Ethical Issues for IT Security Personnel for Risk- myassignmenthelp

Question: Discuss about theEthical Issues for IT Security Personnel for Risk. Answer: Introduction: Security consulting for IT firms can be associated with the paramount significance of data confidentiality. It has been observed that multiple companies and even competing ones are hiring similar IT companies and security consultants for their data encryption and system security needs. However, the instances of leaks of security strategies to competitors leading to breaches have created potential questions regarding the ethical concerns of IT security consultants. IT security professionals are generally liable to access confidential data pertaining to the networks and systems of the organization thereby anointing substantial power in their hands (D.Shinder, 2005). The access to confidential data can be misused by the person either inadvertently or knowingly on purpose. Thereby contemporary precedents for associations between IT security consultants and firms have been largely aligned with the preservation of ethical concerns of IT security. Access to confidential information of an organization could lead IT security personnel to leak it to another organization that may benefit from the data thereby leading to losses for the former. The ethical aspect of the IT security process must be largely inclined towards safeguarding the confidentiality of clients network and system data. The prominent references to training of IT security personnel in the comprehensive technical information and skills also indicate the lack of information regarding the ways in which technology can be misused. Majority of IT security personnel are not aware of the presence of ethical issues and therefore they tend to oversee the crucial nature of ethical aspects in terms of job performance (Johansen, 2015). Ethical concerns related to privacy have become more prominent in the recent times especially with the notable examples observed in the feasibility of reading private e-mail of network users, employee email and disclosure of vital company inform ation. It is also necessary to understand the demarcation between the legal implications and ethical aspects of IT security since legal implications are realized through certain precedents that dictate the approach for the organization to monitor every activity of the employee with the computer equipment (McCrie, 2015). While it is not ethically incorrect for an IT security professional to work for two competing firms, there are no legal barriers for an individual to be employed as IT security professional by two competing firms. It is also imperative to consider that the basic ethical consideration for IT security personnel is to refrain from revealing information of one client to other clients without specific permission. The implications of non-disclosure agreements involved in contracts for IT security consultants are necessary for validating the mandate for security. The personnel have to realize that despite the lack of formal requirement of legal protection instrument, they are obliged to the ethical obligation of sustaining the privacy of company information (Pollock, 2014). The plausible course of action in case of learning about the things from one of the clients and communicating it to the other clients would be to skip any ambiguities pertaining to loyalty and underlying factors that cou ld draw towards unethical behaviour. The utilization of information gained from client A to accomplish benefits for the other client B could not be validated on the grounds of professional ethics. Generally, such scenarios create potential indications towards proliferation of a real world ethical dilemma and also have long term consequences (McCrie, 2015). For instance, the transfer of confidential information to other company could lead to exposure of the valuable trade secrets of an enterprise as well as the limitations on employment opportunities for security personnel in the future. On the other hand, it can also be observed from a critical perspective that confidential information of an enterprise indicating any violation of government regulations or laws could be transferred to concerned government agencies which would not be accounted as ethical violation (Pollock, 2014). Conclusion: Therefore, consultants as well as firms must undertake proactive approaches to safeguard the company information from unethical breaches. Some of the essential measures which could be initiated for ensuring compliance of IT security professionals with the ethical obligations of data security include encryption of electronic copies of data, monitoring of security instruments in industrial intelligence frameworks and refraining from communication of physical copies of information. References D.Shinder (2005), Ethical Issues for IT security professionals. [Online]. Available https://www.computerworld.com/article/2557944/security0/ethical?issues?for?it?security?professionals.html [Accessed 28?July?2017] Johansen, R. (2015). Ethical Hacking Code of Ethics: Security, Risk Issues. Viitattu maaliskuu. McCrie, R. (2015). Security operations management. Butterworth-Heinemann. Pollock, J. M. (2014). Ethical Issues in Policing. Controversies in Policing, 119.