Thursday, August 04, 2005

Privacy Issues for IT Security Professionals


Ethical & privacy issues for IT security professionals is covered in this ComputerWorld article looking at the sensitive data available to "Computer Guys" in all businesses, including outsourced consultants who handle IT for multiple clients. Reference is made to ethics courses for medical professionals during their education and pointing out that security consultants are often unschooled in ethics.

This lack of ethics education could lead to unethical behavior by IT guys, but I doubt it. If they are unethical, they will snoop on company emails and may install key loggers to tap into client secrets (whether personal or corporate) and if they are ethical, they may be exposed to secrets in their work, but will respect the boundaries of ethics and not abuse their knowledge or access.

I noted in an earlier post last week that insiders at Google would have access to vast stores of data about those of us that use multiple Google company services for ourselves and our clients. I hope that the big G has ethics courses and policies internally to keep the employees from exploiting the huge databases of customer information. Outsourcing is less likely at a technology company, but it is still possible that vendors and partners could have access to Google customer data and unethical people are, unfortunately, everywhere.

I agree that ethics should be taught to IT pros-in-training, but don't think it will lead to changing the human nature of those who might exploit their access privileges and rout databases for sensitive information to sell, or otherwise abuse. Ethics can be taught, but adoption of ethical standards will depend on whether the IT personnel choose good or evil. Will they respect the privacy of employees at companies where they work?

We can only hope those doing the hiring of IT pros don't hire those with questionable ethics and somehow screen out the bad guys. Our privacy and security is at stake and in the hands of IT professionals that we must trust. Large scale data breaches have proven how tenuous that trust is.

Save To Del.icio.us    Digg! Digg This!
posted by RealitySEO at 11:33 AM

0 Comments:

Post a Comment

<< Home