CORPORATE SECURITY, SAFETY,

AND FIRE PROTECTION

MANAGEMENT
 AIM
To ensure that all stake holders are aware of the various threats and
are trained to safeguard corporate assets, technological
innovations, and property in offices, shopping malls, factories, hospitals
and private organizations
 CORPORATE SECURITY, SAFETY, AND
FIRE PROTECTION MANAGEMENT
What does Corporate Security mean??

 Corporate security identifies and manages, at an early stage,

any developments that may threaten the resilience and
continued survival of a corporation.
 It is a corporate function that oversees and manages the
close coordination of all functions within the company that are
concerned with security, continuity and safety
What does Corporate Security entail ?

– Risk assessment & mitigation

– Guard training & management
– Policy enforcement
– Compliance
– Looking forward – the way ahead
 CORPORATE SECURITY, SAFETY, AND
FIRE PROTECTION MANAGEMENT

What does safety and fire protection mean?

• Safety is the set of practices intended to reduce the damage caused
by disasters, terrorist action, strikes, fire, frauds etc. Safety
measures include those that are intended to prevent a disaster, and
those that are used to limit the development and effects after such
an event
• Fire protection measures include those that are planned during
the construction of a building or implemented in structures, offices,
malls, hospitals that are already standing, and those that are taught
to occupants of the building
Defence and Civil Industries and Their Concerns

 Cyber security
 Strikes and lockouts
 Fire
 Sabotage
 Espionage
 Waste disposal
 Environment
 Disasters – manmade and natural
 CYBER SECURITY

 Endusers accessing malware-laden websites or downloading

infected files
 Weak passwords
 Insecure system configurations
 Legacy or unpatched technology
 Poor network security
 Strikes and lockouts
Disgruntled Employees
 Careless or Uninformed Employees
Economic factors
Qualification requirements, reservations, new concepts
Labour laws
Loss making units
Employee and employer differences
 FIRE
• The biggest cause of fire accidents is the improper use of electricity.
Many people don’t understand how to use electricity safely and
correctly. Short circuits can happen at any time, which is why it is of
the utmost importance to conduct regular inspections in order to
prevent them
• Gas leakage is another leading cause of fire accidents that may be
directly related to human error or carelessness on the part of users
• Improper handling of inflammable materials can also lead to fire
accidents
• Natural causes
 SABOTAGE
• The term "sabotage" derives from French factory workers throwing their
wooden shoes ("sabots") into machinery to jam them and stop production.
Sabotage refers to all activities which workers can undertake to reduce
production or rate of work
• Sabotage is a deliberate action aimed at weakening a organisation through
subversion, obstruction, disruption, or destruction. One who engages in
sabotage is a saboteur. Saboteurs typically try to conceal their identities
because of the consequences of their actions.
• Any unexplained adverse condition might be sabotage. Sabotage is
sometimes called tampering, meddling, tinkering, malicious pranks,
malicious hacking, a practical joke, or the like to avoid needing to invoke
legal and organizational requirements for addressing sabotage.
 ESPIONAGE
• Industrial espionage, economic espionage, corporate
spying or corporate espionage is a form of
espionage conducted for commercial purposes instead of
purely national security
• While economic espionage is conducted or orchestrated by
governments and is international in scope, industrial or
corporate espionage is more often national and occurs
between companies or corporations.
 ENVIRONMENT
• CSR may cover business performance of a company or corporate
entity as a responsible member of the society in which it operates
and the global community
• These cover the environmental implications of a company's
operations to include:
 Eliminate waste and emissions
 Maximize the efficient use of resources and productivity
 Minimize activities that might impair the enjoyment of
 resources by future generations
 WASTE DISPOSAL
• Waste management rules in India are based on the principles of
"sustainable development", "precaution" and "polluter pays"
• These principles mandate factories, hospitals, corporates,
commercial establishments to act in an environmentally
accountable and responsible manner—restoring balance, if their
actions disrupt it
• The Environment Protection Act, 1986 lays down rules and requires
separate compliances, mostly in the nature of authorisations,
maintenance of records and adequate disposal mechanisms
 WASTE DISPOSAL METHODOLOGY
• Landfill
• Incineration
• combustion
• Recovery and recycling
• Plasma gasification
 NEED OF INDUSTRIAL SECURITY AND SAFETY
Workplace safety--

• Workplace safety is very because all the workers desire to work in a safe and
protected atmosphere.
• Health and safety is the key factor for all the industries in order to promote the
wellness of both employees and employers.
• It is a duty and moral responsibility of the company to look after the employee’s
protection
 NEED OF INDUSTRIAL SECURITY AND SAFETY
Industrial safety—
• Industrial safety is important as it safeguards human life,
especially in high risk areas such as nuclear, aircraft, chemical,
oil and gases, and mining industries, where a fatal mistake can
be catastrophic
• Industrial Safety reduces risks to people, and processes
• Maintaining a safe and healthy working environment is not
only an important human resources issue, it's the law
SECURITY SURVEY & SECURITY ANALYSIS
INGREDIENTS OF SECURITY SURVEY &
SECURITY ANALYSIS
 SECURITY SURVEY

A Security Survey is a thorough physical examination of a facility

and its operations with respect to personnel and company assets.
We examine the risks these assets are exposed to, and review the
measures that are in place to protect them and to mitigate
liability. We identify vulnerabilities and make recommendations
on how these can be improved. This can be relevant for new
locations or existing facilities, particularly after a loss or incident
has occurred.
SECURITY ANALYSIS
 SECURITY AUDIT

A Security Audit differs from a survey in that it is a process to

assess whether an existing security system and procedures are
operating to set of standards or criteria they were designed to. It
evaluates the administration of the system, security awareness of
employees, the management controls and compliance with
standards. This is a valuable tool to give an accurate overview to
the senior management
 IDENTIFYING THE RISKS

A security survey/analysis along with an audit gives a rounded

picture of the risks that your organisation faces and the security
measures in existence. Without this information it is difficult to
assess:-
*the type and scale of risk
*any trends or patterns in the incidents occurring at the
organisation
*the selection of security measures
*the efficiency of the chosen security measures
 Physical security involves the use of multiple layers of
interdependentsystems which include CCTV surveillance, security
guards, protective barriers, locks, access control protocols, and
many other techniques
 WHAT IS PHYSICAL SECURITY?

Physical security is the protection of

personnel, hardware, software, networks and
data from physical actions and events that
could cause serious loss or damage to an
enterprise, agency or institution. This includes
protection from fire, flood, natural disasters,
burglary, theft, vandalism and terrorist
activities
 WHAT DOES IT ENTAIL?
Aim is to design and maintain the appropriate physical security protection measures
needed. This entails:
• What needs to be protected – where the owner of a valuable item requests the
design of security measures
• What the threats are – by understanding the types of criminal and criminal methods
• Location – which means the area where the crime would be committed
• What other protection measures are in-place – existing police patrols or other
guarding forces
• Available budget – a protective solution within the affordable budget of the owner
• Aesthetics – solutions to be appropriate for the location and local environment
• Regulations – where legal and regulatory standards have to be complied with
 PHYSICAL SECURITY COMPONENTS

Physical security has three important components:

• Access control
• Surveillance
• Testing
 ACCESS CONTROL
Obstacles should be placed in the way of potential attackers
and physical sites should be hardened against accidents,
attacks or environmental disasters. Such hardening measures
include fencing, locks, access control cards, biometric access
control systems and fire suppression systems, surveillance and
testing
 SURVIELLANCE
Second, physical locations should be monitored
using surveillance cameras and notification systems, such as
intrusion detection sensors, heat sensors and smoke
detectors.
 TESTING

Third, disaster recovery policies and procedures should be tested

on a regular basis to ensure safety and to reduce the time it
takes to recover from disruptive man-made or natural
disasters.
 IDENTIFYING VA’s/VP’s
• Building perimeters – Walls, fences and gates provide an initial barrier to
external crime
• Building structures – External doors and windows are designed to only
allow authorised entry
• Inside buildings – Access controls create the secure zones where
authorised persons can work freely
• Security furniture – Office furniture, such as safes and cabinets, provide
additional security protection
• Monitoring – Vulnerability can be protected by technical systems such as
Closed Circuit TV (CCTV)
• Alarm triggers – Indicators of a problem need to alert a response capability
PAPER 1/UNIT 2
 KEY PRINCIPLES OF SECURITY
ACCOUNTABILITY

DEFENSE IN DEPTH

NON-SECRECY OF DESIGN

ECONOMY OF MECHANISM

FAIL SAFE DEFAULTS

LEAST PRIVILEGE

SEPARATION OF PRIVILEGE
https://www.cs.cornell.edu/courses/cs5430/2015sp/notes/principles.php
PRINCIPLES -INDUSTRIAL SECURITY
 PRINCIPLES-CORPORATE SECURITY
Keep Software Up to Date
Restrict Network Access to Critical Services
Minimize the Attack Surface
 Follow the Principle of Least Privilege
 Define and Report Separation of Duties
Construct an In-depth Defense
Monitor System Activity
Configure User Accounts Securely
Set Up a Change Management Process
 TRAINING
• Ensure that all employees are trained on your company’s
security policy when they are first hired
• Provide regular training programs (computer-based or in-
person) to your developers and employees
• Allocate a training budget to employees
• Choose a training program that has a certification component
to it, as it provides additional educational and career incentive
to employees and provides further accreditation to your
organization.
 SECURITY OF INFORMATION AND ACCESS
CONTROL SYSTEM
• Access control is a security technique that regulates who or
what can view or use resources in a computing environment
• Access control is a method of guaranteeing that users are who
they say they are and that they have the appropriate access to
company data
• Authentication is a technique of access control used to verify
that someone is who they claim to be
 TYPES OF ACCESS CONTROL

• Discretionary Access Control (DAC) : The data owner decides on access

• Mandatory Access Control (MAC): In which people are granted access based on an
information clearance by a central authority
• Attribute Based Access Control (ABAC): User is assigned a series of attributes, a
dynamic method of users attributes, including time of day, position and location, are
used to make a decision
• Role Based Access Control (RBAC): Based on a user’s role and implements key security
principles ( least privilege and separation of privilege).Thus, someone attempting to
access information can only access data that’s deemed necessary for their role
 SECURITY OF RAW MATERIAL/PREPARED
GOODS/WASTE MATERIAL
• Environment concerns
• Storage
• Transportation
• Pilferage/theft
• Regular supply chain
• Recycling
• National/international stipulations
 PAPER 1/UNIT 3
OFFICE SECURITY/THEFT/SABOTAGE/DESTRUCTION
• Install proper locks on all doors in the building, with features like security pins,
magnetic and mechanical coding, and other extra electronic measures
• Even better: combine physical locks with other access control measures, such as
individual badges, biometric readers, or pin pads
• Put bars or other physical preventative measures on windows. If this is not possible,
install alarms on all windows, especially those on the bottom 2 floors
• Install closed-circuit security cameras facing all access points into the building, as well
as along all walls where a window is present
• Use at least two security guards: at the minimum, one who will monitor camera feeds,
and another who will do rounds of the building
• Doors should have secure hinges that are oriented toward the interior of the building,
so that attackers cannot just remove the door hinge to get through the door
• Ensure that your server rooms and other critical assets are behind an additional layer
of security
 SECURITY OF PERSONNEL AND EQUIPMENT

Security of personnel and equipment is a system of policies and

procedures which seek to mitigate the risk to workers (insiders)
and material assets of the organisation
 SECURITY OF PERSONNEL
Basic Safety and Health Principles
• What is ergonomics?
• What about fire safety and bomb threats?
• What about aisles and passageways?
• What about natural disasters?
Training and Education
• Should the prevention of some injuries receive special emphasis?
• How can employers make their training programs more effective
 SECURITY OF EQUIPMENT AND WORK PLACE
SAFETY
• What safety measures should employers take regarding conveyors?
• How should expensive equipment be guarded/secured?
• What safety measures should employers take regarding
cranes/slings?
• What must employers do to protect workers who operate powered
industrial trucks and equipment?
• What are the safety requirements for design- ----fire?
• What are the safety requirements for modification?
• Are there any training requirements for operators of machinery?
 MOB AND STRIKE CONTROL
• The right to strike or right to declare lock out may be controlled or
restricted by appropriate industrial legislation and the validity of
such legislation would have to be tested not with reference to the
criteria laid down in clause (4) of article 19, Indian Constitution
• There is a guaranteed fundamental right to form association or
Labour unions but there is no fundamental right to go on strike.
Under the Industrial Dispute Act, 1947 the ground and condition
are laid down for the legal strike and if those provisions and
conditions are not fulfilled then the strike will be illegal
 STATUTORY REGULATIONS
Section 22(1) of the Industrial Dispute Act, 1947 put certain prohibitions on the
right to strike. It provides that no person employed in public utility service shall
go on strike in breach of contract:
 Without giving to employer notice of strike with in six weeks before striking; or
 Within fourteen days of giving such notice; or
 Before the expiry of the date of strike specified in any such notice as aforesaid;
or
 During the pendency of any conciliation proceedings before a conciliation officer
and seven days after the conclusion of such proceedings

(Also see Industrial Disputes Act 1947 and The Trade Union Act, 1926 )
 STATUTORY REGULATIONS

The provisions of section 23, Industrial Disputes Act are general in nature. It imposes general
restrictions on declaring strike in breach of contract in the both public as well as non- public utility
services in the following circumstances mainly: -
(a) During the pendency of conciliation proceedings before a board and till the expiry of 7 days after
the conclusion of such proceedings;

(b) During the pendency and 2 month's after the conclusion of proceedings before a Labour court,
Tribunal or National Tribunal;

(c) During the pendency and 2 months after the conclusion of arbitrator, when a notification has
been issued under sub- section 3 (a) of section 10 A;

(d) During any period in which a settlement or award is in operation in respect of any of the matter
covered by the settlement or award
 STRIKE AND MOB CONTROL

The principal object of all statutory provisions seem to ensure

a peaceful atmosphere to enable a conciliation or adjudication
or arbitration proceeding to go on smoothly. This section
because of its general nature of prohibition covers all strikes
irrespective of the subject matter of the dispute pending
before the authorities. It is noteworthy that a conciliation
proceedings before a conciliation officer is no bar to strike
under section 23, Industrial Disputes Act
 PAPER1/UNIT4
AVAILABILITY OF SECURITY EQUIPMENT
• Car Parking System
• Parking Management System
• Electronic Toll Collection System
• Security Metal Detectors
• Hand-held Metal Detector
• Door Frame Metal Detector
• Full Body Scanner
 SECURITY EQUIPMENT
• Baggage Scanning Machine
• Guard Monitoring System
• Central Locking System
• Electronic Queue Management System
• Pepper Spray
• Search Mirror
• Inspection Equipment
• Self Defense Spray
• X Ray Inspection Systems
• Spy Cell Phone Interceptor Software
• Stun Guns
• Metal Detector Gate
GATHERING OF INFORMATION AND INTELLIGENCE

• Marketing Intelligence
• Business Intelligence
• Competitive intelligence
• Industrial Espionage
• Inter-Organisation Intelligence
• Intra-Organisational Intelligence
GATHERING OF INFORMATION AND INTELLIGENCE
• Action of defining, gathering, analyzing, and distributing intelligence about
products, customers, competitors, and any aspect of the environment
needed to support executives and managers in strategic decision
making for an organization

• Understanding and learning what is happening in the world outside the

business to increase one's competitivity. It means learning as much as
possible, as soon as possible, about one's external environment including
one's industry in general and relevant competitors

• Also the ‘health’ of own organisation and ‘loyalty’ status of own employees