CHAPTER 8

Computer security involves protecting computer systems from harm, theft, and unauthorized
use. As computer usage increases, health and security risks increase, particularly with the
internet. Physical safety concerns involve potential injuries or loss of life. Health safety focuses
on preventing illness or daily contact with computers, while physical safety focuses on
preventing serious injuries or loss.

Safety Risk Cause of Safety Risk Prevention Measures

Electrocution • Spilling liquids / drinks on electric equipment.
• Exposed wires / damaged insulation.
• Unsafe electrical equipment.
• Unsafe electrics (wall sockets) in the office.
• Do not allow drinks to be taken into the computer room.
• Check all wires on regular basis and renew wires if there is any
sign of damaged insulation.
• Ensure all equipment is checked by a qualified electrician on a
regular basis.
• Make use of an RCB (Residual Current Breaker) to prevent
electrocution.

Fire hazard • Overloaded wall sockets (several items plugged
into one wall socket).
• Overheating of computer equipment (due to
poor heat dissipation).
• Exposed wires causing a short circuit.
• Increase the number of wall sockets and do not use too many
extension blocks.
• Do not cover the cooling vents on computer equipment.
• Clean out dust accumulation in computers to prevent
overheating.
• Make sure all equipment is fully tested on a regular basis.
• Ensure there is good room ventilation.
• Use low-voltage equipment wherever possible.
• Have a number of fully tested carbon dioxide / dry powder fire
extinguishers.

Tripping • Trailing wires on the floor. • Use cable ducts to make the wires safe.
hazard • Damaged carpets and other flooring. • Cover exposed wires and hide wires under desks away from
general throughfare.
• Use wireless connectivity wherever possible, therefore
eliminating the need for trailing cables.

Personal • Heavy equipment, unstable, or falling from • Use desks strong enough to take the weight of the computer
injury desks. equipment.
• Desks collapsing under weight / desks not • Use large desks and cables so that hardware is not too close to
designed to take the weight. the edge where it could fall of.
Computer systems are crucial for protecting data and information from harm, theft, and
unauthorized use. As computer usage increases, so do the risks associated with data storage.
Legislation is in place to prevent incorrect or inaccurate data storage, including Data Protection
Acts (DPAs) for both computerized and paper records. These acts protect the rights of
individuals involved in data collection, use, disclosure, destruction, and holding. Failure to
comply can result in fines or imprisonment in many countries.
To prevent data theft, avoid leaving personal information on desks, locking cabinets at the end
of the day, and not leaving data on unattended computer monitors. Log off from the computer
when away from your desk for extended periods. Use secure passwords and user IDs, keeping
them difficult to guess and change frequently. Ensure sensitive emails or faxes are not sent.
Data protection involves fair and lawful processing for the started purpose, ensuring adequate,
relevant, accurate, and not excessive data. Data should not be kept longer than necessary,
and processed in accordance with the data subject's rights. Data must be kept secure and not
transferred to another country without adequate protection.

Personal data includes information about a living person, such as name, address, ID card
number, IP address, and cookie ID. This data can be identified through the individual's
information or in combination with other data.
Personal data, including sensitive information like ethnicity, political views, membership in a
political party, religion, and sexual orientation, is crucial for maintaining confidentiality and
preventing inappropriate disclosure. Encrypting data can help protect it from hackers and
accidental disclosure, ensuring that sensitive information remains secure and protected
from misuse. Therefore, it is essential to take necessary precautions to protect personal and
sensitive data.

E-safety is the balance between the benefits, risks, and responsibilities of using ICT, including
the internet. It involves user behavior and electronic security, particularly when using the
internet. To minimize potential danger, ensure trusted websites, purchase items from secure,
encrypted connections, set device settings to ‘safe search', use recommended websites from
trusted sources, and keep anti-malware software running in the background. It's also important
to log out of sites when finished using them. This approach ensures the safe and responsible
use of technology, while also promoting user behavior and electronic security.

EMAILS
Emails can be dangerous if they come from unknown sources. To avoid these risks, only open
emails from known sources, use an effective email filter, reply only to known senders, verify
email addresses with the real company's website, avoid personal data, and send photos of
yourself. Be cautious of phishing and pharming scams, use strong passwords, and be cautious
when forwarding emails. Avoid clicking on hyperlinks, using unsubscribe links, and using Cc or
To boxes when sending multiple emails.
ONLINE GAMING

Online gaming, a popular form of entertainment, often attracts games players who may not be
aware of the potential risks associated with such activities. These risks include predators,
cyberbullying, webcam use, and voice-masking technology. Additionally, online gaming can
lead to cyber attacks on users' devices and even actual violence in the game itself, which can
potentially escalate into violent behavior in real life.
SOCIAL MEDIA
When using social media, it is crucial to be cautious and know how to block undesirable people.
Avoid sharing personal information, including email addresses or house addresses, with
unknown individuals, and use privacy settings to ensure only trusted individuals can see your
photos. Avoid posting photos in school uniforms, maintain privacy settings, and only make
friends with known or well-known individuals. Be vigilant when using social networking sites,
instant messaging, or chat rooms, reporting suspicious behavior and using appropriate
language. Always use a nickname instead of your real name in chat rooms. Keep private and
personal data secret, and only enter public spaces for private chat rooms. Never arrange to
meet someone on your own, always tell an adult first and meet in a public place. Avoid misuse
of images, including forwarding on others' images, and respect people's confidentiality. In
summary, it is essential to be cautious when using social media and to be vigilant about the
dangers of sharing personal information, sending photos, and respecting confidentiality.

SECURITY OF DATA
Data security is crucial in protecting digital information from unauthorized access throughout its
entire lifecycle. Utilizing technologies like encryption, data masking, and redaction can
streamline audits and regulatory compliance. These tools enhance visibility into critical data
locations and usage, ensuring data security throughout the entire lifecycle.

SUMMARY TYPES OF MALWARES

1. Viruses are programs that replicate to delete or corrupt files, requiring an active host
program on the infected computer or operating system before they can run.
2. Worms are standalone viruses that replicate to spread to other computers, often exploiting
weak security vulnerabilities in networks to exploit their potential.
3. Trojan horses are malicious programs disguised as legitimate software, replacing all parts
of it with the intention of causing harm to the user's computer system.
4. Spyware is software that monitors and collects information, often monitoring key presses,
and sends it back to the sender.
5. Adware is software that displays unwanted advertising, often in the form of pop-ups, and
redirects the user to a fake website with promotional adverbs, often in the browser address
window.
6. Ransomware is a type of software that encrypts user data, requiring payment for a
decryption key, often transmitted through a trojan horse or social engineering.
CARD FRAUD
Card fraud is the illegal use of credit or debit cards, often resulting from theft or cloning.
Shoulder surfing is a form of data theft where criminals steal personal information from victims
while using cash dispensing machines, handheld point-of-sale devices, or smartphones. To
avoid this, shield the keyboard when using ATMs, never key in data in a public place, and
avoid speaking card details into your smartphone. In public places, avoid near security
cameras and use biometrics on your device. Card cloning involves copying a credit or debit
card using a magnetic stripe, which can be recorded by a skimmer. Skimmers can be placed in
ATM slots to read all data from a card. Smart cards, which contain a microchip, have been
introduced to combat card cloning and provide more security. A different device, known as a
shimmer, is now used to read these smart cards.

PROTECTION OF DATA
Data protection is crucial in safeguarding sensitive information from damage, loss, or
corruption, especially as the volume of data generated and stored has surged. Authentication
and encryption are essential tools for verifying data source security and enhancing internet data
security.

BIOMETRICS
1.Fingerprints

• Very high accuracy.

• One of the most developed biometric techniques.
• Very easy to use.
• Relatively small storage requirements for the biometric data created.
• For some people it is very intrusive, because it is related to criminal identification.
2.Signature Recognition

• Non-intrusive.
• Requires very little time to verify.
• Relatively low-cost technology.
• If individuals do not sign their names in a consistent manner there may be problems
with signature verification.
• High error rate of 1 in 50. It can make mistakes if the skin is dirty or damaged.
3. Retina Scans

• Very high accuracy.

• There is no known way to replicate a person's retina pattern.
• It is very intrusive.
• It can be relatively slow to verify retina scan with stored scans.
• Very expensive to install and set up.
4. Iris recognition
• Very high accuracy.
• Verification time is generally less than five seconds.
• Very intrusive.
• Uses a lot of memory for the data to be stored.
• Very expensive to install and set up.
4.Face recognition

• Non-intrusive method.
• Relatively inexpensive technology.
• It is affected by changes in lighting, the person's hair, their age, and if the person is
wearing spectacles.

5.Voice Recognition
• Non-intrusive method.
• Verification takes less than five seconds.
• A person's voice can be easily recorded and used for unauthorized access.
• Low accuracy.
• An illness, can changes a person's voice, making absolute identification difficult or
impossible.

DIGITAL CERTIFICATES
Digital certificate is a pair of files stored on user’s computer - these are used to ensure the
security of data sent over the internet. Each pair of files is divided into two:
• Public key (which can be accessed by anyone).
• Private key (known to the computer user only).
SECURE SOCKET LAYER (SSL)
SSL is a protocol that ensures secure data transmission over the internet. It encrypts data when
a user logs onto a website, allowing only the user's computer and web server to understand it.
SSL certificates, small data files, digitally bind an encryption key to an organization's details.
When installed on a web server, they display the green padlock and the https protocol.

ENCYRPTION
Encryption protects data from hacking or illegal access, but it is useless unless the recipient has
the necessary decryption tools. Example of Encryption and Decryption:
Encrypt the connection with your email provider Encrypt the actual email messages Encrypt stored or archives email messages

• Encrypting your email supplier connection safeguards Encryption of emails themselves• Any backed-up messages stored on your
against unauthorized users from intercepting andprevents a hacker making sense of email supplier's server also need to be
capturing login details and any sent or receivedany intercepted messages. encrypted.
emails. • It a hacker acquires access to this server,
• Encryption provides additional protection for emails as they could then gain access to your
they leave your email supplier's server and travel to stored or archived messages.
their destination server.

FIREWALL
A firewall, either software or hardware, protects a user's computer from external threats by
filtering incoming and outgoing network traffic, allowing or denying access based on user
preferences.
Two-factor Authentication
Two-factor authentication utilizes common factors such as a PIN code, a mobile device, and
unique biometrics for verification, primarily used in online purchases with credit/debit cards, to
ensure user identity.
USER ID AND PASSWORD
Passwords are essential for securing data and systems, and should be hard to break and
frequently changed. They are also used for internet access. To protect passwords, run
antispyware software and change them regularly. Strong passwords should contain at least
one capital letter, one numerical value, and one other keyboard character, while being easy
to remember.