Chapter 8 – Safety and Security
Physical Safety - Preven ng serious injuries or loss of life due to physical safety hazards related to computer use.
Safety Risks
Electrocu on
Causes
 Spilling liquids on electrical equipment
 Exposed wires/damaged insula on
 Unsafe electrical equipment or wall sockets
Preven on Measures
 Avoid liquids near computers
 Regularly check and replace damaged wires
 Ensure electrical equipment is inspected regularly by qualified electricians
 Use Residual Current Breakers (RCB)
Fire Hazard



Overloaded wall sockets
Overhea ng of equipment due to poor heat dissipa on
Exposed wires causing short circuits




Increase wall sockets to avoid overuse of extension blocks
Ensure proper ven la on and clean dust from computers
Use low-voltage equipment
Install and maintain fire ex nguishers
Tripping Hazard


Trailing wires
Damaged flooring

Use cable ducts, hide wires under desks, or use wireless connec ons
Personal Injury


Unstable or falling heavy equipment
Desks collapsing under the weight of equipment
Use strong, stable desks designed to handle the weight of computer equipment
Examples / Focus
Protec ng individuals from unauthorized data access and ensuring data
accuracy.
Key Measures / Precau ons
 Do not leave personal informa on una ended
 Lock filing cabinets when not in use
 Log off computers if le una ended
 Use secure passwords and user IDs
 Ensure sensi ve material is not emailed or faxed inappropriately
Protec ng iden fiable personal data and sensi ve personal data.



Data Protec on
Data
Protec on
Personal
Data
Examples of Personal Data:
Name, address, email, IP address, date of birth, etc.
Encrypt sensi ve data
Prevent accidental disclosure
Secure data from hackers
Examples of Sensi ve Personal Data:
Ethnicity, poli cal views, religion, medical history, etc.
E-Safety - Safe and responsible use of technology, including the internet, emails, social media, and online gaming.
Usage
Precau ons against risks
Using the Internet
 Use trusted websites (look for HTTPS or green padlock symbol)
 Ensure secure, encrypted connec ons when purchasing online
 Use safe search se ngs and avoid downloading harmful content
Sending and Receiving Emails




Only open a achments from known sources
Use email filters to block spam
Verify sender addresses to avoid phishing
Use passwords and avoid sending sensi ve informa on
Social Media




Be cau ous about sharing personal data
Use privacy se ngs for posts and photos
Block or report suspicious individuals
Only interact with trusted people
Online Gaming




Be aware of predators, cyberbullying, and malware risks
Avoid revealing personal informa on
Be cau ous with voice-masking technology and webcams
Recognize the link between violence in games and behavior in reality
Security of Data
Security Risks
Descrip on
Hacking
Unauthorized access to data on a computer
system or network.
Phishing
Fraudulent emails impersona ng legi mate
companies to steal personal data.
Smishing
SMS phishing via fake text messages to
obtain personal informa on
Voicemail phishing to steal personal
informa on
Redirec ng a user from a legi mate
website to a fraudulent one
Malicious code that replicates to corrupt
files and disrupt systems
Vishing
Pharming
Viruses
Worms
Trojan Horse
Self-replica ng malware that spreads via
network vulnerabili es
Malicious so ware disguised as legi mate
programs
Possible Effects
Data altera on, corrup on,
or dele on
Risk Mi ga on
 Use of firewalls
 Strong, frequently changed passwords and user IDs
 An -hacking so ware
 Encryp on (note: encryp on makes data unreadable but doesn't prevent
dele on or altera on)
Data the , fraud, iden ty
the


Use of ISP or web browser filters to block phishing emails
User cau on when opening emails and a achments
Avoid responding to suspicious messages
Be cau ous with voicemails reques ng personal data
Iden ty the , fraud
File dele on, system
malfunc ons
An -spyware so ware
Verifying the use of h ps:// and padlock symbols in URLs
 Install and regularly update an -virus so ware
 Avoid unknown email a achments
Use up-to-date an -virus so ware
Avoid downloading suspicious so ware
Key Logging
So ware
Spyware capturing keystrokes to steal
personal data


Adware
Unwanted adver sing so ware
Keep security so ware updated
Ransomware
Malware that encrypts data and demands
ransom for decryp on


Regular backups
Avoid phishing emails
Card Fraud
Illegal use of credit/debit cards via
techniques like shoulder surfing or card
cloning.



Shielding keypad during PIN entry
Using biometrics (e.g., touch or face ID)
Regular monitoring of account statements
Shoulder
Surfing
Card Cloning
Observing a vic m’s ac ons to steal
personal informa on
Duplica ng card informa on using
skimmers or shimmers
Financial loss, iden ty the
Use an -spyware so ware
Use par al password entry systems for added security
Shield PIN entry at ATMs or POS terminals


Use of smart cards with chips
Regular account checks
Biometric technique
Advantages
Fingerprint scans
-
very high accuracy
»one of the most developed biometric techniques very easy to use »
rela vely small storage requirements for the biometric data
created
for some people it is very intrusive, because it is s ll related to criminal
iden fica on
it can make mistakes if skin is dirty or damaged (e.g., cuts to finger)
»»»-
non-intrusive
requires very li le me to verify (about five seconds)
rela vely low-cost technology
»»-
if individuals do not sign their names in a consistent manner there may be
problems with signature verifica on
high error rate of 1 in 50
»»-
very high accuracy
there is no known way to replicate a person’s re na pa ern
-
it is very intrusive
it can be rela vely slow to verify re na scan with stored scans
very expensive to install and set up
-»
-»
-»
-»
-
very high accuracy
verifica on me is generally less than five
seconds
non-intrusive method
rela vely inexpensive technology
-
very intrusive
uses a lot of memory for the data to be stored
very expensive to install and set up
it is affected by changes in ligh ng, the
person’s hair, their age, and if the person is
wearing spectacles
Signature recogni on
Re na scans
Iris recogni on
Face recogni on
Disadvantages
Voice recogni on
»»»
non-intrusive method
verifica on takes less than five seconds rela vely inexpensive
technology
-
a person’s voice can be easily recorded and used for unauthorised access
low accuracy
an illness, such as a cold, can change a person’s voice, making absolute
iden fica on difficult or impossible
Data Security
Protec on
Methods
Biometrics
Descrip on
Components / Process / Methods / Structure /
Techniques
Applica on / Uses
Relies on the unique physical or
behavioral characteris cs of
individuals to verify iden ty.
Techniques:
1. Fingerprint Scans:
Compares fingerprint images to those stored in a
database.
2. Face Recogni on:
Iden fies a person by measuring facial features
such as distance between eyes, nose width,
cheekbone shape, jawline, and eyebrow shape.
3. Signature Recogni on:
Analyzes unique way a person signs their name.
4. Re na Scans:
Analyzes pa erns in re na of eye.
5. Iris Recogni on:
Uses pa erns in iris for iden fica on.
6. Voice Recogni on:
Iden fies people based on their voice pa erns.
Used as security devices in various applica ons, including
smartphones and secure access in industries like pharmaceu cals.
Digital
cer ficates
Pairs of files stored on a user's
computer, ensuring the security
of data sent over the internet.
Structure:
Email Security:
Sender’s Email Address:
- Iden fies the of the message sender’s email
address.
1. Digital Cer ficate Owner:
- Displays cer ficate holder name.
2. Serial Number:
- unique iden fier for cer ficate.
3. Expiry Date:
- Specifies cer ficate validity period
4. Public Key:
- Used for encryp on and digital signatures.
5. Digital Signature of Cer ficate Authority (CA):
- Verifies authen city of cer ficate.
-
The sender a aches a digital cer ficate to an email for secure
transmission.
Recipients can verify the email’s authen city through the public
key included in the a achment.
Protec on Against Harmful Emails:
- Digital cer ficates add a security layer to prevent unauthorized
or harmful emails from reaching recipient.
Two-factor
authen ca on
verifica on process that requires
two methods of authen ca on
to confirm the user's iden ty.
Factors of Authen ca on:
- Something you know (password)
- Something you have (mobile phone)
Commonly used when making online purchases, especially with
credit or debit cards.
User ID and
password
Passwords are used to restrict
access to systems or data and
should be secure and frequently
updated to maintain protec on.
Methods to Protect Passwords
1. Run An -Spyware So ware to prevents passwords
from being captured by malicious spyware.
2. Avoid Easy-to-Guess Passwords such as favorite
colors, pets' names, or common words.
3. Use Obscured Input: When typing passwords, they
appear as **** on screen to prevent onlookers
from seeing them.
4. Verifica on Check by requiring passwords to be
typed twice during crea on to avoid input errors.
Best Prac ces:
Secure Sockets
Layer (SSL)
Secure Sockets Layer (SSL) is a
protocol that ensures secure
data transmission over the
internet.
How SSL works:
Online banking, shopping, email, VoIP, cloud storage
Encryp on
Technique used to protect data
from being read if it is hacked or
accessed illegally.
Process:
Can be either so ware or
hardware that filters incoming
and outgoing network traffic
between the user’s computer
and an external network (e.g.,
the internet).
Firewalls
-
-
Change passwords regularly
Use strong, hard-to-guess passwords
Use an -spyware to protect passwords from being stolen
Encrypts data between user and web server
Iden fied by "h ps" or a padlock icon
-
Protec ng HDDs/SSDs, emails, cloud storage
Preven on of data breaches (e.g., celebrity cloud hacking,
Mexican voter registra on breach)
Types:
-
1.
-
-
Monitors traffic between user’s computer (or internal network)
and public networks like internet.
Evaluates incoming and outgoing data based on a set of userdefined rules or criteria.
If data fails to meet criteria, firewall blocks it and issues a
security warning.
Logs all incoming and outgoing traffic for future review or
interroga on by user or network manager.
Blocks access to specific undesirable IP addresses and websites.
Assists in preven ng unauthorized access to user’s computer or
internal network by viruses or hackers.
No fies user if so ware on system is a emp ng to access an
external data source (e.g., so ware updates), allowing user to
approve or deny ac on.
-
2.
-
Protects data with encryp on and decryp on keys
Encrypted messages (cypher script) and original
messages (plain text)
Hardware Firewall:
A physical device located between the computer
and the internet connec on.
O en referred to as a gateway.
So ware Firewall:
Installed on a computer, some mes integrated
with the opera ng system.
-