Introduction
Ethics is an area of study which attempts to distinguish good from bad and right from wrong. Ethics aids in the analysis of the morality of human conduct, social structures, laws, and policies. Computer ethics involves the ethical analysis of privacy and security issues in information technology; it evaluates the moral duties of computer users and computer professionals and the ethical concerns in public policy during the development and use of information technology. Moral evaluations are aimed at establishing a balance amid the interests, rights, and values of individuals in the society and to develop effective courses of action and policies. An IT manager or security professional is, therefore, tasked with the responsibility of protecting the company’s network computer systems, and infrastructure. However, during the performance of their assigned duties, these professionals may be faced with various ethical issues (Leclercq-Vandelannoitte, 2017). The paper critically analyzes the ethical issues faced by Information Technology security professionals and the impacts of computer security breaches.
Computer Security Breaches
Computer security is a computer science domain which incorporates the application of various security components to computer systems with the aim of providing protection against denial of service and the illegal or unauthorized deletion, manipulation, or disclosure of information. System security involves the protection of the computer system’s software and hardware against various harmful programs which may disrupt system resources (Barsky, 2017). Information security, on the other hand, involves the protection of information contained in disk drives on various computer networks or data that is transmitted amid networks. Information security aims at protecting three data aspects which include data availability, integrity, and confidentiality (Mingers & Walsham, 2010). Computer security breaches pose various ethical issues such as the violation of various rights and interests and the possible harms associated with computer security. Economic harm is an example of an obvious harm that is likely to occur due to computer security breaches. Whenever system security is compromised, invaluable software and hardware are likely to be corrupted or damaged and services may be rendered inaccessible; this subsequently results to the loss of resources, money, and time.
Delegate your assignment to our experts and they will do the rest.
According to Leclercq-Vandelannoitte (2017), information security breaches may trigger high economic costs such as the loss of valuable data which may consequently lead to severe economic losses. Computer security breaches may consequently cause severe harms, for instance, death and injury; this may be common in safety-critical computer systems such as computer networks in medical treatment systems, missile systems, air traffic and aircraft control systems, and nuclear-reactor control systems. Compromises of information confidentiality may cause the violation of rights and additional harms. Third parties may undermine the confidentiality of data through accessing the information, copying, and distributing it. Such activities contravene property rights which include intellectual property rights. Secondly, confidentiality compromises may infringe privacy rights; this is common in instances where the accessed data incorporates people’s private information. Compromises regarding information availability tend to contravene freedom rights such as the rights to the freedom of free speech and information.
Computer Crime and Hacking
Major ethical issues facing security professionals incorporate aspects such as hacking and computer crime. IT security professionals usually have access to confidential knowledge and information about companies' and individuals' networks and computer systems which give them an extensive deal of power. The power granted to security professionals may be abused either inadvertently or deliberately. The training and education of IT experts, such as security specialists are often centered on technical skills and knowledge. IT professionals often learn how to execute their assigned tasks with little considerations on how the acquired abilities may be misused. In the course of performing their tasks, an IT security professional may be faced with ethical dilemmas regarding the capacity to hack into various computer systems and the likelihood of executing various cybercrimes. Hacking relates to the utilization of computer techniques to achieve illegal access to various computer systems. Hackers are very proficient computer users who utilize their expertise to access and establish networks with other hackers with the aim of sharing data and knowledge. Hacking incorporates the gaining of illegal access for malicious aims such as stealing software and data, the corruption of data, or the disruption of a system’s operations. Hackers usually rationalize their hacking operations by contending that they generate no actual harm and instead, generate a pragmatic effect on the society. The positive impacts of hacking as asserted include the fact that it enhances the dissemination of data to the benefit of the entire society and it enhances the improvement of software and systems by uncovering security holes (Mingers & Walsham, 2010). These aspects constitute the hackers' code of ethics which act as principles that guide their activities.
Examples of these principles include the notion that data ought to be free, computer access ought to be unrestricted, and the notion that cyberspace activities cannot generate any harm to the actual world. Various studies argue that hacker ethic principles are unsustainable since it counters the conceptualization of intellectual property, it undermines the concept of integrity, privacy, and accuracy of information since information is likely to be modified by anyone who gains its access. Cracking and hacking are considered illegal and therefore, classified as a form of cybercrime. There are two primary forms of computer crime that tend to compromise computer security: cyber-trespass and cyber-vandalism. Cyber-trespass relates to the utilization of IT to acquire unauthorized access to password-protected websites or computer systems (Mingers & Walsham, 2010). According to Mingers & Walsham, cyber-vandalism, on the other hand, relates to the use of IT to release programs that tend to disrupt computer network operations or corrupt information. Cyber-piracy is also a form of cybercrime which involves the use of IT to generate copies of information or propriety software or to disseminate the accessed information across a particular computer network. Cyber-piracy violates computer security in instances where it incorporates the cracking of various copyright protections. Computer fraud is also a form of cybercrime which relies upon cyber-trespass to acquire digital identities, access codes, or passwords and on cyber-vandalism to enhance the modification of data (2010).
Privacy
Another ethical issue faced by IT security professionals involves the aspect of privacy. Privacy is a moral entitlement of individuals that is normally compromised in instances where information systems are being used. Corporations often collect large amounts of information on individuals and companies and utilize it for commercial purposes to control expense, gain market share, enhance profitability, and increase business operations (Leclercq-Vandelannoitte, 2017). However, the privacy of the collected information may be compromised due to various reasons such as ethical standards of security professionals. Some of the ethical dilemmas faced by security professionals include the decision to view a private e-mail of a company’s network user as a measure of security or as a measure to ensure that the organization's rules are not violated and the decision to monitor the websites accessed by the network users, or the decision to place keyloggers on the network machines to capture every concept typed by the user (Barsky, 2017). Barsky further points out that a security professional or network administrator has the privileges and rights that allow him to gain access to most of the information on the systems on the company's network. A security professional or IT administrator also can access encrypted information provided that he has access to recovery account of the agent. The decision made by the IT security professionals about their abilities is dependent upon one's particular job duties and one's ethical beliefs about these particular issues. Ethical assessment of issues regarding security and privacy in computing may aid computer users and professionals to identify and resolve moral issues and establish ethical guidelines and policies for the utilization of information technology. There are various laws that have been enacted by the government to ensure that the concept of privacy is upheld; these laws promote the aspects such as the privacy of customer data (2017).
Conclusion
The distribution and use of information technologies have been revolutionized extensively with the development of various computer technologies. However, various ethical issues tend to compromise the effectiveness of these technologies such as the violation of computer security by security professionals. Security professionals are faced with various ethical issues which include privacy and computer crimes. Privacy is a moral entitlement of individuals that is normally compromised in instances where information systems are being used.
References
Barsky, A. E. (2017). Social Work Practice and Technology: Ethical Issues and Policy Responses. Journal of Technology in Human Services , 35(1), 8-19.
Leclercq-Vandelannoitte, A. (2017). An Ethical Perspective on Emerging Forms of Ubiquitous IT-Based Control. Journal of Business Ethics , 142(1), 139-154.
Mingers, J., & Walsham, G. (2010). Toward Ethical Information Systems: The Contribution of Discourse Ethics. MIS Quarterly , 34(4), 833-854.
