Aim and purpose This unit introduces the common types of threat to ICT systems and data and methods of protecting against them. It also covers an awareness of the applications of cryptography to ICT systems and data. Unit introduction Individuals and organisations need to be confident that IT systems are reliable and secure. This is particularly important in such activities as emailing, internet purchases, online services and instant data retrieval. Where this cannot be relied on then the whole use of IT systems is undermined. Security should not unnecessarily impede access or effective use. Breaches in security may be caused by human actions, either accidentally or by malicious intent, negligence or through incorrect installation, configuration or operation. In this unit learners will explore ways of maintaining the integrity of IT systems by controlling and monitoring physical access, protecting hardware and protecting data by, for example, encryption. This requires knowledge of both physical and access control security and their application in a real-world situation. Attacks against computer-based systems are commonplace and increasing and therefore the IT practitioner needs to develop skills to be able to combat such threats. This unit enables learners to understand why security is necessary, the potential dangers, and how to protect systems and data.