There was at least one simple thing President Trump could have done during his impromptu strategy session with the prime minister of Japan at Mar-a-Lago on Sunday: move the conversation under the table.

You recall that Trump came under fire Monday after photos of his conversation with Prime Minister Shinzo Abe were posted on Facebook after the two spoke in the middle of the dining room at Trump’s Florida club.

Numerous aides flocked to the two; documents were considered from the light of a cellphone camera. All within view of the other diners.

Heather Hurlburt, who worked for the State Department in the early days of the Clinton administration and is now with the think tank New America, remembers cobbling together impromptu security systems while conducting diplomacy in the early 1990s.

“The assumption was always that there would be a camera,” she said by phone Tuesday. Because classified information was still transmitted on paper, that meant coming up with ways of preventing the papers from being spotted. She described being in Beijing, looking at documents while sitting on the floor, sheets draped over chairs providing security. There was also the worry of hidden microphones, too, which was addressed by running fans to drown out the sound. This often made conversations impossible: Staff meetings would require yelling to be heard, so that “you’d get frustrated and give up on the staff meeting.”

The moment in time made the problem worse. The Soviet Union had just collapsed, so her team was “constantly going to places that Americans hadn’t been until recently or hadn’t been in,” she said. Established embassies would have secure facilities — sensitive compartmented information facilities, or SCIFs in the jargon — that provided adequate security for the time. Everywhere else, you had to make do.

“There were U.S. delegations popping up all over Europe, working on security policy or arms control,” she said, and the teams that had to provide SCIFs were “just overwhelmed by the spontaneity.” Often, the secure installations put into a new facility looked like “somebody’s kit that they ordered off the shelf at CIA warehouse” — a Lego-like structure placed into a room to provide security.

A few years earlier, The Washington Post had reported on the emergence of these secure rooms. In a 1988 article — “Vault-Like Rooms Become Standard Office Equipment” — we noted that SCIFs were spreading beyond the sort of buildings that would obviously need added privacy, like defense installations.

Even then, building the facilities was “just a part of doing business here,” one Northern Virginia builder told the paper.

Now, as then, there are a variety of SCIFs. There are mobile SCIFs that are the size of a shipping container. There are custom constructions, built to fit an existing structure. There are entire buildings that serve as SCIFs. There are any number of contractors that offer SCIF construction. There are even specialized materials — such as this radio-frequency shielding concrete — that are used for building the facilities.

The government has produced guides to ensuring the security of a SCIF. The go-to is ICD 705 from the Office of the National Counterintelligence Executive, released in 2012. (The director of central intelligence released a different version in 2002.)

So what goes into your modern SCIF, appropriate for privacy-seeking go-getters in 2017? The Naval Facilities Engineering Command put together a handy PowerPoint presentation walking through what you’ll need. (One thing you’ll need according to the government: contractors and workers who are U.S. citizens, no matter where you’re putting your SCIF together.) With the goal of mitigating “against forced entry, covert entry, visual surveillance, acoustic eavesdropping and electronic emanations,” here’s what to do.

  • Designers need to take a “six-sided approach,” considering the four walls, ceiling and floors when developing a security plan.
  • Doors need deadbolts and alarms and, if the SCIF needs to prevent radio frequency seepage, the door should be steel. Hinge pins need to be protected, too. Only one door should be connected to an unsecure area.
  • Avoid windows. “Penetrations of SCIF perimeter shall be kept to a minimum,” including by power and ventilation systems.
  • Ventilation systems connected to the outside either need bars to prevent intrusion or need to narrow at some point to six inches.
  • SCIFs should have Intrusion Detection Systems — motion sensors, point sensors on doors and ventilation systems that could allow passage and tamper protections.
  • Walls can be built to a variety of specifications, but cutting down on sound leakage is key. One formulation includes metal studs with three layers of gypsum wallboard, with an air gap and acoustic-dampening material separating them.
  • Attention should be paid to the area around the SCIF, too.

Telephone and other communications systems have their own guidelines, of course. Here’s what personal electronic devices are and are not allowed in SCIFs.

The broad point here is a simple one: Minimize the likelihood that someone who shouldn’t have access to information can gain access to it.

On Tuesday, White House press secretary Sean Spicer told reporters that Trump was briefed on a North Korean missile launch in a SCIF that had been built at Mar-a-Lago, before his conversation at the dinner table with Abe. After that conversation, Trump and his team went back to the SCIF for further conversation.

It’s not clear what that SCIF looks like, but we’ve seen portable SCIFs deployed before. Last year, while in Cuba, then-President Barack Obama was briefed on the bombing in Brussels in a portable SCIF.

Inadvertently, Trump illustrated one of the new developments since 1988 and since Hurlburt was working for the State Department. You don’t need to wonder if there are cameras or listening devices around. We know that everyone has one. And so, regardless of the conversation you may be having with another head of state, at the very least it doesn’t hurt to drape a tablecloth between you and your guests.

Even if the leak is to Facebook, and not to Russia, it’s a leak that can be prevented. No SCIF needed.