A meeting with the participation of representatives of external companies should be carried out with the permission of the director, who should appoint the person responsible for holding the meeting.
The responsible person, together with representatives of the Security Service and relevant technical experts, takes the necessary measures aimed at ensuring the secrecy of the issues raised.
The following organizational measures will help ensure the safety of your information:
- Before starting a meeting, it is important to conduct an audience survey to identify embedded devices. Inspection should be carried out systematically and thoroughly, paying attention to every, even insignificant, detail: the presence of foreign objects, household appliances or interior items.
- Immediately before the start of the meeting, the security guard is obliged to inspect the premises adjacent to the meeting room for the purpose of eliminating employees or unauthorized persons from there who can eavesdrop on through the ventilation system or through the wall using special equipment; close these rooms for the duration of the meeting and control access to them.
- The number of persons participating in secret negotiations should be minimized;
- At the time of the meeting, unauthorized persons should not be allowed;
- The issues of ensuring the safety of the premises during the meeting, as well as monitoring the state of the site should be carefully considered. During the meeting, you must not allow anyone other than the organization’s employees to work near the doors of the audience.
For reliability, a guard should be standing at the door of the hall, who is a permanent employee of the company, since such a watch creates the possibility of eavesdropping directly by the security guard itself.
- If possible, hold meetings after hours;
- Various indoor work outside the time of confidential meetings (for example, cleaning) should be carried out only in the presence of a security officer;
- Between meetings and after, the person responsible must close and seal the venue of the meeting. The keys are handed to the watch guard on receipt and are in the guardhouse, access to the keys should be regulated by the leadership.
The above measures of organizational protection of information in the conference room are considered quite effective and do not incur serious costs or personnel problems and can be used individually or jointly, which will significantly increase the level of information protection of the object in question.
Technical measures to protect information in the room.
To ensure the integrity of the protection of acoustic information during a meeting, the following proposed recommendations should be comprehensively applied.
There are some channels for leakage of speech information from the audience:
- floor, ceiling;
- central heating battery.
To save this type of information, a complex of active and passive means is used:
- energy hiding by:
– sound absorption;
– jamming of acoustic signals;
– noisy rooms or a solid distribution medium with other broadband sounds masking acoustic signals.
- disclosure, localization and removal of embedded devices.
Passive protection methods include soundproofing and shielding.
During a meeting, it is impractical to reduce the volume of speech, therefore, to protect against listening, you should use sound insulation, sound absorption and sound attenuation.
To prevent leakage of information about heating systems, it is important to use battery shielding.
Sound insulation in a room can be improved by using sound-absorbing materials.
- detection, localization and removal of embedded devices;
- suppression of dangerous signals from speech information;
- increase the soundproofing of the room.
To prevent eavesdropping using the built-in devices, before considering the meeting, you need to conduct a deep “cleaning” of the room. It should be carried out by security specialists of the Organization. Invitation of employees of specialized organizations to such procedures is not recommended.
After the “cleaning”, the room must be sealed and allowed access to it only accompanied by a security officer.
To provide protection against embedded devices in the conference room:
- not only check the room after hours for the presence of radio bookmarks left in it, but also conduct an operational check of the situation during a confidential meeting in order to identify radio bookmark devices on the human body and clothes;
- it is necessary not only to identify the presence of a radio bookmark, but also to determine its location as accurately as possible, with a view to its further withdrawal;
- if a radio bookmark is detected during a meeting, it is not recommended that you immediately stop it and start looking for an intruder. This can create a non-business atmosphere among the participants in the meeting, cause suspicions for each other, cast a shadow on an innocent person.
- at the end of the meeting, a direct interrogation of the suspect is required. To do this, it is important to use equipment that accurately determines the location of the radio bookmark and its potential owner.
Protection against radio bookmarks is possible by removing it or by creating active electronic interference in the frequency range.
The use of the whole range of organizational and technical protection measures listed above will provide the necessary level of protection for the acoustic information circulating in the meeting room.