TSCM - Technical Surveillance Counter Measures
When it is imperative that your spoken, written and digital communication are protected against unauthorized intercept, it is necessary to assure that your work environment and communication technology is certified free from technical compromise. In-house technical resources may be skilled at addressing IT related security concerns, but often the experience and equipment required to competently locate and identify technical surveillance can be well beyond their capabilities.
5-L’s team of Technical Surveillance Counter Measure (TSCM) professionals are trained and equipped with the necessary tools to effectively detect and neutralize technical threat. 5-L’s counter surveillance team members are skilled in a broad range of communications technologies including communication and information technology security specialists, Radio Frequency (RF) specialists, as well as specialists in optical, analog and other modes of digital communication technologies.
With over 2 decades experience in delivering TSCM services to enterprise and government clients, 5-L has developed a methodical ‘silent sweep’ process which employs precautions to prevent informing the buggist of our presence. Aided by specialized, and highly sensitive counter surveillance equipment, our specialists are able to rapidly detect and locate embedded, inactive, remote controlled or hidden technology, down to the detection of the tiniest of devices, even those buried within any object, including furniture, walls, ceilings.
Nothing replaces skill and experience, and no magic boxes available at any price, from any ‘spy shop’ will reliably locate an intercept device.
Need our assistance? Before you contact us, be certain that you are not calling from a compromised room or device.
dTSCM - Digital TSCM
As a complement to our traditional TSCM services, 5-L is proud to be the first counter surveillance service provider to offer dTSCM extending the scope of visibility to include the detection of technical threat in the Information Technology environment, also known as the digital domain. As background as specialists in packet level analysis, network security, IT management and design, provides the necessary foundation for 5-L to extend our threat detection capabilities to include the rapid detection of rogue devices, services, or compromise present in a local or distributed network.
dTSCM services detect:
· Compromised end point hardware
· Illicit use of integrated services
· Redirection or mirroring of network conversations
· Unauthorized network devices
· Detection of unauthorized end point data traffic
· Interception of end point video or audio / back channel communications
5-L digital forensics services provides the safe recovery and reconstruction of data from workstations, laptops, mobile phones, and network hardware.
Mobile Device Forensics
5-L mobile device forensic services uses industry recognized tools to securely extract a forensic image from all types of mobile technology. Extracted images are then processed and classified to organize collected evidence from live or deleted data storage, without corrupting the integrity of the original asset. Reporting can be delivered in an easy to search HTML report, providing the client with specific targeted data, or the entire contents of a mobile device, including active or deleted files, messaging, email, or call log data.
Recovery of Deleted Data
When disaster strikes, and you need to recover accidentally or intentionally deleted data, 5-L has the expertise to recover lost, deleted or destroyed data from a spinning disk, or SSD storage hardware. Where physical damage, or device failure has occurred, 5-L works will work with qualified labs in the recovery of data
5-L data recovery services are executed in Canada, by experts in data recovery. Don’t leave your recovery job to chance, if your data is classified, or confidential, we have recovery facilities which can accommodate the recovery of data up to secret level data classification. Where required, 5-L can provide recovery services in a SCIF environment, and can provide proof of destruction storage devices used in the recovery station at the completion of the recovery process.
“If you do not own the medium you are using to communicate, assume it to be compromised”
We are all responsible for securing our own data and voice communications. Making an assumption that your voice or data carrier is providing any level of security is akin to rolling out a welcome mat for hackers.
Let 5-L guide you in how to develop a secure communications strategy. Whether you need to securely communicate between offices, employees, or mobile devices, 5-L has a solution to address all modes of communication, regardless of location.
5-L Tech can assist you with strategies for product selection, deployment and management of:
Voice Encryption and secure Mobile messaging
Disk Encryption (Data at Rest)
File level Encryption (Data at Rest)
Often illicit data exfiltration is often not detected until the damage is done.
Canadian employer are legally entitled to monitor business communications (In accordance with local federal or local laws). Consequently, unless employee communications are intercepted, and processed, using appropriate tools and procedures, efforts to detect threat can violate the rights of your employees. Properly deployed communication intercept technology can legally detect employee dishonesty, or compromised security, without violating employee privacy rights.
5-L can guide you in how to legally intercept and process communications, using automated technologies to collect, scan, classify and report policy violations or data exfiltration events in real time.
A properly defined data lifecycle management policy requires the inclusion of a properly defined process for the handling and effective elimination of data present legacy storage hardware, including hard drives, SSD’s flash and mobile devices. Unfortunately, despite the importance of the data destruction process, available guidance is often unreliable, out-of-date with current technology, or vendor biased.
As experts in data destruction 5-L can assist you in the development of effective processes and policies to assure that your end of life storage technology will not pose a liability.
Network Traffic Analysis
"You cannot manage what you cannot see"
Every day, IT, security and privacy practitioners blindly attempt to address elusive and challenging issues which could be more easily addressed if only they were capable of having visibility to the packet level traffic information on their networks. Although this approach may seem obvious, many do not employ this practice, as the skill and expertise required to understand the output of analysis tools is beyond the capability of most front-line IT managers, analysts and administrators.
As contracted experts in packet level analysis, 5-L provides you access to an efficient and cost effective solution to enable your IT teams to:
· Rapidly identify the root cause of application, or network performance issues
· Rapidly identify security events, and collect conversation details
· Validation of Service Level Agreement non-compliance on distributed networks
· Conduct pre-deployment baselining of enterprise applications to identify potential application, or network based performance issues
· Intercept and validate the conveyance of illicit communications, and data exfiltration.
· Validate security boundaries.
Provided as an on-demand service, 5-L Network Analysis Services affords you access to trained network traffic analysts without the need to hire or train staff
5-L Technology provides guidance in the development of environment specific data privacy strategies. Leveraging our expertise in information security and traffic analysis 5-L has guided clients eliminating points of potential data exposure due to technical compromise, intentional data theft, human error or policy non-compliance.
5-L has developed a suite of proprietary innovative solutions for:
· Locating and classifying data files across distributed and local networks.
· Data classification strategies
· Inventorying of digital assets
· Network and traffic isolation
· Device and network data loss prevention
· Automated detection of data exfiltration over all traffic modes
Data Destruction - storage
Data Destruction - Mobile
Data Destruction - NVRAM
Data Traffic Analysis
Audit Preparation Guidance
Advanced Authentication Solutions
Security event monitoring solutions
Pervasive perimeter security monitoring
Vulnerability assessment services and tools
Data collection and analysis tools
Automated Policy violation detection solutions
Data exfiltration detection solutions
Secure block level replication or imaging of storage hardware
Secure logical or physical extraction of mobile device data
Encryption and password cracking - Mobile device