Documente Academic
Documente Profesional
Documente Cultură
Cyber security
Strikes and lockouts
Fire
Sabotage
Espionage
Waste disposal
Environment
Disasters – manmade and natural
CYBER SECURITY
• Workplace safety is very because all the workers desire to work in a safe and
protected atmosphere.
• Health and safety is the key factor for all the industries in order to promote the
wellness of both employees and employers.
• It is a duty and moral responsibility of the company to look after the employee’s
protection
NEED OF INDUSTRIAL SECURITY AND SAFETY
Industrial safety—
• Industrial safety is important as it safeguards human life,
especially in high risk areas such as nuclear, aircraft, chemical,
oil and gases, and mining industries, where a fatal mistake can
be catastrophic
• Industrial Safety reduces risks to people, and processes
• Maintaining a safe and healthy working environment is not
only an important human resources issue, it's the law
SECURITY SURVEY & SECURITY ANALYSIS
INGREDIENTS OF SECURITY SURVEY &
SECURITY ANALYSIS
SECURITY SURVEY
• Access control
• Surveillance
• Testing
ACCESS CONTROL
Obstacles should be placed in the way of potential attackers
and physical sites should be hardened against accidents,
attacks or environmental disasters. Such hardening measures
include fencing, locks, access control cards, biometric access
control systems and fire suppression systems, surveillance and
testing
SURVIELLANCE
Second, physical locations should be monitored
using surveillance cameras and notification systems, such as
intrusion detection sensors, heat sensors and smoke
detectors.
TESTING
DEFENSE IN DEPTH
NON-SECRECY OF DESIGN
ECONOMY OF MECHANISM
LEAST PRIVILEGE
SEPARATION OF PRIVILEGE
https://www.cs.cornell.edu/courses/cs5430/2015sp/notes/principles.php
PRINCIPLES -INDUSTRIAL SECURITY
PRINCIPLES-CORPORATE SECURITY
Keep Software Up to Date
Restrict Network Access to Critical Services
Minimize the Attack Surface
Follow the Principle of Least Privilege
Define and Report Separation of Duties
Construct an In-depth Defense
Monitor System Activity
Configure User Accounts Securely
Set Up a Change Management Process
TRAINING
• Ensure that all employees are trained on your company’s
security policy when they are first hired
• Provide regular training programs (computer-based or in-
person) to your developers and employees
• Allocate a training budget to employees
• Choose a training program that has a certification component
to it, as it provides additional educational and career incentive
to employees and provides further accreditation to your
organization.
SECURITY OF INFORMATION AND ACCESS
CONTROL SYSTEM
• Access control is a security technique that regulates who or
what can view or use resources in a computing environment
• Access control is a method of guaranteeing that users are who
they say they are and that they have the appropriate access to
company data
• Authentication is a technique of access control used to verify
that someone is who they claim to be
TYPES OF ACCESS CONTROL
(Also see Industrial Disputes Act 1947 and The Trade Union Act, 1926 )
STATUTORY REGULATIONS
The provisions of section 23, Industrial Disputes Act are general in nature. It imposes general
restrictions on declaring strike in breach of contract in the both public as well as non- public utility
services in the following circumstances mainly: -
(a) During the pendency of conciliation proceedings before a board and till the expiry of 7 days after
the conclusion of such proceedings;
(b) During the pendency and 2 month's after the conclusion of proceedings before a Labour court,
Tribunal or National Tribunal;
(c) During the pendency and 2 months after the conclusion of arbitrator, when a notification has
been issued under sub- section 3 (a) of section 10 A;
(d) During any period in which a settlement or award is in operation in respect of any of the matter
covered by the settlement or award
STRIKE AND MOB CONTROL
• Marketing Intelligence
• Business Intelligence
• Competitive intelligence
• Industrial Espionage
• Inter-Organisation Intelligence
• Intra-Organisational Intelligence
GATHERING OF INFORMATION AND INTELLIGENCE
• Action of defining, gathering, analyzing, and distributing intelligence about
products, customers, competitors, and any aspect of the environment
needed to support executives and managers in strategic decision
making for an organization
• Also the ‘health’ of own organisation and ‘loyalty’ status of own employees