Code:
ETHICAL ISSUES FOR SECURITY PROFESSIONALS
Computer and network security is a paramount priority in any institution or organization. With the rise in computer usage and international networking, network and computer security is jeopardized. There has been an alarming increase in cybercrimes, hacking, tapping, espionage sabotage and many more security threats to computers and networks (Riordan, 2009).
One of the most important issues and which has been neglected by many is the ethical issues for IT securiy professionals.According to the article, Shinder argues that there are several ethical issues which arise in the place of work which may pose a threat to computer and network security (Shinder, 2005). For instance, should one read private employee mails using the company network, is right to do so? Ethically it is wrong and it’s against the privacy rights of employees as stipulated by the privacy act. On the other hand, it should be noted that policies and standards should be set so that sensitive information be put in place to ensure that company information is not disclosed.
Another factor to consider is that should the security personnel monitor the use of company network? Should they keep an eye on the website so that it is only accessed by the network users? Security personnel should monitor these activities and keep a log of websites visited by the network users to prevent improper network use which may be a computer or network security threat. However, the professionals should use a policy to prevent conflict and infringement of employee’s privacy rights (Noir, 2005).
These factors are a vital necessity for network and computer security and given the fact that as an administrator or security personnel one has the ability to access all data and information in a system or network, even the encrypted data. But what one does with these abilities depend on one’s ethical beliefs and also the regulation by legal legislations on privacy.
It is common knowledge that network professional and experts have access to much private information that is used by computer users. It is even possible for these professionals to get access to data which have been encrypted if they happen to have encryption keys that have been used in these security schemes. What the computer profession does with such critical and important information depended on the responsibilities that that person has and the personal beliefs and issues that pertain ethics for that particular individual.
The article has raised numerous questions but has not attempted to provide answers or solutions due to mere fact that the question here is is it ethical? We should bear in mind that the IT profession is new unlike the other professions which are more defined and established. Thus most activities and encounters have not been codified in into law and further still there is no standard mandatory oversight body to establish the code of ethics to be followed by the professionals (Shinder, 2005.
However in the recent past the issues of ethical behavior which is important for security reasons is beginning to be addressed. Associations have formed which have formulated their own code of conduct which is a lee way to ensuring system and network security without infringing on privacy rights.
References
Noir, S. (2005). IT Ethics Handbook. Syngress publishers.
Riordan, J. (2009). Computer and information security handbook. Morgan Kaufmann Publishers. Massachusetts
Shinder, D. (2005). Ethical issues for IT security professionals. Retrieved on 30 January 2012 from http://www.windowsecurity.com/articles/misc_network_security/