included. Sign-off on our estimate and return a copy to us. We can then decide upon a mutually convenient inspection date.
Have keys to locked areas (phone rooms, offices being inspected, contiguous areas, closets, etc.) Have a step ladder handy, if possible.
If this is an emergency TSCM inspection, please collect as much incident background information as you can for us, and…
• Do not discuss our services in, or call from suspect areas.
• Conduct your affairs normally.
• Do not reveal any suspicions you may have to others.
• Limit confidential conversations.
• Keep detailed notes about anything you feel is suspicious.
• Think ahead. If a device is found, what next? We can advise you on this.
“Do you need to see my building first?”
It is rarely necessary to inconvenience you – or tip our hand – with a preliminary visit. The Details Sheet is all we need. A floor plan is is always helpful and appreciated.
“Could you give me just a rough idea of the cost?”
Fees generally range between $5,000 – $10,000 depending upon the complexity of the assignment. Travel expenses are only charged as incurred, and are estimated in advance for your approval. We will provide a detailed Proposal when you are ready.
“May I call you with additional questions?”
Please call us with your questions (800-635-0811 or +1-908-832-7900). We are here to help you.
- Scheduled TSCM inspections are not intrusive.
- Inspections may be scheduled at your convenience.
- You specify the areas to inspect and/or not to inspect.
- Inspection of vehicles may also be conducted at the same time.
Most importantly, we fully respect your privacy and confidentiality.
Have a Question About TSCM?
If you think you are under active electronic surveillance, or believe you have discovered a bug or covert video camera, follow the directions above and visit our post “I think I found a bug. What do I do?” The procedural checklist there will also tell you exactly what you need to do next.