An overview of Technical Surveillance Countermeasure testing and its role in SCIF and SAPF security
A Technical Surveillance Countermeasure (TSCM) is a sweep through a secure facility searching for bugs or other types of electronic surveillance. This is a highly specialized test that many SCIF and SAPFs don’t require, but for those that do, the team performing the sweep needs to be highly trained and experienced. TSCM services may include detection of electronic eavesdropping devices, wiretaps and hidden cameras as well as advisement on your facility’s communications security (COMSEC) or technical security.
In these sweeps, the specialists are concerned not only with bugs placed by foreign agents looking to spy on classified programs, but they’re also concerned with competitors or criminals looking to steal intellectual property or proprietary information.
TSCM Overview
Equipment used in TSCM testing includes kits and systems that detect RF signals, both off and on electronic devices, cell signals and cell phones. Those running the tests can even find light emissions such as lasers that could be broadcasting a silent signal, or find viruses in the hardware of computers before they are used in the facility.
The teams running these sweeps will also work closely with your security, IT and facility management to understand company concerns and make sure they are thorough in their testing. They typically sweep floor by floor. Some areas, like personal offices, can be swept relatively quickly, while large common areas that have more sockets and workstations can take longer.
TSCM testing can be both part of a final security check after construction and as an ongoing part of the facility’s operations security, or OPSEC. You can run these tests if you find evidence of a loss of information or data. If you have insider threat concerns, this can also be worthwhile, especially if key staff has recently left on bad terms.
Tips for Running a Sweep
A TSCM sweep for SCIF and SAPF construction is something you only want to run if an Accrediting Official (AO) requires it. This is an expensive test that will also increase the lead time before you’re able to have the facility accredited. It simply isn’t something that every facility needs. You can also run TSCM tests on an existing facility if you have a concern that someone may be bugging your facility.
This testing can only take place at the end of construction, since you have to sweep the full facility, but you want to plan for it from the beginning. Find out if your AO will require this testing and schedule it as early as possible. The wait times for these services can be long, so you don’t want to wait until it’s time to have the test performed and have to extend the length of time before you’re able to finish the accreditation process.
For a facility that is already up and running and is doing a TSCM sweep as part of OPSEC, you would ideally have the team enter the building at night when there are no workers present. The sweep shouldn’t only cover offices or places where information is discussed or processed, but all areas including common areas like kitchens and restrooms. Even company vehicles should be inspected. Special attention should also be given to the telephone system by someone on the team with a focus in telecommunications engineering.
If you’re looking for help with navigating the accreditation process, whether that’s understanding if you need a TSCM sweep, filling out accreditation forms or overseeing the construction site, our technical consultants and SSM support teams can help you with it all. When accreditation is on the line, don’t take any chances on meeting ICD 705 requirements. Trust our experts and our 100% accreditation rate to ensure everything runs smoothly.
