Tuesday, May 5, 2020
Ethical Issues for IT Security for Identification- myassignmenthelp
Question: Discusss about theEthical Issues for IT Security Personnelfor Identification. Answer Introduction IT professionals and consultants have to be guided by prescribed code of conduct in their line of duty. According to Nemeth (2012), IEEE code of conduct for IT professionals outlines various practices that has to be met by all IT consultants and professionals who work for more than one client. All responsibilities to manage clients system and offer required services are at hands of IT professionals but how they handle one clients needs should differ from the other. IEEE code of conduct that guides relationship between an IT consultant and its clients stipulates that, all IT professionals should act in a manner that suites specific customer and has to be consistent with public interests. In this regard, if an observation has been made on client A during service delivery and can be useful in client B case, it would be best for the consultant to use only when client B need arises. This would help in upholding integrity and independence of the service delivery (Zafar Clark, 2009). A req uirement that works best in scenario A may not work in scenario B because of the difference in nature of the business. Identification First, Greitzer Frincke (2010) argues that, IT professionals has to maintain required integrity and service independence when doing their personal judgment. This makes it clear that, copying of ideas may work but in relation to IEEE standards, integrity and independence of service delivery is very important when working for multiple clients. Similarly, privacy of organization in regard to its operational procedures should not be exposed by IT professionals owing to the facts that, they are solving problem by implementing technology from another organization without approved copyrights (Davies, Hertig Gilbride, 2015) Analyze Though working with multiple clients helps IT professionals coordinate their activities well by learning from various environment, if it has to be done, it has to done when all procedures and organizational system requirements are in place. The responsibility of keeping what service provider has been implemented in other organization may not be ethical if it poses great competition to latter organization. Professionally, it would be worthy to implement ideas that have their origin from other organization because it infringes copyrights code of conduct (Siponen Vance, 2010). Due to lack of knowledge and ignorance, some of IT consultants and professionals have been copying what they learn from other clients without knowledge of the first client Greitzer Frincke (2010). It is important to understand rules that govern copyright and innovation since innovation in one organization should not be implemented in another organization without knowledge of the latter. Additionally, it would not be professional to start implementing some ideas because it may amount to loss of operational secrecy from one organization to the other. Mainly, operational procedure of any business are determined by technology in place and duplicating what has been learnt form one customer to the other may pose competitive problems in the market (Dark, 2011). A good example is in manufacturing industry where several organization produce almost related products are they severely compete in the market. As an IT consultant to both organizations, borrowing of ideas related to technology and implementing them in competitors system discloses ways of operation of one company (Davies, Hertig Gilbride, 2015). In market environment, such an event may end up pushing one of the organizations out of market without even the knowledge of IT personnel because the goal was to solve problem but a lot of business secrets has been lost. Evaluation/ Justification As an employee of several organizations, determining what belongs to organization and to individual as an employee is quite important because it helps in solving trades offs in service delivery to specific client in relation to terms of agreement. As a system administrator in two competing firms, knowing a secret on how company A secures its data is of important to me and gives administrator more skills on how to handle data. If at the same time the same administrator is working for company B and same methodology can applied to secure data, it would be applicable to implement it in company B provided no technological infrastructure has been imported from one firm to the other. In such a scenario, only technology can be employed but not carrying physical assets such as software of company A for use in company B. Technology transfer might be allowed but implementation capabilities be done in quite different operational environment. Conclusion IEEE principles of conduct has to be followed by all IT professionals irrespective of number of employers being served. Where technology is being borrowed from one company to the other, copyright rules should be followed. Best IT professional practices helps in delivering quality services to all clients. References Dark, M. J. (2011). Information assurance and security ethics in complex systems: Interdisciplinary perspectives. Hershey, PA: Information Science Reference. Davies, S. J., Hertig, C. A., Gilbride, B. P. (2015). Security supervision and management: The theory and practice of asset protection. Greitzer, F. L., Frincke, D. A. (2010). Combining traditional cyber security audit data with psychosocial data: towards predictive modeling for insider threat mitigation. Insider Threats in Cyber Security, 85-113. Nemeth, C. P. (2012). Private security and the law. Amsterdam: Elsevier Butterworth Heinemann. Siponen, M., Vance, A. (2010). Neutralization: new insights into the problem of employee information systems security policy violations. MIS quarterly, 487-502. Zafar, H., Clark, J. G. (2009). Current state of information security research in IS.Communications of the Association for Information Systems, 24(1), 34.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.