CHAPTER 8

Computer security involves protecting computer systems from harm, theft, and
unauthorized use. As computer usage increases, health and security risks increase,
particularly with the internet. Physical safety concerns involve potential injuries or
loss of life. Health safety focuses on preventing illness or daily contact with
computers, while physical safety focuses on preventing serious injuries or loss.

Safety Risk Cause of Safety Risk Prevention Measures

Electrocution ⦁ Spilling liquids / drinks on electric ⦁ Do not allow drinks to be taken into the
equipment. computer room.
⦁ Exposed wires / damaged ⦁ Check all wires on regular basis and renew
insulation. wires if there is any sign of damaged
⦁ Unsafe electrical equipment. insulation.
⦁ Unsafe electrics (wall sockets) in the ⦁ Ensure all equipment is checked by a qualified
office. electrician on a regular basis.
⦁ Make use of an RCB (Residual Current Breaker)
to prevent electrocution.

Fire hazard ⦁ Overloaded wall sockets (several ⦁ Increase the number of wall sockets and do
items plugged into one wall socket). not use too many extension blocks.
⦁ Overheating of computer ⦁ Do not cover the cooling vents on computer
equipment (due to poor heat equipment.
dissipation). ⦁ Clean out dust accumulation in computers to
⦁ Exposed wires causing a short prevent overheating.
circuit. ⦁ Make sure all equipment is fully tested on a
regular basis.
⦁ Ensure there is good room ventilation.
⦁ Use low-voltage equipment wherever possible.
⦁ Have a number of fully tested carbon dioxide /
dry powder fire extinguishers.

Tripping ⦁ Trailing wires on the floor. ⦁ Use cable ducts to make the wires safe.
hazard ⦁ Damaged carpets and other ⦁ Cover exposed wires and hide wires under
flooring. desks away from general throughfare.
⦁ Use wireless connectivity wherever possible,
therefore eliminating the need for trailing
cables.

Personal ⦁ Heavy equipment, unstable, or ⦁ Use desks strong enough to take the weight of
injury falling from desks. the computer equipment.
⦁ Desks collapsing under weight / ⦁ Use large desks and cables so that hardware is
desks not designed to take the not too close to the edge where it could fall of.
weight.

Computer systems are crucial for protecting data and information from harm, theft,

1
and unauthorized use. As computer usage increases, so do the risks associated with
data storage. Legislation is in place to prevent incorrect or inaccurate data storage,
including Data Protection Acts (DPAs) for both computerized and paper records.
These acts protect the rights of individuals involved in data collection, use,
disclosure, destruction, and holding. Failure to comply can result in fines or
imprisonment in many countries.

To prevent data theft, avoid leaving personal information on desks, locking cabinets
at the end of the day, and not leaving data on unattended computer monitors. Log off
from the computer when away from your desk for extended periods. Use secure
passwords and user IDs, keeping them difficult to guess and change frequently.
Ensure sensitive emails or faxes are not sent.
Data protection involves fair and lawful processing for the started purpose, ensuring
adequate, relevant, accurate, and not excessive data. Data should not be kept
longer than necessary, and processed in accordance with the data subject's rights.
Data must be kept secure and not transferred to another country without adequate
protection.

Personal data includes information about a living person, such as name, address, ID
card number, IP address, and cookie ID. This data can be identified through the
individual's information or in combination with other data.

Personal data, including sensitive information like ethnicity, political views,

membership in a political party, religion, and sexual orientation, is crucial for
maintaining confidentiality and preventing inappropriate disclosure. Encrypting data
can help protect it from hackers and accidental disclosure, ensuring that sensitive
information remains secure and protected from misuse. Therefore, it is essential to
take necessary precautions to protect personal and sensitive data.

E-safety is the balance between the benefits, risks, and responsibilities of using ICT,
including the internet. It involves user behavior and electronic security, particularly
when using the internet. To minimize potential danger, ensure trusted websites,
purchase items from secure, encrypted connections, set device settings to ‘safe
search', use recommended websites from trusted sources, and keep anti-malware
software running in the background. It's also important to log out of sites when
finished using them. This approach ensures the safe and responsible use of
technology, while also promoting user behavior and electronic security.

EMAILS
Emails can be dangerous if they come from unknown sources. To avoid these risks,
only open emails from known sources, use an effective email filter, reply only to
known senders, verify email addresses with the real company's website, avoid
personal data, and send photos of yourself. Be cautious of phishing and pharming
scams, use strong passwords, and be cautious when forwarding emails. Avoid
clicking on hyperlinks, using unsubscribe links, and using Cc or To boxes when
sending multiple emails.

2
ONLINE GAMING
Online gaming, a popular form of entertainment, often attracts games players who
may not be aware of the potential risks associated with such activities. These risks
include predators, cyberbullying, webcam use, and voice-masking technology.
Additionally, online gaming can lead to cyber attacks on users' devices and even
actual violence in the game itself, which can potentially escalate into violent behavior
in real life.

SOCIAL MEDIA
When using social media, it is crucial to be cautious and know how to block
undesirable people. Avoid sharing personal information, including email addresses or
house addresses, with unknown individuals, and use privacy settings to ensure only
trusted individuals can see your photos. Avoid posting photos in school uniforms,
maintain privacy settings, and only make friends with known or well-known
individuals. Be vigilant when using social networking sites, instant messaging, or
chat rooms, reporting suspicious behavior and using appropriate language. Always
use a nickname instead of your real name in chat rooms. Keep private and personal
data secret, and only enter public spaces for private chat rooms. Never arrange to
meet someone on your own, always tell an adult first and meet in a public place.
Avoid misuse of images, including forwarding on others' images, and respect
people's confidentiality. In summary, it is essential to be cautious when using social
media and to be vigilant about the dangers of sharing personal information, sending
photos, and respecting confidentiality.

SECURITY OF DATA
Data security is crucial in protecting digital information from unauthorized access
throughout its entire lifecycle. Utilizing technologies like encryption, data masking,
and redaction can streamline audits and regulatory compliance. These tools
enhance visibility into critical data locations and usage, ensuring data security
throughout the entire lifecycle.

SUMMARY TYPES OF MALWARES

1. Viruses are programs that replicate to delete or corrupt files, requiring an active
host program on the infected computer or operating system before they can run.
2. Worms are standalone viruses that replicate to spread to other computers, often
exploiting weak security vulnerabilities in networks to exploit their potential.
3. Trojan horses are malicious programs disguised as legitimate software, replacing
all parts of it with the intention of causing harm to the user's computer system.
4. Spyware is software that monitors and collects information, often monitoring key
presses, and sends it back to the sender.
5. Adware is software that displays unwanted advertising, often in the form of pop-
ups, and redirects the user to a fake website with promotional adverbs, often in the
browser address window.
6. Ransomware is a type of software that encrypts user data, requiring payment for a
decryption key, often transmitted through a trojan horse or social engineering.

3
CARD FRAUD
Card fraud is the illegal use of credit or debit cards, often resulting from theft or
cloning. Shoulder surfing is a form of data theft where criminals steal personal
information from victims while using cash dispensing machines, handheld point-of-
sale devices, or smartphones. To avoid this, shield the keyboard when using ATMs,
never key in data in a public place, and avoid speaking card details into your
smartphone. In public places, avoid near security cameras and use biometrics on
your device. Card cloning involves copying a credit or debit card using a magnetic
stripe, which can be recorded by a skimmer. Skimmers can be placed in ATM slots
to read all data from a card. Smart cards, which contain a microchip, have been
introduced to combat card cloning and provide more security. A different device,
known as a shimmer, is now used to read these smart cards.

PROTECTION OF DATA
Data protection is crucial in safeguarding sensitive information from damage, loss, or
corruption, especially as the volume of data generated and stored has surged.
Authentication and encryption are essential tools for verifying data source security
and enhancing internet data security.

BIOMETRICS
1.Fingerprints
 Very high accuracy.
 One of the most developed biometric techniques.
 Very easy to use.
 Relatively small storage requirements for the biometric data created.
 For some people it is very intrusive, because it is related to criminal identification.
2.Signature Recognition
 Non-intrusive.
 Requires very little time to verify.
 Relatively low-cost technology.
 If individuals do not sign their names in a consistent manner there may be problems
with signature verification.
 High error rate of 1 in 50. It can make mistakes if the skin is dirty or damaged.
3. Retina Scans
 Very high accuracy.
 There is no known way to replicate a person's retina pattern.
 It is very intrusive.
 It can be relatively slow to verify retina scan with stored scans.
 Very expensive to install and set up.
4.Iris recognition

4
 Very high accuracy.
 Verification time is generally less than five seconds.
 Very intrusive.
 Uses a lot of memory for the data to be stored.
 Very expensive to install and set up.
4.Face recognition
 Non-intrusive method.
 Relatively inexpensive technology.
 It is affected by changes in lighting, the person's hair, their age, and if the person is
wearing spectacles.

5.Voice Recognition
 Non-intrusive method.
 Verification takes less than five seconds.
 A person's voice can be easily recorded and used for unauthorized access.
 Low accuracy.
 An illness, can changes a person's voice, making absolute identification difficult or
impossible.

DIGITAL CERTIFICATES
Digital certificate is a pair of files stored on user’s computer – these are used to ensure
the security of data sent over the internet. Each pair of files is divided into two:

⦁ Public key (which can be accessed by anyone).

⦁ Private key (known to the computer user only).

SECURE SOCKET LAYER (SSL)

SSL is a protocol that ensures secure data transmission over the internet. It encrypts
data when a user logs onto a website, allowing only the user's computer and web
server to understand it. SSL certificates, small data files, digitally bind an encryption
key to an organization's details. When installed on a web server, they display the
green padlock and the https protocol.

ENCYRPTION
Encryption protects data from hacking or illegal access, but it is useless unless the
recipient has the necessary decryption tools. Example of Encryption and Decryption:
Encrypt the connection with your email Encrypt the actual email Encrypt stored or archives email
provider messages messages

5
 ⦁ Encrypting your email supplier Encryption of emails ⦁ Any backed-up messages
connection safeguards against themselves prevents a stored on your email
unauthorized users from intercepting hacker making sense of any supplier’s server also need to
and capturing login details and any sent intercepted messages. be encrypted.
or received emails. ⦁ It a hacker acquires access to
⦁ Encryption provides additional this server, they could then
protection for emails as they leave your gain access to your stored or
email supplier's server and travel to their archived messages.
destination server.

FIREWALL
A firewall, either software or hardware, protects a user's computer from external
threats by filtering incoming and outgoing network traffic, allowing or denying access
based on user preferences.
Two-factor Authentication
Two-factor authentication utilizes common factors such as a PIN code, a mobile
device, and unique biometrics for verification, primarily used in online purchases with
credit/debit cards, to ensure user identity.
USER ID AND PASSWORD
Passwords are essential for securing data and systems, and should be hard to break
and frequently changed. They are also used for internet access. To protect
passwords, run anti-spyware software and change them regularly. Strong passwords
should contain at least one capital letter, one numerical value, and one other
keyboard character, while being easy to remember.