Executive Suite Security Considerations
— Executive suite security protects confidential information and conversations, the life-blood of business and government organizations. Intellectual property and operational privacy are basic elements of most competitive advantages. Without information security measures, and the privacy to discuss important strategies, the wolves win.
The highest profile targets in most organizations are executive suites and boardrooms. These are the areas which require special protections. Once a security strategy is in place here, it can be easily replicated in other sensitive areas.
The following is a list of the main executive suite security topics, with sub-topic specifics, to address when you are creating an information security strategy. Protection doesn’t need to be expensive. In fact, you will find it to be minor when compared with the value of what you are protecting.
Executive Suite Security Checklist
Perimeter Security / Access Control
— Executive suite security | Physical segregation from other departments | Individual office security
— Key Control | Managed access control | Desk and filing cabinet security
— Video Surveillance (CCTV) | Recording, storage, notification
— Secure storage for written information
Sensitive Wastepaper Disposal
— Desk-side crosscut shredding
— Bulk shredding / Holding containers
Eavesdropping and Electronic Surveillance Prevention
— Technical Surveillance Countermeasures (TSCM) inspections (aka bug sweeps)
— Conducted quarterly, prior to sensitive meetings, and as needed.
— External visual surveillance mitigation
— Sound migration mitigation
Executive Suite Security of Technology
— Phone (VoIP), video, speakerphone, voice mail security & feature settings
— Document Print Stations
— Written Management Policies for: Recording in the Workplace, Passwords, USB Memory Stick Restrictions, Leveled Access to Information.
— Corporate Directory Protection
— Secured wiring and equipment areas
— Wi-Fi Access Point (AP) Security: Compliance with legal requirements, network configuration, connection management
— Telephone headsets
— Presenter’s microphones
— Keyboards & mice
— Bluetooth devices
— Unauthorized employee and visitor owned devices (BYODs)
Background Checks for Office Personnel
— First aid
— Intruder alert protocol
— Safe room
— Evacuation plan
Your organization may have slightly different, or additional, security needs. This checklist, however, will get you started.
An independent information security consultant, with technical surveillance countermeasures (TSCM) and cyber security skills, can assist you with implementation. Having done it many times before, they will make the process easy for you.
You may also want to read:
Surreptitious Workplace Recording — and what to do about it
How to Choose a Competent TSCM (Technical Surveillance Countermeasures) Consultant
Corporate Counterespionage Strategy – The Basic Elements
Kevin D. Murray CPP, CISM, CFE is a business counterespionage consultant and TSCM specialist with over four decades of experience.
Murray Associates is an independent security consulting firm, providing eavesdropping detection and counterespionage services to business, government and at-risk individuals.
Headquartered in the New York metropolitan area, a Murray Associates team can assist you quickly, anywhere in the United States, and internationally.