Imagine this: months after parting ways with a technician, you notice unusual activity on a client’s alarm system dashboard. It’s not the client, and it’s not your current staff. Someone with insider knowledge is accessing sensitive systems, and it’s happening under your radar.
In the alarm installation industry, where systems are increasingly managed remotely via mobile apps and web portals, this scenario isn’t impossible. The convenience of digital access has introduced a new vulnerability–former employees retaining access due to inadequate offboarding procedures. This oversight isn’t just a technical glitch; it’s a significant security lapse that can lead to unauthorized access, data breaches, and compromised client trust.
Many alarm companies operate under the assumption that once an employee is offboarded, their access ends. However, without stringent access revocation protocols, ex-employees may continue to access systems, intentionally or unintentionally, posing risks that could culminate in legal challenges and financial losses. It’s a silent threat that often goes unnoticed until it’s too late.
Ghost Access: The Silent Alarm System Breach You Can’t See
It’s not just about whether your alarms are armed but about who still has the keys.
Almost every modern alarm system is cloud-connected. Whether it’s through mobile apps, browser portals, or even SMS-based triggers, your technicians likely access dozens of client systems from anywhere. That same convenience? It’s where the cracks begin.
If you’re not using individual logins, ex-technicians may still hold the digital equivalent of a master key. Even worse, shared credentials (still common in smaller teams) make it impossible to know who’s logging in… until a client asks questions you can’t answer.
The risks aren’t theoretical. With lingering access, a former employee can quietly disable alarms before a break-in, scroll through live video feeds, or tinker with settings that leave a system wide open without stepping on site. It’s not just a security issue; it’s a vulnerable exposure waiting for a claim to land on your desk.
And here’s the catch: you won’t always see it happen. Not until there’s property damage. Not until someone gets hurt. And not until your name is on the line.
Former ADT Technician Secretly Accesses 220 Customer Cameras in North Texas: A Case Study
What began as a routine home security installation turned into a years-long privacy breach–revealing how one technician exploited system access to secretly watch hundreds of customers.
Background
From 2013 to 2020, a former ADT technician based in North Texas exploited his position to gain unauthorized access to indoor security cameras installed in customers’ homes. By adding his personal email address to user accounts during service visits, he was able to watch live and recorded footage through the ADT Pulse app without homeowners’ consent.
The breach affected at least 220 households, some of whom only learned of the intrusion when contacted by ADT (home security company). One of the affected customers, Shana Doty, later became the lead plaintiff in a class-action lawsuit after learning the technician had access to her indoor cameras for years.
Problem
The issue revealed serious internal security flaws in how ADT managed employee access and client data. Despite operating in a highly sensitive industry centered around trust and surveillance, the company lacked sufficient safeguards to prevent or detect this type of abuse.
The technician, identified as Telesforo Aviles, was able to manipulate accounts for years without triggering internal alerts. In doing so, he potentially observed families in private, intimate moments—raising both privacy and legal red flags. Customers were left feeling violated, unsafe, and unsure of whether sensitive footage had been downloaded or distributed.
Solution
After discovering the breach, ADT reported the former technician, Telesforo Aviles, to law enforcement and began notifying all affected customers. The company launched an internal investigation, which revealed that Aviles had been abusing his access for several years by adding his personal email to client accounts during service visits. ADT acknowledged its failure to detect this behavior sooner and publicly expressed regret to the affected individuals.
In response, the company committed to enhancing its internal security protocols, including tightening access controls, improving account change monitoring, and expanding audits across its entire customer base to identify other potential vulnerabilities. The case was referred to federal authorities due to the broad geographic spread of victims.
Lesson Learned
This case delivers a critical lesson to the alarm installation industry: security isn’t just about the hardware—it’s about who controls it. Companies must implement strict internal protocols to monitor, restrict, and audit employee access to customer systems. Even a single rogue technician can compromise hundreds of homes, damaging both client trust and company reputation.
Background checks and training are essential, but they must be backed by real-time access logs, automated alerts for account modifications, and multi-step verification processes. Privacy violations like this are not just legal liabilities; they erode the very purpose of home security. The industry must evolve beyond simply installing systems to securing the systems themselves.
Where Offboarding Falls Apart: Six Red Flags You’re Probably Ignoring
You don’t need a breach to be vulnerable; you just need one technician who still knows the passwords.
Alarm companies often move fast and run lean, which means offboarding becomes an afterthought—if it happens at all. But when a former employee still has access to client systems, the risk falls squarely on your shoulders.
Here are the six signs you’re giving away control without realizing it:
| Category | What’s Happening: | Why It’s a Problem: |
| Credential Access | Techs are given full admin rights before training ends, with no tiered permissions or exit plan. | Former techs retain full control of systems and can bypass or alter critical settings. |
| Shared Logins That Never Change | Teams use shared admin logins, making it impossible to cut off access when someone leaves. | You lose visibility and control, increasing risk and killing accountability. |
| Passwords Stored in Unsecured Places | Credentials are stored in unsecured places like spreadsheets, texts, or emails—and can walk out unnoticed. | Data leaves with them and you might never know—until there’s a breach or complaint. |
| No Vendor-Level Security Controls | Vendors lack MFA and audit logs, leaving you blind to unauthorized activity. | If misuse happens, you can’t trace it or prove you did your due diligence. |
| No Formal Offboarding Protocol | No formal digital offboarding process—just collecting uniforms and keys. | Missed access deactivation creates long-term risk for system abuse or client exposure. |
| You Assume It’s Not Your Problem | You think ex-employee liability ends when they leave but contracts and claims still tie back to you. | Your name is still on the line. Insurance may not cover negligence in offboarding. |
And here’s the insurance reality: whether it was your employee or not, if they had your keys, you’re still holding the liability.
Lock It Down: Five Fixes You Can’t Afford to Skip
If you’re leaving system access to memory and manual cleanup, you’re already behind. Use this checklist to tighten control and keep your clients and coverage safe.
Set Role-Based Access Controls – Stop giving everyone the master key.
- Assign technician-level vs admin-level permissions.
- Restrict access to only active job sites.
- Remove “universal” or shared credentials.
- Review who has access to what—monthly.
Build and Use a Digital Offboarding Checklist – Exit procedures need to do more than collect uniforms.
- Disable all user accounts (tech, CRM, remote login).
- Reset any shared passwords used during employment.
- Remove mobile access from linked apps.
- Log the date and time offboarding was completed.
Require Multi-Factor Authentication (MFA) – If you can access a system with just a password, so can someone else.
- Enable MFA on all platforms used by techs/admins.
- Require app-based authentication (not SMS only).
- Audit who’s enrolled—and who’s not.
Audit Logins and Access Every 90 Days – You can’t control what you’re not watching.
- Review login history and flag irregular access times.
- Match logins to current employees.
- Monitor access to sensitive client systems.
- Revoke stale or dormant user accounts.
Choose Vendors That Let You Kill Access Fast – If you need to email support to remove a user, that’s a red flag.
- Confirm you have admin-level access to remove users instantly.
- Choose platforms with centralized user management.
- Avoid systems that lack audit logs or permission tiers.
- Test your ability to revoke access regularly.
Alarm installation companies that ignore digital access controls are sitting on a liability minefield. Breaches by former employees aren’t just hypothetical—they’re already happening to businesses like yours, leading to unauthorized system access, legal battles, and lost trust.
You can’t afford to treat offboarding as an afterthought; each unrevoked login or shared password is an open invitation for trouble. Take control now by tightening credential management, enforcing multi-factor authentication, and auditing user access. Stay one step ahead of insider threats and protect your clients (and your reputation) from preventable damage.
Apply to El Dorado now!
Secure the tailored coverage you need by completing your application here.
For more information or a consultation, visit El Dorado Insurance.


