Professional Documents
Culture Documents
Esafety and Health and Safety
Esafety and Health and Safety
Theory Notes
Safety and Security When Using Computers
Why personal data should be kept confidential?
As the use of computers continues to expand, the health risks and security risks continue to
increase. Many of these risks are associated with the internet which poses a great risk to
younger people unless they are vigilant at all times. But large businesses are also at risk from
hackers, pharming attacks and viruses, for example. Many of the precautions people and
business can take are common sense but, it also requires additional knowledge to know how to
protect yourself from these external attacks.
E‐safety
E‐safety refers to safety when using the internet, i.e. keeping personal data safe and applies to
any of the following devices:
Mobile phones
Computer or tablet
Games console
Wireless technology
Personal data refers to any data concerning a living person who can be identified either from
the data itself from the data in conjunction with other information. Examples of personal data
include:
Name
Address
Date of birth
Medical history
Banking details
Some personal data is often referred to as sensitive personal data and includes:
Ethnic origin
Political views
Religion
Criminal activity
E‐safety also refers to the benefits, risks and responsibilities when using ICT. The following list
gives some idea of the e‐safety issues that can be encountered by users of ICT hardware:
Don’t give out any personal information to people who are unknown to you.
IT (9626)
Theory Notes
Don’t send people photos of yourself, either online or via a mobile phone.
Always maintain your privacy settings on whatever device is being used online or during
communications.
When accessing the internet make sure the websites being visited can be trusted.
Only open emails from known sources.
Only email people you know. Think carefully before opening an email.
It is extremely important to be vigilant when using social networking sites, instant
messaging or chat rooms.
Security of data
There are a number of security risks associated with any electronic device that connects to a
network. The following covers a range of security risks to data:
Hacking
Phishing
Pharming
Smishing
Vishing
Spyware
Viruses
Spam
Hacking
Description
This is the act of gaining unauthorized access to a computer system.
Possible effects
This can lead to identity theft or misuse of personal information
Data can be deleted, changed or corrupted on a user’s computer
Methods to help prevent the security risk
Use of firewalls
Use of strong passwords and user IDs
IT (9626)
Theory Notes
Phishing
Description
The creator sends a legitimate‐looking email to target users. As soon as the recipient
clicks on a link in the email or attachment, they are sent to a fake website or they are
fooled into giving personal data in replying to the email. The email often appears to come
from a trusted source, such as a bank or a well‐known service provider.
Possible effects
The creator of the email can gain personal data, such as bank account data or
credit card numbers, from the user.
This can lead to fraud or identity theft.
Methods to help prevent the security risk
Many ISPs or web browsers filter out phishing emails.
Users should always be cautious when opening emails or attachments.
Don’t click on executable attachments that end in .exe, .bat, .com or .php for
example.
Pharming
Description
This a malicious code installed on a user’s computer or on a web server, the code will
redirect the user to a fake website without their knowledge.
Possible effects
The creator of the malicious code can gain personal data such as credit/debit card
details from users when they visit the fake website, usually the website appears to
be that of a well‐known trusted company.
Pharming can lead to fraud or identity theft.
Methods to help prevent the security risk
Some anti‐spyware can identify and remove pharming code from a user’s
computer.
The user should always be alert and look out for clues that they are being
redirected to another website.
IT (9626)
Theory Notes
Smishing
Description
Short for SMS phishing, uses the SMS system of mobile phones to send out fake text
messages. It is very similar to phishing.
Possible effects
These scams often contain a URL or telephone number embedded in the text
message. The recipient will be asked to log on to the website or make a telephone
call. If they do, they will be asked to supply personal details such as credit/debit
card numbers or passwords. As with phishing attacks, the text message will appear
to come from a legitimate source and will make a claim, for example, that they
have won a prize or that they need to contact their bank urgently.
Vishing
Description
Vishing (voice mail phishing) is another variation of phishing.
Possible effects
This uses a voice mail message to trick the user into calling the telephone number
contained in the message. As will all phishing attacks, the user will be asked to
supply personal data thinking they are talking to a legitimate company.
Spyware
Description
This is software that gathers data by monitoring key presses on the user’s keyboard. The
generated data is then sent back to the person who sent the software.
Possible effects
Spyware gives the originator access to all data entered using a keyboard on the
user’s computer.
The software is able to install other spyware, read cookie data and also change a
user’s default browser.
Methods to help prevent the security risk
Use anti‐spyware software to reduce the risk.
IT (9626)
Theory Notes
The user should always be alert and check for clues that their keyboard activity is being
monitored.
Viruses
Description
This is a program code or software that can replicate/copy itself with the intention of
deleting or corrupting files on a computer. They often cause the computer to
malfunction, for example, by filling in the hard drive with data.
Possible effects
Viruses can cause the computer to crash, stop functioning normally or become
unresponsive.
The virus can delete files or data stored on a computer.
It can corrupt operating system files, making the computer run slowly or even
crash.
Methods to help prevent the security risk
Install anti‐virus software and update it regularly.
Don’t use software from unknown sources.
Be careful when opening emails or attachments from unknown senders.
Spam
Description
Spam, often referred to as junk email, is usually sent out to a recipient who is on a
mailing list or mailing group.
Possible effects
Spammers obtain these email addresses from chat rooms, websites, newsgroups
and even certain viruses that have been set up to harvest a user’s contact list.
While spam is rarely a security risk, it can lead to denial of services, for example,
by clogging up the bandwidth on the internet. However, spam can be linked to
phishing attacks or even the spread of computer viruses, so it should be treated
with some caution.
Methods to help prevent the security risk
Many ISPs filter out spam or junk mail.
When using the junk email filter, set the protection level to high.
IT (9626)
Theory Notes
Look out for check boxes that are already selected when items are bought online.
Do not reply to an email that seems to have come from an unknown source.
IT (9626)
Theory Notes
Malware Issues
Trojan Horse
Trojans are a class of malware that take their name from the way they infect computers. Trojans
hide themselves within seemingly harmless programs or try to trick you into installing them.
Trojans do not replicate by infecting other files or computers. Instead, Trojans survive by going
unnoticed: they may sit quietly in your computer, collecting information or setting up holes in
your security, or they may just take over your computer and lock you out.
Some of the more common actions that Trojans take are:
Creating backdoors: some Trojans will make changes to your security system so that your data
and device can be accessed by their controller.
Spying: some Trojans are designed to wait until you access your online accounts or enter your
credit card details, and then send your data back to whoever is in control.
Steal you passwords: some Trojans are made to steal your passwords for your most important
online accounts.
Worms
Computer worms are similar to viruses in that they replicate functional copies of themselves and
can cause the same type of damage. In contrast to viruses, which require the spreading of an
infected host file, worms are standalone software and do not require a host program or human
help to propagate. To spread, worms either exploit a vulnerability on the target system or use
some kind of social engineering to trick users into executing them. A worm enters a computer
through a vulnerability in the system and takes advantage of file‐transport or information‐
transport features on the system, allowing it to travel unaided.
Malicious Bots
"Bot" is derived from the word "robot" and is an automated process that interacts with other
network services. Bots often automate tasks and provide information or services that would
otherwise be conducted by a human being. A typical use of bots is to gather information (such
as web crawlers), or interact automatically with instant messaging (IM), Internet Relay
Chat (IRC), or other web interfaces. They may also be used to interact dynamically with
websites.
IT (9626)
Theory Notes
Bots can be used for either good or malicious intent. A malicious bot is self‐propagating
malware designed to infect a host and connect back to a central server or servers. In addition to
the worm‐like ability to self‐propagate, bots can include the ability to log keystrokes, gather
passwords, capture and analyze packets, gather financial information etc.
Adware
Adware software can display and/or download advertisements and may be considered privacy‐
invasive. Adware tracks your computer's web usage to feed you undesired ad pop ups or
redirect you to unwanted pages.
Adware can hijack your home page and take you to sites you aren’t interested in, allow pop up
ads that are disruptive to your system. Since they run every time you turn on your computer,
they can cause slowdowns and software conflicts that can make your computer unstable.
Rootkit
Rootkit is an application (or set of applications), that hides its presence or presence of another
application (virus, spyware, etc.) on the computer, using some of the lower layers of the
operating system, which makes them almost undetectable by common anti‐malware software.
Rootkit can get to a computer using various ways. The most common way is through some
trojan horse or some suspicious email attachment. Also surfing the web may result in
installation of a rootkit, for example when "special" plugin (pretending to be legitimate) is
needed to correctly view some webpage, to launch some file, etc.
Ransomware
Ransomware stops you from using your PC. It holds your PC or files for ransom. There are
different types of ransomware. However, all of them will prevent you from using your PC
normally, and they will all ask you to do something before you can use your PC.
They can:
Prevent you from accessing Windows.
Encrypt files so you can't use them.
Stop certain apps from running (like your web browser).
Often the ransomware will claim you have done something illegal with your PC, and that you are
being fined by a police force or government agency.
These claims are false. It is a scare tactic designed to make you pay the money without telling
anyone who might be able to restore your PC.
There is no guarantee that paying the fine or doing what the ransomware tells you will give
access to your PC or files again.
IT (9626)
Theory Notes
Health and Safety Issues
Health Issues
If we use a computer for many hours (as people often do at work), there are some health issues
that might affect us.
Eye‐Strain
One health issue that can occur after using computers for a long time is eye‐strain
(tiredness of the eyes).
This is caused by looking at a monitor which is a constant distance away. The muscles
that focus your eyes do not move, and so get tired and painful. Eye‐strain can also cause
headaches.
Solution:
Look away from the monitor at regular intervals – re‐focus on distant or close objects to
exercise the muscles in the eye.
Take regular breaks.
Use an anti‐glare filter in front of the monitor to cut down on screen reflections that can
also tire the eyes.
Back and Neck Ache
Many people suffer from back and neck pain after working at a computer for a long time.
This is usually due to them having a bad sitting posture.
Solution:
Use an adjustable, ergonomic chair, and take the time to set it up properly.
The computer keyboard and monitor should be at the correct height for the seated
person (keyboard lower than the elbow, top of monitor at eye level).
Take regular breaks: get up, walk around, stretch your muscles
Repetitive Strain Injury (RSI) in Wrists and Hands
Any repetitive movement (same movement over and over again) can result in a health
problem called repetitive strain injury (RSI).
In particular, typing and using a mouse for long periods are common causes of RSI in the
wrist (it is often called carpal‐tunnel syndrome).
IT (9626)
Theory Notes
Solution:
Use a wrist‐rest to support the wrists while typing and when using the mouse.
Take regular breaks from typing or using the mouse.
Safety Issues
You wouldn't imagine that using computers could be dangerous, but there are a few situations
that can result in accidents.
Trailing Cables
Computer equipment is often connected to lots of cables: power, network, etc.
If these cables are lying on the floor, they can cause people to trip over them.
Solution: Place cables inside cable ducts, or under the carpet / flooring.
Spilt Drinks or Food
If any liquids are spilt on electrical equipment, such as a computer, it can result in
damage to the equipment, or an electric shock to the user.
Solution: Keep drinks and food away from computers.
Overloaded Power Sockets
Plugging too many power cables into a socket can result in the socket being overloaded,
overheating, and a fire starting.
Solution: Never plug too many cables into a socket. Always make sure there are fire
extinguishers nearby.
Heavy Objects Falling
Many items of computer equipment are very heavy: CRT monitors, laser printers, etc.
Heavy items can cause serious injury if they fall on people.
Solution: Make sure equipment is placed on strong tables / shelves.