Ethical Issues for IT Security Personnel

Posted on July 4, 2023 by Cheapest Assignment

Order Now
ACCT90009SCM Online Practice Exam Suggested Solutions to Short Case Studies


Security consulting for IT firms can be associated with the paramount significance of data confidentiality. It has been observed that multiple companies and even competing ones are hiring similar IT companies and security consultants for their data encryption and system security needs. However, the instances of leaks of security strategies to competitors leading to breaches have created potential questions regarding the ethical concerns of IT security consultants. IT security professionals are generally liable to access confidential data about the networks and systems of the organization thereby anointing substantial power in their hands (D.Shinder, 2005). The access to confidential data can be misused by the person either inadvertently or knowingly on purpose. Thereby contemporary precedents for associations between IT security consultants and firms have been largely aligned with the preservation of ethical concerns of IT security.

Gibbs Reflective Cycle 

Access to confidential information of an organization could lead IT security personnel to leak it to another organization that may benefit from the data thereby leading to losses for the former. The ethical aspect of the IT security process must be largely inclined towards safeguarding the confidentiality of the client’s network and system data. The prominent references to the training of IT security personnel in comprehensive technical information and skills also indicate the lack of information regarding how technology can be misused. The majority of IT security personnel are not aware of the presence of ethical issues and therefore they tend to oversee the crucial nature of ethical aspects in terms of job performance (Johansen, 2015). Ethical concerns related to privacy have become more prominent in recent times, especially with the notable examples observed in the feasibility of reading private e-mails of network users, employee emails, and disclosure of vital company information. It is also necessary to understand the demarcation between the legal implications and ethical aspects of IT security since legal implications are realized through certain precedents that dictate the approach for the organization to monitor every activity of the employee with the computer equipment (McCrie, 2015).

Writing the perfect 650-word essay

While it is not ethically incorrect for an IT security professional to work for two competing firms, there are no legal barriers for an individual to be employed as an IT security professional by two competing firms. It is also imperative to consider that the basic ethical consideration for IT security personnel is to refrain from revealing information about one client to other clients without specific permission. The implications of non-disclosure agreements involved in contracts for IT security consultants are necessary for validating the mandate for security. The personnel has to realize that despite the lack of formal requirements of legal protection instruments, they are obliged to the ethical obligation of sustaining the privacy of company information (Pollock, 2014). The plausible course of action in case of learning about things from one of the clients and communicating it to the other clients would be to skip any ambiguities about loyalty and underlying factors that could draw toward unethical behavior. The utilization of information gained from client A to accomplish benefits for the other client B could not be validated on the grounds of professional ethics. Generally, such scenarios create potential indications of the proliferation of a real-world ethical dilemma and also have long-term consequences (McCrie, 2015). For instance, the transfer of confidential information to other companies could lead to the exposure of the valuable trade secrets of an enterprise as well as the limitations on employment opportunities for security personnel in the future. On the other hand, it can also be observed from a critical perspective that confidential information of an enterprise indicating any violation of government regulations or laws could be transferred to concerned government agencies which would not be accounted as an ethical violation (Pollock, 2014).

Management and Organisations in a Global Environment


Therefore, consultants as well as firms must undertake proactive approaches to safeguard the company information from unethical breaches. Some of the essential measures which could be initiated for ensuring compliance of IT security professionals with the ethical obligations of data security include encryption of electronic copies of data, monitoring of security instruments in industrial intelligence frameworks, and refraining from communication of physical copies of information.


D.Shinder (2005), ‘Ethical Issues for IT security professionals. [Online]. Available‐issues‐for‐it‐security‐professionals.html [Accessed 28‐July‐2017]

Johansen, R. (2015). Ethical Hacking Code of Ethics: Security, Risk & Issues. Viitattu maaliskuu.

McCrie, R. (2015). Security operations management. Butterworth-Heinemann.

Pollock, J. M. (2014). Ethical Issues in Policing. Controversies in Policing, 119.


Order Now