Physical Safety

1. Electrocution: ICT devices require electrical power to charge or run; the

electrical device can cause electrocution, caused by the electric current moving
through a body, causing fatal injuries and/or death.
There are multiple causes for electrocution, including:
 Contact between liquid substances and electronic devices: Keep
liquids away from electrical equipment.
 Open cables: Ensure that cables are entirely insulated and packed and
use circuit breakers or fuses to prevent electrical overload.
2. Fire: ICT devices require electricity to charge or run; too many devices using
a single socket can cause the plug socket to overload, and heat is generated by
too much electricity, causing the wiring to degrade and ignite a fire.
The causes and reduction tactics for fire include:
 Socket overload: Ensure enough plug sockets in the room, don’t plug too
many devices into the same socket, and don’t leave devices plugged in
and unattended.
 Overheated equipment: Ensure that equipment is properly ventilated
and not obstructed, keep flammable materials away from heat sources,
regularly check equipment for signs of wear or damage, use fire
extinguishers in case of emergencies, turn off or unplug devices when
away from the location, do not cover any air vents on devices.
3. Trailing cables: Devices can be plugged in using cables. Cables that are
protruding can cause an accident; you can trip over a cable left out in a location,
and body damage can occur during a fall, for example, breaking bones, ligament
damage, bruising, sprains, etc. depending on the area fell on
Trailing cables causes and prevention strategies:
 Unorganized/insecure cables: use cable ties to secure cables, keep
cables packed correctly in, let’s say, a table, therefore not coming in the
way of walking paths, use wireless devices where possible, and regularly
inspect cables for signs of wear or damage.
4. Heavy falling equipment: Devices have varying levels of weight, and if a
device falls on you, it could cause injury; any device should be placed in a secure
location, like a PC on a solid desk and not near the edge.
Causes and reduction tactics for falling equipment:
 Improperly secured equipment: Ensure that equipment is properly
secured and stable. Regularly check the stability of locations containing
devices.
 Equipment on unstable surfaces: Keep equipment away from edges
and other potential hazards, and regularly inspect equipment and
locations containing devices for signs of wear or damage.
eSafety
Data Protection
The Data Protection Act (DPA) controls personal data collection, storage and
processing.
 In the UK, the European Union’s General Data Protection Regulation
(GDPR)
 Protects personal data, whether stored on paper or a computer system
Principles of the Data Protection Act
 Data must be processed lawfully, fairly, and transparently, with clear
consent from the individual.
 Data should only be collected for specific, explicit, and legitimate
purposes.
 Organizations should only collect and retain the minimum personal data
necessary for their stated purpose.
 Data should be accurate and up-to-date, and reasonable steps must be
taken to rectify or erase inaccurate information.
 Personal data should not be kept longer than necessary and should be
securely deleted when no longer needed.
 Organizations must protect personal data against unauthorized or unlawful
processing, accidental loss, destruction, or damage.
Why is data protection legislation required?
 Protecting Individual Rights: Data protection legislation safeguards
individuals' right to privacy and control over their personal information.
 Preventing Misuse of Personal Data: It helps prevent unauthorized
access, identity theft, fraud, and other forms of data misuse.
 Promoting Trust: Data protection laws build trust between individuals
and organizations by ensuring their personal information is handled
responsibly.
 Encouraging Responsible Data Handling: Legislation promotes
responsible data collection, storage, and processing practices among
organizations.
 Enabling Data Subject Rights: Legislation grants individuals rights such
as access to their data, right to rectification, erasure, and objection to
processing.
Personal Data
 Refers to information that can be used to identify an individual
 Examples
 o Personal Name

o Address

o Date of birth

o A photograph in school uniform

o Medical history

 Threats that can be avoided by protecting personal data:

o Identity theft

o Privacy breaches

o Misuse of the information

o Data be sold to third-party companies

o Individuals could be held to ransom over personal data gathered

o could be used to commit a physical crime

 How to avoid inappropriate data disclosure:

o Personal data must be kept confidential and protected through
privacy settings on websites such as social media or strong
passwords on websites where personal data is held or used
o Access to personal data should be limited to authorized individuals

o Think before you post - consider what information could be gathered

from your image or content
o Check website details about the collection, storage, and use of
personal data
o Only access websites where personal data is used or viewed when
on a secure, encrypted connection
eSafety
 E-safety is knowing about and using the internet safely and responsibly.
 It refers to when an individual is using the internet, email, social media, or
online gaming.
 E-safety refers to the individual knowing how to protect themselves from
potential dangers and threats.
The Need for eSafety
 Awareness that personal information should not be shared freely
 Awareness of how to act online and avoid falling victim creates a safe and
respectful environment.
  Identify and avoid online scams, phishing attempts, and fraudulent
websites that may try to trick them into sharing personal or financial
information.
 Mindful of online behaviour and interactions, protecting your digital
reputation, which can have long-term consequences in your personal and
professional life.
 Control privacy settings on social media platforms, limiting who can
access/view personal information and posts.
 Avoid encountering explicit or harmful content online, reducing the risk of
exposure to inappropriate material or online predators.
 Engage in online gaming responsibly, avoid sharing personal details, and
behave respectfully towards other players.
 Protecting devices from malware, viruses, and other online threats,
preventing data loss, privacy breaches, or device damage.
 Develop responsible online behaviours, promoting respectful conduct
while interacting with others online.
 Maintain a healthy balance between online and offline lives, reducing the
risk of addiction, mental health issues, or negative impacts on
relationships and self-esteem.
Safety Suggestions
 The internet:
o Use trusted websites recommended by teachers or reputable
sources
o Utilize search engines that only allow access to age-appropriate
websites and use filters to ensure inappropriate content is not seen
o Never reveal personal information

 Email:
o Be aware of the potential dangers of opening or replying to emails
from unknown people, including attachments; potential dangers
include phishing, spam
o Ensure you know who the email is for when considering sending
personal data or images via email, only with people you know and
not with identifiable content like school photos
 Social media:
o Know how to block and report people who send content or
messages that are unwanted
o Know where the privacy settings are to reduce the number of
people who can see your posts or images
 o Be aware of the potential dangers of meeting online contacts face
to face; do not meet anyone you do not know; if you do, take an
adult and meet publicly.
o Do not distribute inappropriate images and inappropriate language

o Respect the confidentiality of personal data belonging to other

people
o Only accept friend requests from people you know

o Parents should be aware of what you are doing online, discuss what
you are doing online
o Do not post images or details that can be used to locate you

 Online gaming:
o Do not use real names as usernames

o Never share personal or financial details with other players

o Know how to block and report players for inappropriate messages or

comments
 Sensitive Data is data that might result in loss of an advantage or level
of security if disclosed to others. I.e., ethnicity, religion, criminal record,
etc. At the same time, personal data can be used to identify the user, i.e.,
passport number, name, age, etc.
Security of Data
Threats
There are multiple methods by which data can be threatened, including:
 Hacking: Unauthorized access to computer systems or networks to gain
control, steal information, or cause damage, thus leading to identity theft,
privacy breaches, and misuse of data
 Phishing: Deceptive emails or messages that are received from trusted
sources to trick individuals into revealing personal data
 Pharming: Manipulation of DNS (Domain Name System) to redirect users
to fraudulent websites, often to steal personal data
 Smishing: Phishing attacks carried out through SMS or text messages
 Vishing: (aka voicemail phishing) Phishing attacks carried out through
voice messages to trick users into calling the telephone number contained
in the message
 Viruses and malware: Viruses are program codes that can
replicate/copy themselves to cause data loss or corruption. Malicious
software designed to disrupt, damage, or gain unauthorised access to
computer systems or networks
  Card fraud: Unauthorized use of credit or debit card information for
fraudulent purposes caused by shoulder surfing, card cloning, or
keylogging.
Protection of Data
Multiple techniques are implied for the protection of data, inclusive:
1. Biometrics:
 Individuals' distinctive physical or behavioural traits, such as fingerprints,
faces, or irises, can be used for access control and verification. Since
biometric data is hard to fake or duplicate, it offers a more secure form of
identification.
2. Digital certificate:
 A digital record that attests to a website's reliability and integrity. A digital
certificate is used to provide safe communication and to build confidence
between parties. Identifier data, the entity's public key, and a third party's
digital signature are frequently found in digital certificates.
3. Secure Socket Layer (SSL):
 A protocol that creates a secure connection between a client computer
and a server. SSL ensures that information communicated between a
server and client stays private and cannot be intercepted or changed by
unauthorized parties. A website's identification for it is the S at the end of
HTTP.
4. Encryption:
 It is creating data in a format that cannot be read without a decryption
key. Data on hard drives, emails, cloud storage, and secure websites
(HTTPS) are all protected by encryption. Without a decryption key, it
assures that even if unauthorized people obtain data, it cannot be
decoded.

5. Firewall:
 A firewall is a network security device that monitors and manages
incoming and outgoing network traffic. Its goal is to separate an internal
network from other networks by filtering data according to established
criteria. It assists in preventing malware, unauthorized access, and other
network risks.
6. Two-factor authentication:
 A security mechanism that requests two different kinds of identification
from users to confirm their identity. To provide additional protection
outside of just a username and password, 2FA was created. Typically, it
combines something that uniquely identifies a user, like biometric data,
with something the user has, like a smartphone and a token or something
they know, like a password.
7. User ID and password:
 A typical authentication technique uses a password plus a secret code
(user ID) to identify. To strengthen data security, user IDs and passwords
restrict access to only authorized users. Using secure passwords and
changing them frequently is critical to ensure security. When creating
passwords, it is advised to utilize a mix of uppercase, lowercase, digits,
and special characters.