Share this post


A hedge fund team engaged Jensen Hughes to conduct an exhaustive search of their office and systems, including the organization’s information security management system, for vulnerabilities, illicit devices and possible intrusion locations.

Problem icon
The Problem

It’s pretty easy for someone to put a bug in your office. You might never find it. Or if you did, it might be too late to matter. Well aware of this, one hedge fund team decided to engage Jensen Hughes to conduct a formal sweep of their headquarters to determine whether any unauthorized listening devices were in place as well as the extent to which the office might be vulnerable to anyone with malicious intent.

Solution icon
The Solution

Jensen Hughes conducted a technical surveillance countermeasures sweep of all walls, devices, ceiling panels and compartments, including wall switches and other areas and systems that could represent a possible intrusion location. We examined the organization’s Information Security Management System (ISMS) vulnerabilities centered on the International Standards Organization (ISO) 27001 and controls established by the National Institute of Science and Technology (NIST). Our scope included a review of current IT-related policies, practices and procedures as well as the identification of opportunities to adopt information security best practices. The latter included areas such as: network infrastructure technology, architecture and administration, management and oversight of network services; device/endpoint security management and support services; and information security awareness training and testing process review. We also examined: on-premises server and storage infrastructure; enterprise architecture and portfolio management of information technology within and across the organization; and vulnerability scans on the primary network, categorizing identified concerns into high, medium and low impact matters.

Results icon
The Results

This exhaustive search confirmed that no illicit electronic eavesdropping devices existed anywhere in the firm’s office. It also resulted in our recommendations on closing six vulnerabilities, which will help prevent – or at least make it more difficult – to hide or connect such a device in the future or compromise IT information.

Get in Touch

By completing the above form you have read, understood and accept our Privacy terms as well as our Cookie terms. Read our Privacy Policy.

Jensen Hughes ensures non-discrimination in all programs and activities in accordance with Title VI of the Civil Rights Act of 1964. If you need more information or special assistance for persons with disabilities or limited English proficiency, contact the Jensen Hughes Compliance Team at 410-737-8677 or