IT and Ethics

June 23, 2008

This one pisses ticks me off – reports a really disturbing study, (I found it through Deb Perelman’s e-week blog)

The study states that one third of questioned IT workers admits to misusing their position of trust to view information that is not within their job description, or to just plain old fashioned snoop on other peoples personal information.

Personally I subscribe to the Code of Professional Ethics as set forth by the Information Systems Audit and Control Association (ISACA) , and I have zero tolerance for that kind of unethical behaviour.

This is one area where larger organizations have advantages over businesses in the SMB space. Larger organizations have the staff and processes to ensure that there are segregation of duties and the ability to deeply audit all use of privileged accounts.

All is not completely lost, there are methods for SMB’s to reduce this risk;

1) The Network Administrator accounts should have their passwords changed regularly

2) IT Staff are not to use these accounts in their day to day work. Administrator accounts are only to be used when those administrative priveleges are required.

3) For smaller organizations, keep those administrator passwords locked up somewhere and periodically check to ensure IT staff have not “promoted” their own Login account to the administrator level

4) For larger SME organizations, implement and monitor auditing of these accounts.

5) When hiring or contracting – ensure that it is documented that this sort of behaviour is unacceptable.

You can subscribe to this blog by clicking the RSS icon on the Home Page!


One Response to “IT and Ethics”

  1. […] Along with some of the tips in the above article, I have some more in this post titled: IT And Ethics […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s