Organisations such as Association for Computer Machinery (ACM) and Australian Computer Society (ACS) are strong advocates of ethical practices by IT personnel and have laid out sets of recommendations. This essay will look at some of their codes and how they can have practical use in reducing clearly identified threats to computer systems.
At the outset, it is important to remember that almost any sort of business enterprise today will have a dedicated IT department. Hence the code of ethics laid down by ACM and ACS are applicable to IT personnel of such departments, irrespective of the business domain of the particular organisation. Some of the frequently occuring information security breaches are common for almost all businesses that are enabled by Information Technology. Broadly speaking, the term system security threats refers to “the acts or incidents that can and will affect the integrity of business systems, which in turn will affect the reliability and privacy of business data”. (Lin, 2006). Irrespective of the size of the organisation, the threat is persistent, and hence measures have to be undertaken to curb security breaches and ensure business continuity.
Beyond the commonly identified security threats such as Viruses, Spyware, Adware, etc, a major source of information leakage and misappropriation occurs due to the abuse/misuse of computer network by employees themselves. (Lin, 2006). Since IT personnel have privileged access to vital business information, it is often very tempting for them to misuse this privilege and undermine the prospects for their employers. Employees are also prone to using Internet connectivity for their personal use when in fact they were strictly meant for official use. For example while email and general Internet access are given to improve productivity, surveys have shown that employees (including IT personnel) use them for such activities as online-shopping, playing games, social