Basic Alarm System Best Practices

An intrusion detection system (IDS) system should be an integral part of your home security plan. IDSs are detective security measures that also have a great deal of deterring value. Alarms are far more complicated than most people realize, however. To provide the maximum intended effectiveness, alarms must be carefully installed, tested, and used. These alarm system best practices will help you assess your own system or provide some guidance if having a new one installed.

Alarm system best practices
Alarm system panels should not be visible from the exterior of the home where an attacker can tell if the system is armed or not.   This is one of the most basic alarm system best practices.
  1. Sensors. Sensors are obviously an important part of an alarm system. Sensors detect a change in state (open/closed, motion/no motion, etc.). There are two basic categories of sensors: point and volumetric. Point sensors are those sensors that monitor a specific point like a single door or window. Best practices for point sensors are simple: each door and window should be equipped with a point sensor, even on the second floor. A point sensor on a door should not allow it to open more than its own width without violating the sensor. Windows should not be able to be opened more than four inches without violating their sensors.

Volumetric sensors monitor an area rather than a single point. The passive infrared (PIR) motion sensors used in most residential applications fall into this category.  So do sonic glass-break sensors. Best practices for volumetric sensors are: cover all large spaces (including attached garages), areas with multiple entry points, and any access to stairs. Volumetric motion sensors should be equipped with masking detection (the sensor alarms if something is placed in front of it to blocks its field of “view”). Volumetric sensors should also have anti-tamper switches that alarm when the cover of the sensor is removed, or the sensor itself is removed from the wall. Finally, the LEDs on volumetric sensors should be turned OFF. Though these LEDs give you confidence that your system is on and working, they also allow anyone with access to “walk test” your sensors and locate any dead areas in the coverage.

Sensors may be hardwired into your system (actual wires running between the sensor and control unit) or they may be wireless. While I generally prefer hardwired sensors to wireless ones, wireless sensors are much easier and more inexpensive to install post-construction. Wireless sensors have the disadvantage of being battery powered, and their signals may be detected and interered with. If I were building a new home I would hardwire all of my sensors, but practicality usually dictates a few wireless sensors when upgrading an existing system.

  1. Keypad. Control of the alarm panel keypad is, unsurprisingly, very important. Your alarm panel should be in a location that does not allow visual access from outside the home. This can allow an intruder to tell whether your alarm is armed or not (a bad situation if the alarm is unarmed). It also allows someone to see the make and model of alarm panel you have, potentially allowing them to research vulnerabilities such as default codes for the panel. Finally, though unlikely an intruder could potentially observe you inputting your code. If your alarm panel has a covered keypad, the cover should always remain closed. Otherwise it may be possible to observe wear patterns or dirt on the keys that could indicate which numbers are in the code, significantly narrowing down the possibilities.
  1. Codes: Your alarm system should allow at least two types of code: a standard use code (the code you use every day to arm and disarm your system) and a duress code. Duress codes are one of the most commonly overlooked alarm system best practices.  A duress code is a code that you can use under duress, i.e. if an intruder forces you to disarm your system.   The duress code should alert the alarm monitoring station that you are under in an in-extremis situation.  The monitoring agency should immediately dispatch law enforcement without even a phone call to you; everything should appear perfectly normal to the intruder.

Monitored alarm systems will also typically have a phone password that the operator will request when calling you after your system goes into alarm. Unlike a password this should be a pronounceable word that you can easily remember but it should not be something that is personally relatable to or easily researchable about you. Both of these codes and the phone password should be well known to all of your family members. They should be treated as secret and protected exactly like other PINs, passwords, and codes. They should also be changed immediately if you experience a change in situation, such as a roommate or romantic partner moving out; otherwise they should be changed every year or so.

  1. Arming and Disarming. If you have an alarm system you should use it, even when you are home (it is surprising how many people pay for an alarm system and arm it only rarely). There are two basic modes that most alarm systems can be set to: stay and away.   When the alarm is in Stay mode all of the point sensors will generally be active but interior motion sensors will be inactive. In this mode the system should be set to go into alarm instantly violation of a sensor; otherwise an attacker has 30-60 seconds to force you to disarm the system before it goes into alarm (in which case you should use your duress code).  Away mode activates both the point sensors and all volumetric sensors. The away mode should be armed each time you leave the home. If you have large pets you should test your system to ensure you pets will not violate the volumetric sensors.
  1. Communication Pathways and Monitoring: Communication pathways are methods used by the panel to communicate with the monitoring station. There are several types of communication pathways including standard and digital telephone lines, cellular, and TCP/IP (Internet). The best practice is to have redundant communication pathways. In most residential applications this would be a physical telephone line and a cellular connection. Each has its advantages, and if you can only have one I recommend a cellular communicator as physical lines are fairly easy to find and cut.  To ensure your alarm is working and communicating properly you should test it monthly. Be sure to call the alarm company before initiating a test so they can verify receipt of the alarm signal without dispatching emergency personnel.
  1. Power. An alarm system requires power to operate and a power interruption not disable your system. A good alarm will be equipped a backup battery; the best practice for the battery is to ensure that it will power your alarm for a minimum of 24 hours. Seventy-two would be even better, ensuring you would be covered in the event of all but the longest outages.
  1. Account Management. You must manage your alarm’s account (pay your bill) and most companies offer the standard options, mail and/or an online account. Management of you alarm’s account is very important. An attacker with access to your bill can learn important information about your system or potentially even cancel your monitoring service. If you receive your statements by mail I highly recommend sending them to your P.O. Box.  I have written before about the privacy and security benefits of a P.O. Box; in this instance it makes it much more difficult for the attacker to access your statement. If you choose to set up online account management you can opt out of paper statements (totally eliminating that vulnerability). However, you must ensure that you protect the account with a good, strong password and any other steps you can take to harden the account.

It is important to understand what an alarm can and cannot do for your security, even when you employ alarm system best practices. An alarm can be a deterrent to attackers in Level I and give pause to attackers in Levels II and II (assuming they don’t know the arm/disarm code). Just as importantly, and alarm is a detective control that will let you (and others) know if an entry is attempted against your home.  It will also alert responders, limiting the time the attacker may spend there. It is important to understand, however, that an alarm is a reactive control and does not make your home any more difficult to enter if the attacker isn’t concerned about alerting others. Even so an alarm is one more very solid layer in a layered defense, provided you use these alarm system best practices.

Leave a Reply