The ethical issues entails the following: Privacy and confidentiality of the user’s information, Integrity -- assuring that data and programs are not modified without proper authority, Unimpaired service delivery, Consistency -- ensuring that the data and behavior that is visible is the same over and over again and finally the aspect of Controlling access to resources.
Authentication entails a process where the users engages in verification of their identity hence it deals with the problem of determination and the decision of whether or not the user should be allowed to gain access to a particular given system.
I am not supposed to read the private emails of the network users just because I can to avoid violating independence and confidentiality of the individuals. The compromise of the employee information is experienced whenever there is interfering with the database of the workers. It is not okay to read the employee’s email as a security measure because it leads to violation of the rights of individual.
The systems of internal control are the one assigned the responsibility of checking leakage of information. The company policy contains provision that the client computer can be checked thoroughly incase fraud is detected the employees should not be allowed to know that their emails have been read because it is necessary to disclose the same. Ethical issues for it security professionals in Herman Australia (1).
It is necessary to monitor the websites that the network users are using in order to curtail the pornographic sites and other malicious actions by the users. The detrimental aspect of keeping the log of visited sites is deemed necessary ensuring that the internet and network is not perpetrating criminal actions.
There is need to check the logs of all the visited checks thus it is negligent not monitor such Internet usage by the intention that violates its usage. It is not okay to place key loggers on the machines with the intention of capturing everything the user types. This action amounts to a lot of work and instead that time could have been utilized in productive capacity. The users should not be informed in case there is use of cc TV camera because it is monitoring to detect the improper usage of the network without their consent. The screen capture programs are not necessary as this is using a lot of resources where physical observation could have been used. The users should not be informed in order to notice the violators as well as the access of websites that are disallowed.
It is very much okay to check the computer Management and the documents that are stored on the file server to determine whether they are the cause of the problem or have any harmful content. The graphics can be checked in this case scenario to get the content and type of information that is hidden in the directories whether it is of harmful nature or discouraged. The information technology expert is authorized to read the current documents being used as at that time by the users of the computers (2).
Supposed the client confronts me in an attempt to save money by cutting out some measures pertaining to the security that I recommend I will avoid from engaging in any contractual arrangement with that particular client because he/she can make be terminated from the employment. In case the client is not cooperating even where I have offered further explanation on the same issue the resulting solution is to call for a senior most authority to deal with the matter at hand. The configuration of the network is not to be conducted in a less secure manner and which entails exposure to the third party.
(1) D. Shinder, ‘Ethical Issues for IT security professionals’, Herman: Parker, 2015.
(2)M. Vincent, et al. The information technology expert is authorized to read the current documents being used as at that time by the users of the computers, B. M. New York: Institution of computer pros, 2015, pp.289-315.