Safety and Security

What you'll learn

Safety and security form a critical component of the CIE IGCSE Information and Communication Technology syllabus, examining both physical protection of hardware and digital protection of data. This topic requires understanding the distinction between safety (protecting people and equipment from harm) and security (protecting data and systems from unauthorised access, theft or damage). Exam questions frequently test your ability to identify appropriate security measures for given scenarios and explain why specific threats require particular prevention strategies.

Key terms and definitions

Physical security — measures taken to protect hardware, buildings and people from physical threats such as theft, fire, vandalism or natural disasters.

Data security — protecting data and information from unauthorised access, corruption, loss or theft through hardware, software and procedural methods.

Authentication — the process of verifying that a user is who they claim to be, typically through passwords, biometrics or security tokens.

Encryption — converting data into a coded format that can only be read by someone with the correct decryption key, protecting data during transmission and storage.

Malware — malicious software designed to damage, disrupt or gain unauthorised access to computer systems, including viruses, worms, trojans and spyware.

Firewall — a security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules, blocking unauthorised access.

Phishing — a cyber attack that uses fraudulent emails or websites disguised as legitimate sources to trick users into revealing sensitive information such as passwords or credit card numbers.

Backup — creating duplicate copies of data stored separately from the original, enabling recovery if the original data is lost, corrupted or damaged.

Core concepts

Physical security measures

Physical security protects hardware and prevents unauthorised physical access to computer systems and networks. CIE IGCSE exam questions often ask you to suggest appropriate physical security measures for specific contexts like schools, offices or data centres.

Door locks and access control systems restrict entry to buildings or specific rooms containing sensitive equipment. Biometric scanners (fingerprint or retina recognition) provide stronger security than traditional keys or keypads, as credentials cannot be easily shared or copied.

CCTV cameras monitor premises continuously, deterring theft and vandalism while providing evidence if security breaches occur. Digital CCTV systems can store footage for extended periods and enable remote monitoring.

Security guards provide active surveillance and can respond immediately to incidents. They verify visitor identity, maintain sign-in logs and patrol premises outside normal working hours.

Equipment marking and logging involves engraving or tagging devices with identification numbers and maintaining asset registers. This deters theft (marked equipment is harder to sell) and aids recovery if devices are stolen.

Cable locks physically secure laptops and portable devices to desks, preventing opportunistic theft in offices or public spaces.

Environmental controls protect hardware from physical damage:

• Air conditioning and ventilation systems prevent overheating
• Uninterruptible Power Supplies (UPS) protect against power surges and provide backup power during outages
• Fire suppression systems use inert gases rather than water to extinguish fires without damaging electronic equipment
• Raised flooring protects cabling and provides airflow in server rooms

Data security measures

Data security focuses on protecting information from unauthorised access, modification or deletion. This involves multiple layers of defense combining hardware, software and procedural approaches.

User authentication methods verify identity before granting system access:

• Passwords should be strong (8+ characters, mixing letters, numbers and symbols), changed regularly and never shared. Systems should enforce password complexity rules and lock accounts after repeated failed login attempts.
• Biometric authentication uses unique physical characteristics (fingerprints, facial recognition, iris scans) that cannot be forgotten, shared or easily replicated.
• Two-factor authentication (2FA) requires two different verification methods, typically something you know (password) and something you have (code sent to mobile phone), significantly increasing security.

Access levels and permissions ensure users can only access data necessary for their role. Network administrators assign different privilege levels, preventing standard users from accessing sensitive files or system settings. This principle of "least privilege" limits potential damage from compromised accounts.

Encryption protects data during transmission and storage. Secure websites use HTTPS protocol with SSL/TLS encryption, indicated by a padlock icon in the browser address bar. Full disk encryption protects laptop data if devices are stolen. Encrypted emails prevent interception during transmission across networks.

Firewalls examine data packets entering or leaving networks, blocking suspicious traffic according to configured rules. Hardware firewalls protect entire networks at the router level, while software firewalls protect individual computers. Both are necessary for comprehensive protection.

Backup strategies ensure data can be recovered after loss or corruption:

• Full backups copy all data but require significant time and storage space
• Incremental backups copy only data changed since the last backup, saving time and space
• 3-2-1 rule: maintain three copies of data, on two different media types, with one copy stored off-site
• Regular backup schedules (daily, weekly) ensure minimal data loss if recovery is needed
• Testing restore procedures verifies backups work correctly before they're critically needed

Online threats and cyber attacks

Understanding specific threats enables appropriate prevention measures. CIE IGCSE questions frequently provide scenarios requiring you to identify threats and suggest suitable protection methods.

Viruses are malicious programs that attach to legitimate files and spread when infected files are shared. They can delete files, corrupt data or make systems unusable. Viruses require user action (opening infected files) to spread.

Worms self-replicate and spread automatically across networks without user intervention, consuming bandwidth and system resources. They can spread rapidly through email contacts or network connections.

Trojans disguise themselves as legitimate software but contain hidden malicious code. Unlike viruses, they don't self-replicate but create backdoors for hackers to access systems remotely.

Spyware secretly monitors user activity, recording keystrokes (keyloggers), capturing passwords, tracking browsing habits or stealing personal information without user knowledge.

Ransomware encrypts victim's files and demands payment for the decryption key. It spreads through phishing emails or software vulnerabilities and can paralyse entire organisations.

Phishing attacks use fake emails appearing to come from banks, online retailers or social media platforms. They create urgency ("Your account will be closed!") and include links to fraudulent websites designed to steal login credentials or payment details.

Pharming redirects users from legitimate websites to fake copies without their knowledge, typically through DNS manipulation or malware. Users believe they're on the genuine site while entering sensitive information.

DDoS (Distributed Denial of Service) attacks flood servers with massive traffic volumes from multiple sources, overwhelming systems and making websites or services unavailable to legitimate users.

Prevention and protection strategies

Effective protection requires layered defenses combining technical solutions with user awareness and procedures.

Anti-virus software scans files for known malware signatures and suspicious behaviour patterns. It must be:

• Kept up-to-date with latest virus definitions (daily automatic updates)
• Configured to scan all downloaded files and removable media
• Set to perform full system scans regularly (weekly)
• From reputable vendors with proven detection rates

Software updates and patches fix security vulnerabilities that hackers exploit. Operating systems, browsers and applications should enable automatic updates. Security patches must be applied promptly as exploits spread rapidly once vulnerabilities are publicised.

Safe browsing practices reduce exposure to threats:

• Only download software from official sources
• Check URLs carefully before entering credentials
• Look for HTTPS and padlock icons on websites handling sensitive data
• Avoid clicking links in unsolicited emails
• Use browser privacy settings and consider ad-blockers

Email security awareness prevents phishing success:

• Verify sender addresses carefully (look for subtle misspellings)
• Don't open unexpected attachments, even from known contacts
• Be suspicious of urgent requests for personal information or payments
• Hover over links to preview destinations before clicking

Strong password management creates robust authentication:

• Never reuse passwords across multiple sites
• Consider password managers to generate and store complex passwords securely
• Change passwords immediately if breaches are suspected
• Never share passwords or write them down in accessible locations

User education and training remains crucial because many breaches exploit human error rather than technical vulnerabilities. Staff training should cover:

• Recognising phishing attempts and social engineering tactics
• Following data protection policies and procedures
• Reporting security incidents promptly
• Understanding their role in maintaining organisational security

Worked examples

Example 1: School network security scenario

Question: A school stores student data and examination results on its network. Describe four different security measures the school should implement to protect this sensitive data. [8 marks]

Mark scheme approach: Two marks per measure (1 mark for naming, 1 mark for explanation of how it protects the data).

Model answer:

User authentication with access levels [1] — Teachers and administrators are assigned different privilege levels, ensuring administrative staff can access examination results but teaching staff cannot modify them [1].

Firewall protection [1] — A firewall monitors all incoming and outgoing network traffic, blocking unauthorised external access attempts to the school's servers containing student data [1].

Encrypted backups stored off-site [1] — Backup copies of student data are encrypted to prevent unauthorised reading if storage media is stolen, and stored in a separate building so data can be recovered if the main school building is damaged by fire [1].

Anti-virus software with automatic updates [1] — Virus protection software scans all files and blocks malware that could corrupt or delete student records, with daily definition updates ensuring protection against newly discovered threats [1].

Example 2: E-commerce security question

Question: An online retailer asks customers to enter payment card details when purchasing products.

(a) Explain how encryption protects the customer's card details during transmission. [3 marks]

(b) Describe two other security features the retailer's website should implement to protect customer data. [4 marks]

Model answer:

(a) The card details are converted into coded/scrambled format [1] using an encryption algorithm and key [1]. If intercepted during transmission across the internet, the data cannot be read without the correct decryption key [1].

(b) Two-factor authentication [1] — After entering username and password, customers receive a code sent to their registered mobile phone which must be entered before accessing their account, preventing unauthorised access even if passwords are stolen [1].

Digital certificates and HTTPS [1] — The website uses SSL/TLS certificates to verify its identity to customers and establish secure connections, shown by HTTPS in the address bar and padlock icon, giving customers confidence they're on the genuine website [1].

Example 3: Physical security analysis

Question: A company has experienced several laptop thefts from its offices. Suggest three physical security measures the company could implement and explain how each would reduce theft. [6 marks]

Model answer:

Cable locks attached to desks [1] — Employees connect security cables from laptops to fixed desk points, preventing opportunistic thieves from simply picking up and walking away with devices [1].

CCTV cameras in offices and entrances [1] — Visible cameras deter potential thieves who know their actions are being recorded, and footage can identify thieves and provide evidence for prosecution [1].

Biometric access control on office doors [1] — Fingerprint scanners restrict entry to authorised employees only, preventing unauthorised persons entering areas containing laptops and making it easier to identify who accessed offices when thefts occurred [1].

Common mistakes and how to avoid them

• Confusing safety with security — Safety protects people from harm (ergonomic furniture, cable management to prevent trips), while security protects hardware and data from unauthorised access or theft. Read questions carefully to identify which is being tested.

• Listing features without explaining how they provide protection — Stating "use passwords" gains limited marks. Exam answers must explain the mechanism: "Passwords authenticate users by verifying identity before granting access, preventing unauthorised persons accessing sensitive data."

• Suggesting only software solutions for physical threats — If hardware is being stolen, anti-virus software offers no protection. Match prevention methods to threat types: physical security for physical threats, digital security for cyber threats.

• Describing generic encryption without context — Simply defining encryption is insufficient. Explain its application: "HTTPS encrypts data during transmission between customer browser and retailer's server, preventing interception by hackers monitoring network traffic."

• Forgetting backup storage location details — Stating "make backups" alone is incomplete. Specify backup frequency, media type and crucially that copies are stored off-site to protect against fire, flood or theft affecting the primary location.

• Recommending impractical measures without considering context — Suggesting retina scanners for a small office computer is unrealistic and would gain no credit. Consider proportionality, cost and practicality when suggesting security measures for specific scenarios.

Exam technique for Safety and Security

• Command word "Describe" typically requires two elements: naming the measure/threat and explaining how it works or what protection it provides. Allocate marks accordingly (2-mark questions expect both elements; 1-mark questions may require just identification).

• Scenario-based questions are common — read contexts carefully and tailor answers appropriately. Security measures suitable for a bank differ from those appropriate for a school. Consider the organisation type, data sensitivity and threat likelihood when answering.

• Compare questions require explicit comparison statements, not separate descriptions. Use comparative language: "Biometric authentication is more secure than passwords because physical characteristics cannot be forgotten, shared or guessed" rather than describing each separately.

• Extended response questions may ask for multiple measures with explanations. Structure answers clearly (bullet points or numbered lists), ensure each point is distinct, and provide sufficient technical detail to demonstrate understanding rather than superficial knowledge.

Quick revision summary

Safety protects people and equipment from physical harm; security protects data and systems from unauthorised access, theft or damage. Physical security includes locks, CCTV, access controls and environmental protection. Data security employs authentication, encryption, firewalls, access levels and regular backups. Major threats include viruses, worms, trojans, ransomware, phishing and DDoS attacks. Prevention requires anti-virus software, firewalls, software updates, strong passwords, two-factor authentication and user education. Match security measures to specific threats, explaining mechanisms rather than just listing features. Consider context when suggesting solutions in exam scenarios.