Safety & Security

8.1 Physical Safety

8.1.1 Safety Issues

Physical safety in ICT is different from health risks. While health safety focuses on preventing
discomfort or illness due to prolonged computer use, physical safety is about avoiding dangers
that could lead to serious injuries or even fatalities.

The following are common safety risks, their causes, and measures to prevent them:

Table 8.1 - Physical Safety Hazards and Prevention

Safety Risk Causes Prevention Measures

Electrocution - Spilling liquids on electrical - Avoid bringing liquids near computers

equipment - Regularly check wires and replace
- Exposed wires/damaged damaged insulation
insulation - Get electrical equipment inspected by
- Use of unsafe electrical a qualified electrician
devices - Use RCBs (Residual Current Breakers)
- Faulty electrical sockets to prevent electrocution

Fire Hazard - Overloaded electrical - Use separate sockets instead of

sockets multiple extension blocks
- Overheating of devices - Ensure ventilation for computer
(blocked ventilation) hardware (do not block cooling vents)
- Exposed wires causing short - Clean dust from devices regularly to
circuits avoid overheating
- Use low-voltage equipment when
possible
- Have CO₂ or dry powder fire
extinguishers in the room

Tripping - Loose or trailing wires on the - Use cable ducts to manage wires safely
Hazard floor - Cover exposed wires and keep them
- Damaged carpets or uneven away from walkways
flooring - Use wireless devices where possible to
reduce cables

Personal - Heavy equipment falling - Ensure desks are strong enough to

Injury from unstable desks support hardware
- Desks collapsing due to - Use larger desks to keep computers
excess weight away from the edge

Key Takeaways:

1. Regular maintenance of electrical equipment and wiring prevents electrocution and

fire hazards.

2. Proper furniture setup avoids personal injuries due to falling equipment.

 3. Organized cable management reduces the risk of tripping over wires.

4. Good ventilation and dust removal prevent overheating, reducing fire hazards.

5. Installing proper fire safety equipment ensures quick response to emergencies.

8.2 E-Safety

E-Safety refers to the responsible and secure use of digital technologies, including the
internet, social media, emails, and online gaming. It involves understanding risks,
responsibilities, and strategies to stay safe online.

8.2.1 Data Protection

Many countries have a Data Protection Act (DPA) to safeguard individuals' personal data. It
regulates how data is collected, stored, and used, applying to both digital and paper records.

Main Principles of Data Protection Acts

1. Fair & Lawful Processing – Data must be collected and used fairly.

2. Purpose Limitation – Data should only be used for the stated purpose.

3. Data Minimization – Only relevant and necessary data should be stored.

4. Accuracy – Data must be correct and up to date.

5. Storage Limitation – Data should not be kept longer than necessary.

6. Individual Rights – Individuals must have control over their data.

7. Security – Data must be protected against unauthorized access.

8. International Transfer Restrictions – Data should not be transferred to countries

without adequate protection.

Preventing Unauthorized Data Access

• Do not leave personal documents unattended.

• Lock filing cabinets when not in use.

• Log out from computers when leaving the desk.

• Use strong passwords and change them regularly.

• Ensure sensitive information is encrypted when shared digitally.

8.2.2 Personal and Sensitive Data

Personal data refers to any information that can identify an individual.

Examples of Personal Data:

• Full name
 • Address / Email

• ID card number / Passport number

• IP Address / Cookie ID

• Banking details

• Date of birth

Some data is categorized as sensitive personal data, requiring extra security.

Examples of Sensitive Data:

• Ethnicity or race

• Political opinions

• Religious beliefs

• Trade union membership

• Medical history

• Biometric or DNA data

Sensitive data requires encryption and restricted access to prevent identity theft.

8.2.3 Safe Use of the Internet

The internet offers valuable resources but also presents security risks.

Precautions When Using the Internet:

✔ Use trusted websites (look for "HTTPS" or a padlock symbol).

✔ Enable Safe Search settings for search engines.
✔ Download only from reputable sources to avoid malware.
✔ Log out after using online services, especially financial sites.

8.2.4 Email Safety

Emails are a common medium for phishing, scams, and malware.

Email Safety Measures:

✔ Only open attachments from known sources.

✔ Use spam filters to block suspicious emails.
✔ Verify email sender details to detect phishing scams.
✔ Never share personal or financial details via email.
✔ Avoid clicking on unknown links (they may lead to fraudulent sites).

8.2.5 Social Media Safety

Social networking sites pose privacy risks if not managed properly.

Guidelines for Safe Social Media Use:

✔ Do not share personal data publicly (e.g., address, phone number).

✔ Use privacy settings to control who sees your posts.
✔ Avoid posting school uniforms or identifiable locations.
✔ Do not accept friend requests from strangers.
✔ Block and report suspicious users.

8.2.6 Online Gaming Risks

Online gaming has gained popularity but comes with security concerns.

Potential Online Gaming Risks:

• Predators – People pretending to be someone else.

• Cyberbullying – Harassment through chat or messages.

• Webcam Risks – Hackers can access webcams.

• Malware & Phishing – Games can contain hidden viruses.

How to Stay Safe While Gaming:

✔ Use a nickname instead of your real name.

✔ Never share personal information with other players.
✔ Enable parental controls and privacy settings.
✔ Avoid suspicious game downloads.
✔ Report inappropriate behaviour to game moderators.

Key Takeaways:

1. E-Safety involves data protection, safe browsing, and responsible online behavior.

2. Personal & sensitive data must be protected from unauthorized access and identity
theft.

3. Emails and social media are common sources of phishing and cyber threats.

4. Strong passwords, privacy settings, and safe browsing habits reduce online risks.

5. Online gaming safety measures prevent cyberbullying, hacking, and fraud.

8.3 Security of Data

Data security involves protecting stored, processed, or transmitted data from unauthorized
access, loss, or corruption. Several risks can threaten the integrity of data, requiring the use of
security measures.
8.3.1 Data Threats

Data is vulnerable to various threats, which can be categorized as cyberattacks, malware, and
social engineering techniques.

Common Security Risks

Risk Description Possible Effects Prevention Measures

Hacking Unauthorized access to Data theft, Use strong passwords,

a system corruption, or firewalls, and anti-hacking
deletion software

Phishing Fake emails trick users Identity theft, Avoid clicking unknown links,
into giving personal fraud verify email authenticity
data

Vishing Phone-based phishing Financial fraud, Never share details over calls,
scams personal data verify caller identity
theft

Smishing SMS-based phishing Similar to phishing Do not click on suspicious text

scams message links

Pharming Redirects users to fake Theft of login Use secure websites (HTTPS),
websites credentials update security software

Viruses & Malicious software System crashes, Install antivirus software,

Malware infects computers data loss avoid suspicious downloads

Card Fraud Unauthorized access to Financial loss Enable two-factor

credit/debit card data authentication, use secure
payment gateways

8.3.2 Protection of Data

Data protection methods help ensure that information remains secure and accessible only to
authorized users.

Key Security Measures

1. Biometric Authentication

o Uses fingerprints, facial recognition, retina scans, voice recognition to verify

identity.

o Provides high security but may be intrusive or affected by environmental

factors.

2. Digital Certificates

o A public and private key system that verifies the sender's authenticity.
 o Used for secure email communication and online transactions.

3. Encryption

o Converts data into unreadable code using a secret key.

o Prevents unauthorized access even if data is intercepted.

o Two types:

▪ Symmetric encryption (same key for encryption & decryption).

▪ Asymmetric encryption (public key for encryption, private key for

decryption).

4. Firewalls

o Acts as a barrier between a trusted network and an untrusted network.

o Blocks unauthorized access and filters harmful traffic.

5. Two-Factor Authentication (2FA)

o Requires two forms of identification (e.g., password + OTP).

o Example: Online banking uses 2FA for secure logins.

6. Secure Sockets Layer (SSL) & HTTPS

o Ensures secure data transfer over the internet.

o Websites with HTTPS and a padlock icon use SSL encryption.

7. Strong Passwords & User IDs

o Should contain uppercase, lowercase, numbers, and symbols.

o Changed regularly to prevent unauthorized access.

8. Regular Backups

o Prevents data loss due to cyberattacks or system failures.

o Cloud backups and external hard drives are common backup methods.

Key Takeaways

Data is vulnerable to hacking, phishing, malware, and fraud.

Encryption, firewalls, SSL, and biometric authentication help secure data.
Users should practice strong password management and two-factor authentication.
Regular backups ensure data recovery in case of loss or corruption.