Know and understand minimising the potential danger of using the internet including only using trusted websites recommended by teachers, using a search engine that only allows access to age appropriate websites

Topic 8 – Safety and Security (ICT 0417)

Learning Objectives

  • Identify the range of potential dangers when using the Internet, email, social media, online games and ICT equipment.

  • Explain how legislation, school policies and technical tools help to minimise those dangers.

  • Use only teacher‑approved, trusted web sites and an age‑appropriate search engine.

  • Apply safe‑working practices – strong passwords, secure connections, reporting procedures and basic ICT skills such as file‑management and validation checks.

1. Why e‑Safety Matters

The Internet gives instant access to information and communication, but it also creates risks that can affect personal data, reputation and well‑being.

  • Malware, viruses and ransomware – can corrupt or lock data.

  • Inappropriate or harmful content – may be distressing or illegal.

  • Online scams – phishing, pharming, smishing, vishing, card fraud.

  • Cyber‑bullying, harassment and grooming.

  • Privacy breaches – unauthorised collection or sharing of personal data.

  • Copyright infringement – illegal copying of software, images or text.

2. Physical Safety when Using ICT

Physical hazards are part of the syllabus (8.1). The following precautions keep you safe while working with hardware.

  • Power and cables: keep cords away from walkways, never overload sockets, unplug equipment by pulling the plug – not the cord.

  • Ergonomics: sit upright, keep the monitor at eye level, use a chair with back support, take a 5‑minute break every hour.

  • Electrical safety: do not use damaged chargers or adapters, report any sparks or smells immediately.

  • Fire & emergency: know the location of fire extinguishers, never block exits, follow the school’s evacuation drill.

  • Equipment handling: handle laptops, tablets and peripherals gently; use protective cases where provided.

3. Legal Framework & School e‑Safety Policy

3.1 Data‑Protection Legislation (GDPR / Data‑Protection Act)

PrincipleWhat it means for learners
Lawful, fair & transparent processingCollect data only for a clear, legitimate reason and tell the user why.
Purpose limitationUse data only for the purpose it was collected (e.g., a school project).
Data minimisationCollect only the data that is needed – never ask for unnecessary details.
AccuracyKeep personal information up‑to‑date.
SecurityProtect data with passwords, encryption, firewalls etc.
Rights of data subjectsPeople can access, correct or delete their own data.

3.2 Other Relevant Legislation

  • Computer Misuse Act – unauthorised access to systems is a criminal offence.

  • Copyright, Designs and Patents Act – protects creative works; outlines fair dealing and licensing.

3.3 School e‑Safety Policy Checklist (AO2)

Policy ElementWhat students must do
Acceptable UseUse school‑provided accounts only for learning; no personal commercial activity.
Content FilteringAll web traffic passes through the school firewall; SafeSearch is forced on.
Monitoring & LoggingTeachers may review browsing logs; privacy is respected but misuse is recorded.
ConsequencesBreaches may lead to loss of access, parental contact, or disciplinary action.
ReportingAny suspicious or inappropriate content must be reported to a teacher immediately.

4. Recognising Trusted Resources

4.1 Teacher‑Approved Websites – How to Spot Them

CheckWhat to look for
Domain ownership.gov, .edu, .org or a school‑registered domain (e.g., .school.uk).
Secure connectionURL begins with https:// and a padlock icon appears.
Content relevance & appropriatenessMatches the lesson objective and is suitable for the age group.
Ads & downloadsNo pop‑up ads, no unexpected download prompts, and no request for personal data unless required for the task.
Teacher sign‑offListed on the class resource sheet or the school’s approved‑site portal.

4.2 Age‑Appropriate Search Engines

Search EngineSafety FeaturesTypical Classroom Use
Google SafeSearch (restricted mode)Filters explicit content; can be locked by admin console; students cannot turn it off.General research and quick fact‑finding.
KiddleChild‑friendly UI; blocks adult sites; adds extra filtering to Google SafeSearch.Primary & lower‑secondary projects.
SafeSearchKidsReturns results only from vetted educational sites; no ads.Subject‑specific investigations (e.g., science experiments).

4.3 Enabling & Locking SafeSearch (Chrome example)

  1. Open Chrome SettingsPrivacy and securitySite Settings.

  2. Click Additional content settingsSafeSearch.

  3. Toggle Force SafeSearch to On.

  4. Ask your teacher to lock the setting via the school’s admin console.

5. Safe Working Practices (Passwords, Connections, Reporting)

5.1 Password‑Strength Rubric (AO3)

ScoreCriteria
1 – Weak≤ 7 characters, only letters or only numbers.
2 – Moderate8–10 characters, mix of upper‑ and lower‑case letters.
3 – Strong≥ 12 characters, includes upper‑case, lower‑case, numbers and symbols.
4 – Very Strong≥ 16 characters, no dictionary words, uses a pass‑phrase or password manager.

All school accounts must meet at least a Score 3 – Strong rating and be changed every 90 days.

5.2 Two‑Factor Authentication (2FA)

  • First factor: password.

  • Second factor: code sent to a registered mobile device or generated by an authenticator app.

  • 2FA is mandatory for the school portal, email and any cloud storage used for coursework.

5.3 Secure Connections

  • Always check for https:// and the padlock icon before entering any data.

  • Never submit personal information on a site that shows “Not Secure”.

5.4 Reporting Procedure

  1. Do not interact with the suspicious content.

  2. Take a screenshot (Ctrl + Shift + S).

  3. Send the screenshot to your teacher via the school email or the designated reporting form.

  4. Log the incident in the class “e‑Safety Log” for follow‑up.

6. Threats and Corresponding Protection Mechanisms (AO2)

ThreatDescriptionMitigation Tool(s) & How They Help
Malware / VirusSoftware that damages, steals or encrypts data.Antivirus & anti‑malware scanners – detect and quarantine malicious files before they run.
RansomwareEncrypts files and demands payment.Regular backups on the school drive + file‑encryption – restores clean copies without paying.
Phishing (email)Fake messages asking for passwords or personal data.Spam filters + user training – flag suspicious senders; 2FA limits damage if credentials are leaked.
PharmingRedirects a legitimate URL to a fraudulent site.DNS filtering & SSL/TLS – ensures the address you type resolves to the correct server and shows a valid certificate.
Smishing / VishingPhishing via SMS or voice call.Awareness training + never entering credentials on links received by text/phone.
Card fraudUnauthorised use of payment details.Virtual card numbers & secure payment gateways; school policy forbids entering payment data on non‑school sites.
Hacking (unauthorised access)Attackers gain control of accounts or systems.Strong passwords, 2FA, firewalls and regular patching – raise the barrier to entry.

7. Safe Practices for Specific Online Activities

7.1 Internet & Search Engines

  • Only use the school‑filtered search engine.

  • Stay on teacher‑approved sites; avoid “click‑bait” links.

  • Never bypass filters or use a private/incognito window without permission.

7.2 Email

  • Check the sender’s address – look for miss‑spelled domains.

  • Do not open unexpected attachments or click unknown links.

  • Use the school‑provided password + 2FA.

  • Report any suspicious mail to the teacher immediately.

7.3 Social Media (where school policy permits)

  • Set profiles to private and limit friend/follower lists.

  • Never share personal or sensitive data (address, phone number, school timetable).

  • Use the platform’s Report function for bullying, harassment or inappropriate content.

  • Remember: anything posted online can be saved and re‑shared.

7.4 Online Gaming

  • Play under a pseudonym – never use your real name.

  • Do not share personal details or financial information in chat rooms.

  • Enable parental‑control or age‑restriction settings provided by the game.

  • Report abusive players or suspicious links to the game moderator and to your teacher.

8. Copyright & Intellectual Property

8.1 What Can I Use? – Decision Tree

  1. Is the material in the public domain (e.g., works published before 1925)? → Yes → Free to use, no attribution required.

  2. No → Does it have a Creative Commons (CC) licence?

    • CC‑BY or CC‑BY‑SA → Use with proper attribution.

    • CC‑BY‑NC, CC‑BY‑ND, etc. → Check the specific conditions (non‑commercial, no‑derivatives).

  3. No → Is it covered by fair dealing for education (short excerpt, citation, non‑commercial)? → Yes → Use with attribution and keep the excerpt short.

  4. No → Seek permission from the rights holder or find an alternative source.

8.2 Giving Proper Attribution (APA‑style example)

Author, A. A. (Year). Title of work. Publisher. URL (if online)

For Creative Commons: Author (Year). Title. CC‑BY licence. URL

8.3 Using School‑Approved Resources

  • All images, videos and text from the approved‑site list are pre‑checked for licensing.

  • When in doubt, ask the teacher or use the school’s “Media Repository”.

9. Audience Awareness & Ethical Use (AO3)

Choosing the right tone, language and content for the intended audience is a key assessment objective.

9.1 Case Study – School Blog vs Public Forum

AspectSchool Blog (internal)Public Forum (external)
AudiencePeers, teachers, parents – known community.Anyone on the internet – unknown audience.
ContentProject updates, class news – can include photos of classmates with consent.General advice or opinion – must avoid personal details.
ToneFriendly, supportive, school‑appropriate.More formal, neutral, and careful about privacy.
Legal/EthicalSchool policy governs posting; consent forms required for images.Strictly no personal data; must respect copyright and defamation laws.

9.2 Audience‑Suitability Checklist

  • Is the language appropriate for the age and knowledge level of the readers?

  • Have I removed any personal or sensitive information that isn’t needed?

  • Does the tone match the purpose (informative, persuasive, reflective)?

  • Have I cited all sources correctly?

10. Practical ICT Skills Linked to Safety

10.1 File Management & Back‑ups

  1. Save work to the school cloud drive (e.g., Google Drive for Education) – it is automatically backed up.

  2. Use a clear naming convention: SubjectYearTopicVersionDate (e.g., Biology2026CellStructurev20260103).

  3. Keep at most three versions; delete older drafts to avoid clutter.

10.2 Proofing & Validation Checks

  • Check spelling and grammar with the built‑in editor.

  • Validate sources: author, date, publisher, URL, and whether the site is on the approved list.

  • Use the “Plagiarism Checker” provided by the school to ensure originality.

11. Student Checklist – Before Clicking a Link

  1. Log in with your school‑provided account only.

  2. Verify the URL:

    • Starts with https://

    • Domain ends with .gov, .edu, .org or the school’s domain.

  3. Look for the padlock icon – confirms a secure SSL/TLS connection.

  4. Confirm the site appears on the teacher‑approved list (refer to the class resource sheet).

  5. Check that there are no pop‑up ads, download prompts or requests for personal data.

  6. Make sure you are using the age‑appropriate search engine with SafeSearch locked.

  7. Enter a strong password (≥ 12 characters, mix of cases, numbers, symbols) and enable 2FA where available.

  8. Do not share personal or sensitive data unless the teacher explicitly requires it.

  9. If anything looks suspicious, report immediately to your teacher.

  10. When finished, log out and close the browser window.

12. Teacher Responsibilities

  • Compile and regularly update a list of approved websites; explain why each is safe.

  • Configure all school computers to open the school‑filtered search engine as the default homepage.

  • Demonstrate how to recognise a secure connection, identify phishing attempts and set strong passwords.

  • Monitor internet usage via the school firewall or content‑filter logs and intervene when unsafe behaviour is detected.

  • Teach the basics of copyright, Creative Commons licences and ethical publishing.

  • Provide a clear reporting procedure for students to flag inappropriate content or security incidents.

  • Integrate file‑management, proof‑reading and validation checks into practical ICT tasks.

13. Summary Self‑Assessment Checklist (Student)

Action
Using a teacher‑approved website.
URL begins with https:// and shows a padlock.
Search engine is locked in age‑appropriate (SafeSearch) mode.
No personal or sensitive data entered unless the task requires it.
Strong password used (Score ≥ 3) and, where possible, two‑factor authentication enabled.
Any suspicious content or behaviour reported to the teacher.
Files saved with a clear naming convention and backed up on the school drive.
All sources cited correctly and checked against the approved‑site list.

Suggested diagram: Flowchart – “Before clicking a link” → Check URL → Verify padlock → Confirm site on approved list → No pop‑ups/downloads → Click safely.