Gillian Shaw‘s latest blog post talks about how weak most people’s computer passwords are (Click here to read her post). A good reminder to change your computer, banking and other passwords…
Speaking of which, how many people know your alarm code? If the answer is more than just you… you should change that as well.
Click here to read a post from this blog discussing the importance of every user having their own alarm code as well as about using a duress or panic code.
Alarms are not a deterrent
Fifteen years ago, if you were the only home on the street with an alarm… that would have been a deterrent. It was very unlikely that a burglar would choose to break-in to the only alarmed house on the street. Now, certainly in Vancouver, homes without alarms are the exception rather than the rule… market saturation has defeated the deterrent value of an alarm. Crooks have realized, for many of the reasons below, that most alarms do not provide any real level of security… the alarm trips and then nothing happens… so they break-in anyways. Click here to read more about why alarms are not a deterrent.
All-in-one systems… “none of the security, all of the monthly fee”
Just about every single “alarm system” that is sold ‘for free’, or in exchange for ‘putting a lawn sign in your front yard’, is worth exactly what you paid for it. Almost all of these alarms are of the ‘all-in-one’ variety… whereby the control panel, keypad, siren, telephone line connection and power supply are
integrated into one unit (like the one pictured left).
The major challenge with these systems is that you, as the authorized user, need to be given time to open your door and get to the keypad to type in your disarm code. If you belong on site, that’s exactly what you do… if you are a burglar, you simply follow the sound of the beeping keypad and rip the entire thing off the wall before the alarm trips. Click here to read about why millions of alarms are completely useless.
No (or slow) response
The only reason for an alarm is to generate an immediate response. However, in the vast majority of North American cities, the Police either do not provide response at all or only respond after a burglary has been confirmed. There are lots of really good reasons why the Police won’t go… but none that explain why alarm companies think they should be paid for providing an incomplete service. Click here to read more about how response works.
Delay time / Keypad placement
Most home alarms cannot distinguish between your front door being opened by you with a key, or a crook with a crowbar… all it knows is that the door has been opened. Any delay time that your system is programmed to allow you to get to the keypad to disarm the system is ‘gifted’ time to a burglar. Most alarms have 30, 45, 60 or even 90 second delays! Keypads should be as close to the door as possible, with a maximum delay time of 10 seconds. Click here to read more about delay times.
Detecting the entry, not the break
The vast majority of alarms rely on motion detectors as the primary detection device. All of the effort to break into your house, or business, happens when the crook is still standing outside doing the ‘break’ part of ‘break and enter’. By the time they are inside, it’s almost guaranteed to be too late to start the alarm detection process. An effective alarm detects the BREAK, not just the enter. Click here to read how to ensure your alarm is detecting a burglar before they are already inside your house.
The Security Industry assumption is that all alarms are false until proven otherwise
What happens when your alarm trips? Most likely, your alarm company calls you. Why? Because they know that 98% of all alarms are false…. and that 70% of those are the result of user error. The problem is, you’re not paying a monthly security fee for the 98% false alarms… you’re paying so that, in the event of an actual burglary, someone will treat it like an emergency and actually do something about it. The real problem is that the alarm industry, for the most part, sells an incomplete service… they charge you a monthly fee to do the easy part, receiving a signal. The real trick is to be able to do something about that signal once received… Click here to read about how most of the alarm industry sells an incomplete service that isn’t worth paying for…
Enhanced Call Verification
As if the fact that your alarm company calls your home first after an alarm wasn’t bad enough, many security companies are embracing “Enhanced Call Verification” , or ECV, as the savior for the false alarm challenge. With ECV, rather than just calling your house as it is being broken into, they will also try to reach you on your cell phone. The only thing that ECV enhances is a burglars comfort level… with ECV a thief has even more time to spend in your house before anything ever gets done about it. Click here to read about why there is nothing ‘enhanced’ about ECV…
Exclusive reliance on a single form of communication
Phone lines are the achilles heal of any alarm system. You can spend thousands of dollars on a sophisticated alarm that takes every piece of advice on this blog into account, but if the only method of communication is your phone line, a crook can simply cut it from outside of your home… rendering the whole thing useless. Your security is in your redundancy… cellular back-up or BLINK mesh radio monitoring eliminates the most glaring single point of failure in your alarm. Click here to learn more about BLINK…
Sharing codes
One of the values that a properly designed alarm can offer is being able to track exactly who armed, disarmed or bypassed a zone, and when they did it. Almost every system available today has the capacity for dozens of user codes. Sharing codes eliminates the ability to confirm who did what and when (which is normally the first thing that gets checked when something bad happens). Every individual user of your alarm should have their own unique disarm code. However, in the race to cut costs as much as possible, most alarm monitoring stations do not even monitor for ‘opens and closes’ to cut down on signal traffic… meaning that your alarm could be offline for years and noone will learn that until after a burglary and people are wondering why the alarm never tripped. Click here to read about why user codes should be individually assigned…
Cross zoning
While assigning multiple devices to the same zone saves money during the initial installation, and makes things a lot simpler for an installer, it does so at the risk of limiting the security value an alarm can offer. Even if an alarm is not monitored, knowing that an alarm was tripped at the Living Room East Window rather than any of the windows on the main floor, makes a huge difference. Not only does it save time and money should servicing ever be required, it ensures that you, and anyone who is responding, knows exactly where to respond (or if you are in the house, where to stay away from until help arrives). Click here for more information about why your alarm should not share.
Newspapers throughout Canada, and the United States, reported today about the theft of several of Bill Reid’s works from the UBC Museum of Anthropology. Here are links to the Province, CBC and the Seattle Times (all more or less the exact same).
While I only know as much about this incident as has been reported so far in the media, and the Police are yet to tell the public what they know about it (that will happen Monday)… I am surprised that the level of security at the Museum was low enough to allow this to happen.
Protecting artwork can be tricky, it is certainly not as easy as installing a magnet or motion detector in a regular home… but it can certainly be done.
For many of our clients who have valuable artwork, one of the simplest security measures we take is to install either a hardwired or wireless contact so that as soon as the piece is moved, the alarm trips. In most cases, because of the value of the frame, a small, flat wireless contact is best because they can be attached without causing any damage to the artwork.
Most importantly though, these contacts are assigned to their own separate partition on the alarm system, which is programmed to be on 24 hours a day (the same way we program smoke detectors). This way, no one ever needs to remember to arm/disarm the artwork… it is always on. This is a simple programming decision that completely eliminates the risk of someone either ‘forgetting’ to arm the system or being able to disarm the system if under duress (without sending a panic signal).
For pieces of art that are not so easy to apply a contact to, a properly designed video system often works best. If you are trying to protect a sculpture, sitting on a table in the middle of the room, a camera gets mounted somewhere close by with a very clear view of the space surrounding the piece. Using separate software (or hardware depending on the application), the system is programmed for several ‘rules’. One example might be that movement will be allowed 3 feet away from the piece, but as soon as anything (like a hand) comes within a pre-defined zone around the object an audible alarm will sound. A second rule would send an alarm signal if that hand, or whatever, moves within 10 inches of the piece.
We use systems like this to create an alarm when someone climbs over a fence, but ignore when someone comes through the gate properly or to send an alarm when someone has been standing in front of a store window for too long during early morning hours. This technology allows us to use a camera as an intelligent motion detector that is able to distinguish between activity that is ‘ok’ versus that that is likely to be suspicious. There are thousands of possible applications for this technology, and a museum is certainly a perfect place for it to be deployed.
Using a video system in this manner is infinitely more useful that having a security guard, or anyone, sitting in front of a bank of monitors trying to watch what is going on. When applied appropriately, video analytics can allow for the alarm system to send a signal while someone is still just thinking about stealing something, as opposed to after they have already done so.
Of course, many levels of security need to be in place at each stage to prevent and detect any kind of tampering with the system.
The most obvious weak point of any system, whether in a museum or home, is the telephone lines. There is little value in spending a bunch of money on security devices but not dealing with the risk of the system being compromised by someone cutting the phone lines. The BLINK network is by far the best and most secure option for anyone on the Westside or in Yaletown… outside of those areas, digital cellular back-up will work best.
Without question, the single most effective security tactic is to five-minute proof your belongings…
In Business in Vancouver a few weeks ago, I was quoted in an article about security concerns for Olympic sponsors… in light of recent vandalism to a few RBC branches.
Here is an excerpt from the BIV column…
Olympic anarchy
Safety and security ought to be top-of-mind for the Royal Bank of
Canada after vandals destroyed windows at two branches and bragged on
blogs. All because of RBC’s $110 million cash and services sponsorship
of VANOC. Anonymous anarchists struck at Hastings and Nanaimo on
September 29 and Commercial and First on December 8. It’s perhaps the
most public evidence of anti-2010 sentiment since March’s Olympic flag
theft from city hall.“From the beginning there has always been more opposition to the
Games than before, and I take that as a measure of the politics of
B.C.,” said Kevin Wamsley of the University of Western Ontario’s
International Centre for Olympic Studies.RBC confirmed the incidents, but wouldn’t discuss safety and security measures.
Provident Security’s Michael Jagger said businesses can battle
vandals with shatter-resistant safety film, laminated glass and motion
sensitive surveillance cameras. Video systems can be programmed to
detect unusual behaviour, such as loitering. That would trigger an
alarm for a security staffer to investigate.Companies needn’t wave the white flag and opt for unsightly bars or
garage door-style shutters. “Security done quickly is ugly,” Jagger
said.
While it is unfortunate that these types of incidents happen at all, I think that the response to them is often worse. Although there are some creative examples of security bars installed at some retail stores, the overwhelming majority of security efforts such as bars, roll shutters and bollards are really ugly.
Unfortunately, security is typically an afterthought… it is rarely built into the design of most people’s homes or businesses while the designs are still on paper. Most often, increased security, whether it is an alarm or any physical security device, is implemented in a mad panic immediately after a burglary or incident. As a result, security done quickly is often incredibly ugly.
The reality is that while architects, designers and builders often spend hours on almost every other physical design aspect of a project, security is very often left until after the last minute… often resulting in unnecessary ugliness.
A few months ago I was asked to write an article for Canadian Property Management Magazine about building security… specifically about the need for building owners and managers to seriously consider remote management for their access control and CCTV systems, as opposed to taking on the risk of trying to take care of their system on their own.
Click here (or on the magazine image) to read the full article that appeared in their November 2007 edition.
I have talked about this issue in a couple of posts on this blog…
1. The Police Can’t Help if They Can’t Get In
2. Condo Security Systems Working Against the Police
Click here to read an article from the Vancouver Sun last year that also talked about remote access control system management.
To help explain how this service works, one of our clients, Dwayne Stewart of Pacific Rim Services in Abbotsford, was interviewed for a video on our website. You can watch that video by clicking on the YouTube window below, or click here to view the HD version from our website.
“Five minute proofing” is the single most effective tactic to reduce your risk of loss in a burglary in either your home or business.
One of the simplest ways to five minute proof is to ensure that the delay time for your alarm system is as short as it can be. Ideally, your delay time should never be longer than 10 seconds.
I was at a client’s office today where we were looking for options for how to secure a back door that the client wants to use as the primary access point for staff. The challenge was that the alarm control panel and telephone lines are located very close to that back door. Any delay time given, even 10 seconds, might be enough for a crook to get to the control panel and disable the alarm before a signal was sent.
The solution we suggested is one that we often use for commercial offices… put the alarm keypad OUTSIDE of the door in the common hallway. This way, users will disarm the alarm BEFORE they unlock and open the door.
Doing so allows the door to be programmed as an instant zone, meaning that the alarm will trip the second that the door is opened.
As we explained to this client, the risk of placing the keypad outside is simply that it might be damaged… requiring replacement. However, unless you have a valid user code, trying to ‘hack’ into the alarm system using the keypad is akin to expecting to copy files from a computer by taking a hammer to the keyboard: it just won’t work.
To increase security, we can limit the number of times that someone can enter an incorrect code on the keypad to discourage tampering. We can also place a contact on the keypad itself so that as soon as someone tries to remove it, an alarm signal will be sent to our 24/7 Operations Centre in Kerrisdale.
Of course, to maximize the level of security we always recommend that a BLINK mesh radio be installed. BLINK offers the fastest possible alarm signal transmission, more than 10 times faster than a telephone line. If your office or home is West of Oak Street, BLINK transmission times are typically less than 1 second.
Click here to view a 2 1/2 minute video that explains how BLINK works.
BLINK ensures that an alarm signal will be sent, and received in our Operations Centre, well before even the fastest crook could make it to the alarm panel or telephone lines.
Coupling BLINK with several “five minute proofing” strategies, such as eliminating your entry delay, will substantially reduce your risk of loss in a burglary.
We got a call earlier this week from a business in Kitsilano that arrived to find that they had been broken into, but the alarm had not tripped.
The owners of the business arrived in their office to find that a small hole had been cut in one of the exterior walls (adjoining to a neighbour’s suite without an alarm). A few offices had been rifled through, but what was strange was that the thief had opened up several computers and stolen parts from inside, rather than stealing the entire PC.
The thief was able to make their way to where the alarm control panel was located, along with the telephone lines for the suite, and unplug the telephone line that the alarm relied on as well as open up the metal box that the alarm was located in. Once opened up, the crook used either pliers or a screwdriver to pry the protective cover off of the main chip on the circuit board which shorted out the panel and the entire system lost power. The photo above shows the damaged circuit board after we removed it.
After disabling the alarm, the crook then took some time to screw the front panel of the alarm box back on so that it did not appear to have been damaged at all.
Given that the alarm had been disabled, it would have been possible for the entire office to have been cleaned out… everything. Luckily, but strangely, the crook only took some random computer parts.
We were called to the office to determine how it was that the crook was able to get to the main control panel before the alarm could send a signal. After a fair bit of troubleshooting and testing, we were able to mimic the path that the crook would have had to take without setting off the alarm.
In this case, the original alarm system was almost 9 years old. Some of the motion detectors had been upgraded, but the majority of the system was original. The main issue was that the majority of the alarm detection was focused on the front and back of the office… at the doors. In addition, the business had strong bars installed and multiple deadbolts installed. The weak spot was the middle.
By cutting a hole in the drywall (with a saw) the crook was able to exploit this weakness and sneak into two connected interior offices, which led to the room where the control panel was located.
Obviously, whoever committed this burglary had spent some time in the office before. They knew exactly where to go and how best to get there. While it could very well have been an employee, it also could have been any service provider who had been in the room where the control panel was located (Shaw, Telus, IT, etc.). Either way, precautions need to be taken to ensure that you are protecting your security. Noone should be able to touch your control panel before an alarm signal has been sent.
To prevent the possibility of a recurrence, we did the following:
Click on the video clip below (2 1/2 minutes long) to see how BLINK works.
How long has it been since your alarm system was thoroughly tested? If someone came through the wall, how far could they get inside your space? Could they make it to your alarm control panel before a signal gets sent?
Are you still relying on your telephone lines as the primary communication method for your alarm? What if the lines got cut?
The Surrey RCMP are investigating 11 “mouse hole” burglaries, where crooks are cutting through drywall in order to gain entry into a business.
The photo to the left is from a similar styled burglary in Yaletown last year. This type of burglary is very common in commercial offices and retail stores.
In the article about the Surrey burglaries in today’s Sun, the advice offered is that business owners “should also ensure premises are well lit with vandal-proof light
fixtures, and install electronic gates, alarms, closed-circuit TV, and
two-way communications.”
As I showed in a recent post titled “Perimeter Security is more than the front and back doors“, the goal is early detection… the most effective alarm devices that will offer detection while a crook is trying to come through the wall is a shock sensor. Shock sensors get installed on the interior walls and will detect any vibration in the wall… such as when someone starts to kick through the other side of the wall.
Unless you have early detection, and immediate response, the other alarm devices, cameras and two-way communicators will offer very limited value. The suggestion to re-enforce walls with wire mesh and/or plywood is good advice. At a minimum, your server/LAN rooms or other high risk areas should be protected inside your office as if they were located outside of your space on their own.
The most important goal is to detect someone while they are still trying to get inside. Don’t rely on motion detection inside your space that will only detect someone after they have successfully broken in.
Of course, very little of your security precautions, systems or policies will matter much unless you have five-minute proofed your most valuable and important items.
My post on the weekend, Anatomy of a well planned burglary, showed another example of this style of burglary from a few years ago.
Further to my post the other day about the burglary in Kerrisdale, the following photographs are from a burglary in Vancouver that occurred about 5 years ago. The burglary was well planned and took advantage of one of the most common security mistakes that people make… focusing all of their security on the front and back of their store, office or home.
Here is what happened….
First, rather than breaking in through the front or back doors, the crooks (and there had to be at least 3 or 4) discovered that the easiest point of entry to their target was to go through the middle, rather than the front or back.
So, they (likely with someone standing watch for security or the Police) removed a panel of insulation and cut through the exterior wall to gain entry into the storage shed of the neighbours store.
Once inside the storage shed (which did not have an alarm), they could comfortably work inside, undetected, and cut through the multiple layers of gyprock and plywood separating the two stores. The photo below is from the inside of the storage shed, looking into the victim’s store.
From the shed, they were able to gain access into the womens wear section of their target…
Womenswear was not what the crooks were after… but given that it
was available, and they had to get through the department anyways on
the way to the goods that they really wanted to steal, they took
everything. Every single item.
After cleaning out this section, they cut yet another hole to get
into the menswear section… which is what they were really after…
Here is the other side of the wall, leading into menswear…
Once inside the menswear department, they also cleaned it out completely… but only in those areas behind the motion detector that you can see in the photo below…
As the photo above illustrates, these crooks did a fair bit of homework. They had visited the store at least once to determine where all of the motion detectors in the store were located.
They figured out which racks were the safest and didn’t risk setting off the alarm by stepping a foot beyond the ‘safe zone’ that they had discovered in the middle of the store.
We were brought in and installed shock sensors on both side walls as well as on the ceiling of the 2nd floor of the space. Additional glassbreak and motion sensors were installed in every area of the store to ensure that any attempted entry, from any direction would be detected as early as possible. The other thing that we did was split out all of the zones.
The net result for this client is the same thing that we remind every one of our clients still… your security is in your redundancy. To the extent that you are relying on any single device, whether it is your telephone line, a motion detector or the contacts on your front or back door to work… you are putting yourself at significant, and unnecessary, risk.
A properly designed alarm system needs to be just that, properly designed. One size does not fit all.
What are the weak points in your space?
A retailer in Kerrisdale was the victim of a burglary over the weekend where the crooks gained access by cutting a hole through the wall.
The space next door to the burglarized store was vacant, which provided a perfect opportunity for at least one crook to spend a fair bit of time, with power tools, cutting a hole into the adjoining space.
The burglar gained access to the empty space by spiraling out the weak lock (the photo to the right shows the hole left after the lock was removed on the bottom of the glass door), 
which is very common on metal framed doors. This allowed the thief to work undetected in the empty space… where he plugged in a reciprocating saw and cut through drywall and 3/4 inch plywood to make a hole large enough to sneak into the adjoining space.
Thankfully, it appears as if the crook was spooked once he got inside the space as he left before stealing anything… but left a substantial mess behind.
This method of entry is quite common in commercial spaces. Many offices only have one door, often giving business owners a false sense of security that a single door contact and motion detector at the door will be enough to detect an intruder. As the photos attest, it’s not.
The lesson to be learned is that you must secure your entire perimeter, not just the front and back of your space. In cases like this, we install vibration and shock sensors on all perimeter walls. These are mounted on the drywall and will trip the alarm as soon as any banging, vibration or wall movement is detected.
Extending your security detection to your entire perimeter is especially important for retailers, or other commercial spaces, with high value goods that are located next to a poorly secured establishment.
We warn all of our high-risk clients (such as retailers selling menswear, eyewear, jewelery and electronics–essentially items that are easily re-sold) that are situated next to a restaurant, florist or other type of ‘lower risk’ location that they must assume that a crook will first break into their neighbour’s space in order to break through to their actual target.
Don’t make the common mistake of installing detection only at the front and back of your store… while leaving the sides and ceiling at risk.
Mike Jagger is the founder and President of Provident Security Corp. ("Provident") a full service security firm ... read more
blog design by: A Joseph Design Inc.
