Scheduled TSCM (Technical Surveillance Countermeasures) inspections for corporations ensure that critical information and data remains protected from even the most sophisticated unauthorized electronic surveillance techniques.
If you’re not already familiar with TSCM investigations or bug sweep detection services, here is a rundown of the questions we are commonly asked about our service offerings.
“What is a TSCM inspection?”
To perform the service, TSCM investigators will visit your organization and comprehensively inspect every corner of your premises for malicious devices and recording equipment.
“Why should we have a TSCM inspection?”
Crucially, regular scheduled TSCM inspections can help to keep your organization’s confidential data safe and private, all while preserving your company’s reputation. Electronic surveillance detection can help you avoid:
• Business Espionage
• Competitive Intelligence
• Mysterious Leaks
• Personal Privacy (including spycams in expectation of privacy areas)
• Malignant Activism
• Internal Intrigue
• Strategy Spying
• Media Snooping
• Eavesdropping Concerns
• Adverse Publicity
“What do scheduled TSCM inspections protect?”
• Sensitive Communications
• Boardroom Discussions
• Mergers & Acquisitions
• Delicate Negotiations
• Lawsuit Strategies
• Employee Safety
• Trade Secrets
• Personal Privacy
• Vulnerable Off-site Meetings
• Wireless Local Area Networks (WLANS)
• Executive Residences & Home Offices
• Executive transportation (vehicles, aircraft)
Direct Benefits of Scheduled TSCM Inspections
There are many reasons why you should consider regular TSCM investigations, but the main benefits include:
• Increased profitability
• Intellectual property protection
• An environment secure from long-term electronic surveillance invasions
• Advance warning of intelligence collection activities (spying)
• Confirmation of the effectiveness of current security measures and practices
• Privacy law compliance
• Discovery of new information loopholes before they can be used against you
• Compliance with the legal requirement for “Business Secret” status in court
• Enhanced personal privacy and security
• Improved employee morale
• Wi-Fi security and privacy law compliance
• Increased employee respect for information security
• Increased effectiveness of established security measures
• Reduction of consequential losses, e.g. an information leak sparks a stockholder’s lawsuit, or…an activist releases wiretaps to damage good-will and sales
You can learn more about the benefits of bug sweep detection services and enterprise best practices, here.
Security Department Benefits of Scheduled TSCM Inspections
When you hire an TSCM company, here are the advantages.
• Zero capital investment for expensive instrumentation.
• There’s no need to attend expensive and time-consuming training schools, because the experts will handle the technicalities for you.
• A specialist’s recommendations can fortify your own recommendations.
• There’s no risk to your reputation, because you can be assured that your office premises are safe and bug-free.
• Periodic inspections are now a standard business practice across many sectors. Inspections can be performed twice a year, although they’re often performed every quarter.
• Our scheduled TSCM inspections include an information security survey of the requested areas at no extra charge.
“I agree, a TSCM inspection is a good idea. How do we start?”
Your TSCM investigator can help you plan your inspection, but here are some tips for starting.
• Plan a strategy.
• Define your security experience, concerns, and goals.
• Create a priority list of the locations requiring a detailed TSCM inspection. Even though some tests may cover the entire building, not every space requires a detailed inspection. Focusing attention on critical areas provides better results, and reduces costs.
• Determine the proper frequency of follow-up scheduled TSCM inspections — everyone’s window-of-vulnerability is different. Most organizations find quarterly or biannual inspections suit their needs. Some use a mixture of both.
• Schedule supplementary inspections, as required, for: off-site meetings, Board meetings, and situations where risks are elevated.
We will prepare a no-obligation written proposal for you based on the information you provide. Upon deciding to have us help you, here is how it works:
Your Scheduled TSCM Inspection
Together, we arrange a mutually convenient time to conduct your TSCM investigation. Our services are available any time, any day or night. If required, we handle all the travel arrangements. Simply pick a time and date and we will be there.
Upon arrival, we will both define and refine your concerns, goals and any late-breaking events. This is when we ask for you to give us an orientation tour of your facility where we will look for vulnerabilities you may have overlooked.
Each TSCM inspection unfolds differently. Information (visual, audio and data) can be transferred from sensitive areas in a variety of ways. There is no “one” test, technique, or gadget which will detect every method. We have developed custom protocols, aided by specialized instrumentation, which we modify to fit your explicit organization’s security needs.
Elements Common to Most TSCM Inspections
• Radio Reconnaissance Spectrum Analysis™ – A search for illegal surveillance devices which transmit (audio, video or data) information via radio waves.
• Thermal Emissions Spectrum Analysis™ – Detection of heat emitted by spycams, bugs and other electronic circuits. Heat signatures can be found even when the devices are hidden in ceiling tiles, walls, or furniture.
• Communications Systems Surveillance Analysis™ – a proprietary test method developed by Murray Associates – which identifies surveillance methods used to extract information from: telephones, faxes, computer networks, etc. In addition to inspecting the actual equipment (phones, speakerphones, faxes, video teleconferencing systems, etc.), wireless networks, LANs, and networked printers are also inspected. We also examine your wiring for taps and transmitters.
• Wi-Fi Security Audits with Compliance Analysis – This is an examination of how the wireless network security is configured. This is important because it only takes one loophole for hackers to get in and your data to get out. Lack of proper network security can also create compliance issues; fines are very expensive.
• Malicious USB Spy Cable Inspection – A malicious cable is any cable (electrical or optical) which performs an unexpected, and unwanted function. The most common malicious capabilities are found in USB cables. Data exfiltration, GPS tracking, and audio eavesdropping are the primary malicious functions.
• Mapped Physical Inspection™ – Areas are systematically mapped for physical inspection. Each area is combed with several objectives in mind:
• physical penetration evaluation of the premises;
• location of hidden surveillance devices;
• discovery of evidence indicating prior installations;
• alerting you to future surveillance possibilities;
• reporting on other security and safety issues encountered.
This is the most important phase of the inspection, and relies heavily on security knowledge, experience, and intelligence. Example: A clear thread seen in a drape or carpet may look normal. Our technical investigators may suspect a fiber optic microphone… and search further.
• Non Linear Junction Detection – Areas are re-examined using non-destructive radar. This safe technique reveals semiconductor electronic components (transistors, diodes, etc.), the building blocks of electronic surveillance devices. Devices hidden in – or built into – furniture, ceiling tiles, and other objects can be identified with this technology… even if they are not active during the inspection!
“Will I receive a written report?”
Yes. Your written TSCM inspection report will detail:
• locations inspected,
• recommendations for remediation,
• non-electronic information security vulnerabilities seen – with recommendations, and explanations of our inspection methodology and instrumentation.
On most assignments, photographs and an Inspection Log are also included.
Your report is prepared by Kevin D. Murray, CPP, CISM, CFE, CDPSE, MPSC, an independent and credentialed security consultant with over four decades of experience. His report is proof of your due diligence.
“Let’s schedule a TSCM inspection. What do I need to do?”
Engaging our TSCM company services is easy. Call us from a “safe” phone. Tell us about your organization’s concerns and goals. We can help with suggestions and strategy development.
Complete our one-page TSCM assignment details sheet. It is located in our Introductory Booklet. If possible, include a floor map which indicates the sensitive areas requiring inspection. Tip: Create a priority list of sensitive areas requiring inspection. Not every square foot will require a detailed inspection. The radio-frequency portion of our inspections will cover large areas surrounding your sensitive areas anyway.
We will send you an accurate written estimate – expenses included. Sign-off on our estimate and return a copy to us. We can then decide upon a mutually convenient inspection date.
Have keys to locked areas (phone rooms, offices being inspected, contiguous areas, closets, etc.) Have a step ladder handy, if possible.
If this is an emergency TSCM inspection, please collect as much incident background information as you can for us, and…
• Do not discuss our services in, or call from suspect areas.
• Conduct your affairs normally.
• Do not reveal any suspicions you may have to others.
• Limit confidential conversations.
• Keep detailed notes about anything you feel is suspicious.
• Think ahead. If a device is found, what next? We can advise you on this.
It is crucial you don’t give any malicious insiders reason to suspect you’re on to them – otherwise, you won’t get the most from your TSCM inspection and the devices could be removed in time for the investigation.
“Do you need to see my building first?”
It is rarely necessary to inconvenience you – or tip our hand – with a preliminary visit. The Details Sheet is all we need. A floor plan is always helpful and appreciated.
“Could you give me just a rough idea of the cost?”
Fees generally range between $5,000 – $10,000 depending upon the complexity of the assignment. Travel expenses are only charged as incurred, and are estimated in advance for your approval. We will provide a detailed Proposal when you are ready.
“May I call you with additional questions?”
Please call us with your questions (800-635-0811 or +1-908-832-7900). We are here to help you.
- Scheduled TSCM inspections are not intrusive.
- Inspections may be scheduled at your convenience.
- You specify the areas to inspect and/or not to inspect.
- Inspection of vehicles may also be conducted at the same time.
Most importantly, we fully respect your privacy and confidentiality.
Have a Question About TSCM?
If you think you are under active electronic surveillance, or believe you have discovered a bug or covert video camera, follow the directions above and visit our post “I think I found a bug. What do I do?” The procedural checklist there will also tell you exactly what you need to do next.