- Avoid using the "Low Threat" column as much as possible, as it is primarily for "Quick Check" sweeps and cases where the time and resources available for the sweep is extremely limited. On the other hand, we will always work within the constraints which the client may place on us, but we may have to omit some of the testings if sufficient time is not allowed for the project.
- The "Moderate Threat column is most appropriate for typical corporate sweep work; however, in some situations the "Medium Threat" column (in blue) will be best.
- The "Medium Threat" column (in pink) is most appropriate for publicly traded companies, firms involved in mergers and acquisitions, most lawyers, or businesses which have been the target of eavesdroppers in the past.
- A "Medium Threat" level is also most appropriate for most law enforcement offices, judges, and other non-corporate professions where an eavesdropper could gain a great deal of useful intelligence helpful to their cause via covert eavesdropping.
- It should be noted that a legitimate government sweep would start at a "Medium" level of Threat, and quickly go up into "High" and "Extreme" levels of Threat involving double and quadruple the time of a "Medium Threat" level sweep (and are not listed on this estimate sheet).
Bug Sweep Estimate Worksheet
[How long will it take for a legitimate "Bug Sweep?]
Whenever possible, a client considering a "Bug Sweep" should engage a TSCM Specialist who can visit the facility to be inspected. This will allow for a realistic estimate and/or proposal to be prepared for future TSCM services. Additionally, it will allow immediate security vulnerabilities to be discovered and corrected. Left uncorrected these issues could render a future bug sweep ineffective or useless. Such a consultation is referred to as a "Vulnerability Analysis".
In cases where it is not possible to arrange a Vulnerability Analysis in advance, the following worksheet has been prepared as a rough guide. It can be used for estimating the requirements to perform a legitimate TSCM service (or "Bug Sweep") in a typical office or residential environment.
This worksheet is best used by first selecting the column that represents your threat (typically Moderate, or the center column), and then filling in the "Quantity Required" column where you count the number of phones, lights, etc.
To obtain a realistic estimate you should have an entry in every row (except for those marked as optional). Then add up the column on the far right to obtain an approximate estimate of the time required for a legitimate sweep. You can then visit our "Terms and Conditions" page and get a rough idea as to how much it will cost for the sweep based on your calculations.
Since every sweep is a little different (and is unique to the clients location) the sweep has to be based on TIME. The time required for the sweep is used to estimate the fee, but not the other way around.
If you are unable to fill in this form, do not be overly concerned as a TSCM specialist can estimate the time required by asking you a few questions over the phone). The most important thing is the get the proper number of rooms, and the approximate size of each.
|
Granite Island Group
Estimate Worksheet for "Bug Sweep" Services |
||||||||||||
Location or Client Name:
| ||||||||||||
Location Street Address:
| ||||||||||||
Location City, State, and Zip:
| ||||||||||||
Driving Directions:
| ||||||||||||
Parking Instructions:
| ||||||||||||
Ideal Time to Begin:
| ||||||||||||
Contact Name:
| ||||||||||||
Contact Position/Title:
| ||||||||||||
Contact Phone Numbers: (Alternate Contact Number)
| ||||||||||||
Level of Urgency:
| ||||||||||||
Why Do You Think a Bug Sweep is Needed?
| ||||||||||||
What is the Goal of the Sweep?
| ||||||||||||
What Are Your Plans If an Actual Bug is Found?
| ||||||||||||
What Are Your Plans If a Vulnerability
| ||||||||||||
Who Else Has Knowledge That You Are Considering
| ||||||||||||
Have You Had a "Bug Sweep" Performed in the Past?
| ||||||||||||
How Would You Like the Results Presented to You?
| ||||||||||||
How Often Are These Areas Serviced By the Cleaning Crew
| ||||||||||||
Are You Familiar With Our Terms and Conditions?
| ||||||||||||
Do You Understand That You Must Be Extremely Discreet
| ||||||||||||
Recommendations for Nearby Hotels
| ||||||||||||
Comments:
| ||||||||||||
|
Segment |
Quantity |
Threat Level |
Estimated Time |
|||||||||
|
Low |
Moderate |
Medium |
||||||||||
|
External RF Survey and Analysis Also known as a "pre-sweep". This is normally performed at various distances ranging from 5, 1, and 1/4 miles away from the facility to be inspected and when possible is performed a day or more in advance. The function of this segment is to detect eavesdropping devices that could be detected and monitored from outside the location, and to inventory friendly frequencies being used in the local area. Normally there will be at least three of these external RF surveys performed in the area around the facility. In dense urban, research, or industrial areas five or more surveys may be required. When time or budgetary restrictions are a concern then only a single external RF survey will be conducted, or when time is limited this segment can be omitted. Normally this segment of the bug sweep is not at all intrusive.
|
@ |
1 Hour |
4 Hours |
8 Hours |
|
|||||||
|
Internal RF Survey and Analysis This will be performed as the first segment of any TSCM inspection. May also be performed as "In Place Monitoring" when it is not possible to perform a full TSCM Inspection. TSCM services performed in dense urban environments will require at least twice as much time. This is a very critical part of any TSCM service, tends to be extremely productive, and is an invaluable segment of any TSCM procedure. Normally this segment of the bug sweep is not at all intrusive.
|
@ |
2 Hours |
6 Hours |
12 Hours |
|
|||||||
|
Number of Suspect Offices or Rooms This is the total number of rooms which will be part of this TSCM Inspection. Please list the names of the areas that will need to be checked and/or the title of the person in the office.
Room Name: _____________________ Room Name: _____________________ Room Name: _____________________ Room Name: _____________________ Room Name: _____________________
|
@ |
30 Minutes per room |
1.5 Hours per room |
2 Hours per room |
|
|||||||
|
Approximate Square Footage of Area to be Inspected. Simply multiply the length by the width of each room, and then sum each of these together. LL _______ x WW ________ LL _______ x WW ________ LL _______ x WW ________ LL _______ x WW ________ LL _______ x WW ________
|
@ |
5 Minutes per 100 sq ft |
25 Minutes per 100 sq ft |
30 Minutes per 100 sq ft |
|
|||||||
|
Number of Adjoining Offices of Rooms Including all storage rooms, wiring closets, waiting rooms, hallways, copy rooms, file rooms, and related areas. This may be estimated by taking the above "Number of Suspect Offices or Rooms" and multiplying by 2.5.
|
@ |
10 Minutes |
30 Minutes |
45 Minutes |
|
|||||||
|
Distance to Central Office (in miles) This is the approximate distance between your facility and the telephone company's "Central Office" measured in miles. May be estimated as one mile in urban areas, and five miles in suburban areas or industrial parks.
|
@ |
5 Minutes |
45 Minutes |
60 Minutes |
|
|||||||
|
Number of Suspect Phone Lines Include all Dedicated Fax, Modem, Data and Central Office Telephone Lines. Estimate as one line per 300 square foot of floor space in the entire facility (not just the area being inspected).
|
@ |
10 Minutes |
30 Minutes |
60 Minutes |
|
|||||||
|
Number of Suspect Phone Instruments Does not include an evaluation of the station wiring (see next item). Most executives will have at least two phones.
|
@ |
10 Minutes |
45 Minutes |
60 Minutes |
|
|||||||
|
Station Wiring and Cabling for Phones, LAN, or WAN. [as per TSB-568B] May be estimated as one outlet or "run" per 30 square foot of floor space in the area to be inspected.
|
@ |
15 Minutes |
25 Minutes |
45 Minutes |
|
|||||||
|
Number of IDF or Wiring Closets Typically one per 5000 sq ft of space. This does not include "massive" frame rooms with over 16 punch blocks or 800 cable pairs.
|
@ |
30 Minutes |
2 Hours |
4 Hours |
|
|||||||
|
Number of Switchboards or Operator Consoles Usually there is one or two per building.
|
@ |
15 Minutes |
1 Hour |
1.5 Hours |
|
|||||||
|
Number of PBX Systems or Rooms Usually there is one per building This does not include "massive" switch, PBX, or frame rooms with over 16 punch blocks or 800 cable pairs.
|
@ |
30 Minutes |
2 Hours |
4 Hours |
|
|||||||
|
Number of Lighting Fixtures - Fluorescent Typically one per 50 square foot of space to be inspected.
|
@ |
5 Minutes |
15 Minutes |
25 Minutes |
|
|||||||
|
Number of Lighting Fixtures - Incandescent Include wall sconces, directional lighting, accent lighting, spotlights, etc.
|
@ |
2.5 Minutes |
10 Minutes |
15 Minutes |
|
|||||||
|
Number of Power Outlets Count each jack, not each wall plate. Typically at least two outlets per 8 linear feet of wall space.
|
@ |
3 Minutes |
10 Minutes |
15 Minutes |
|
|||||||
|
Number of Switches, Dimmers, or Related Lighting Control Estimate as two per room to be inspected.
|
@ |
3 Minutes |
15 Minutes |
20 Minutes |
|
|||||||
|
Number of Thermostat or HVAC Controls Estimate as one per room to be inspected.
|
@ |
5 Minutes |
15 Minutes |
30 Minutes |
|
|||||||
|
Number of Alarm Sensors This includes door switches, PIR motion sensors, window breakage sensors, and related fire or intrusion alarm equipment in the areas to be inspected. Estimate as one per room to be inspected.
|
@ |
10 Minutes |
30 Minutes |
60 Minutes |
|
|||||||
|
Number of Major Items of Furniture Include each desk, chair, bookcase, table, file cabinet, etc. Estimate as at least six items per room or six items per 50 sq. ft of the total area to be inspected.
|
@ |
5 Minutes |
30 Minutes |
60 Minutes |
|
|||||||
|
Number of Suspect Artifacts Include all clocks, smoke alarms, stereos, lighters, calculators, ashtrays, potted plants, exit signs, etc. Estimate as at least 16 items per room or eight items per 50 sq. ft of the total area to be inspected.
|
@ |
1 Minutes |
5 Minutes |
15 Minutes |
|
|||||||
|
Physical Security Evaluation Time per 100 square feet based on the entire facility and not just the area being inspected.
|
@ |
1.2 Minutes per 100 sq ft |
2 Minutes per 100 sq ft |
3 Minutes per 100 sq ft |
|
|||||||
|
Number of Fax Machines Only include fax machines physically located inside the area to be inspected, or machines which are suspect.
|
@ |
10 Minutes |
2 Hours |
2.5 Hours |
|
|||||||
|
Number of Copy Machines Only include copy machines physically located inside the area to be inspected.
|
@ |
15 Minutes |
1 Hour |
4 Hours |
|
|||||||
|
Number of Speaker Phones Only include stand-alone speaker phones that are not built inside another telephone. Such systems are common in conference areas and executive offices.
|
@ |
10 Minutes |
45 Minutes |
90 Minutes |
|
|||||||
|
Number of Video Phones (Hardware Only) Basic Evaluation not involving software analysis.
|
@ |
na |
90 Minutes |
2 Hours |
|
|||||||
|
Number of Video Phones (Hardware and Software) Comprehensive Evaluation with software analysis.
|
@ |
na |
6 Hours |
10 Hours |
|
|||||||
|
Number of Suspect Computers (optional) Virus, Trojan Horse, and Related Software Threat Evaluation
|
@ |
na |
2 Hours |
3 Hours |
|
|||||||
|
Number of Suspect Computers (optional) Hardware Threat Evaluation
|
@ |
na |
2 Hours |
3 Hours |
|
|||||||
|
Computer Network Evaluation (optional) Limited passive traffic evaluation, per segment or port on switch or hub.
|
@ |
na |
2 Hours |
8 Hours |
|
|||||||
|
Computer Network Evaluation (optional) Comprehensive probe and traffic evaluation, per segment or port on switch or hub.
|
@ |
na |
4 Hours |
6 Hours |
|
|||||||
|
Time Required in Days - SUBTOTAL [refer to http://www.tscm.com/howcost.html] |
|
|||||||||||
|
Written Report (optional) Typically 10% of total fee before expenses and travel time. This include a typical "TSCM Survey Completion Report" with the results of the sweep.
|
@ |
|
= $ |
|||||||||
|
Vulnerabilities, Observations, and Action Items Report (optional) There will be an additional 15 to 30 minute charge for each action item, vulnerability, or observation which requires mention, coverage, or documentation in a hardcopy report.
|
@ |
= $ |
||||||||||
|
Travel Time Hourly charge when facility is more then one hour of travel time away. Remember that travel time is charged in both directions, but at 1/4th the hourly rate. Compute this at a speed of 45 mph.
|
@ |
= $ |
||||||||||
|
Travel and Transportation Expenses (Please Inquire)
|
@ |
= $ |
||||||||||
|
Per Diem Expenses Typically $250-$300 per person, per day in New England, but may be more depending on area (plus all travel and lay-over time).
|
@ |
= $ |
||||||||||
|
Estimated Fee Total |
= $ |
|||||||||||
|
Retainer to be Paid in Advance |
= $ |
|||||||||||
For a confidential consultation please E-mail: jmatk@tscm.com
-
Granite Island Group
127 Eastern Avenue #291
Gloucester, MA 01930
Telephone: (978) 381-9111
International Callers: 001-978-381-9111