Information Technology and Ethics/Ethics for IT Professionals

IT Professional Defined
Information technology (IT) is defined as “the use of any computers, storage, networking, infrastructure and processes to create, process, store, secure and exchange all forms of electronic data.” Hence, an IT professional is a person who works in the information technology field. The term can refer to the engineering of software products, implementation, and maintenance control of the user's network and server systems after it has gone to use. IT professionals can also include people who received education in a computer-related institution and people who possess vast knowledge in information technology.

Qualities of an IT Professional
1.      Diligence. Professionals in the IT field, such as developers, analysts, and system administrators, are associated with adhering to the ethical standards of their profession. Their work should be done with diligence and accuracy, free from assumptions and standardization.

2.      Updated. They are needed to keep up their knowledge and technical expertise in their field with the changing IT environments to satisfy users' needs.

3.      Skills and expertise. IT professionals have the skills to perform appropriate tasks or perform tasks that can cause damage to weak software systems, for example, a payroll system; these systems are at high risk of economic crisis where IT professionals are required to either correct the vulnerabilities or leave them exposed to cause harm.

Responsibilities of an IT Professional
The responsibilities of an IT professional include both job duties and moral and ethical obligations. Job duties vary from one professional to another, but typically they are centered around the management of computer-based information systems.

Differences from other Professionals
There exists a clear divide between professionals and pioneers of the IT industry and specialists from other fields. Information technology is a part of every aspect of human life. Hence, the development and improvement of this industry significantly affects the human race. These obligations put significant responsibility on IT professionals for their actions. These must be aimed at bettering human lives.

Moral Distinction
As a part of being a professional, IT specialists must have codes of ethical standards. These include the Association for Computing Machinery (ACM), the Electrical and Electronics Engineers Computer Society (IEEE-CS) , and others.

IT professionals have some universal moral obligations as part of their jobs. Commitments include integrity, competence, professionalism, work, and societal responsibilities. An established and updated set of professional ethics will help all IT professionals. It will guide them through intricate interactions and relationships in their workspace. Since IT professions impact the broad society, it is crucial to hold professional ethics for all IT specialists.

Legal Distinction
One distinction between doctors, lawyers, and IT professionals is that while the state must license doctors and lawyers, no such requirement exists for IT professionals. Since a government authority does not license them, many courts have said that IT workers do not meet the legal definition and are thus not liable for malpractice. It can also be argued that not every IT occupation requires advanced knowledge, and thus not every IT worker can be considered an IT professional.

However, there are numerous legal regulations that IT professionals have to abide by. Some of these laws in the United States include HIPAA, Gramm-Leach-Bliley Act, FISMA, CISA, and National Cybersecurity Protection Advancement Act.

Job Titles of an IT Professional
There are an array of jobs under the IT professional umbrella. A few, but not all IT job titles include:


 * Support Specialists
 * Support professionals are in charge of analyzing and resolving a company's computer network and hardware issues. They can work in various businesses, providing general support to employees, or in a technology or software as a service (SaaS) organization, providing technical support on user experience issues that require technical assistance.
 * Computer Programmers
 * A computer programmer uses coding languages such as HTML, JavaScript, and CSS to create new computer software. Computer game software can indeed be modified to improve online gameplay, allowing programmers to address issues after the game is published to the general audience.
 * Technicians
 * A technician works with support specialists to investigate and fix computer problems. They also monitor processing functions, install essential software, and test computer hardware and software as needed. Technicians may also teach a new software or functionality to a company's employees, clients, or other consumers.
 * Systems Analysts
 * A systems analyst examines design elements and applies information technology skills to solve business problems. They identify infrastructure changes that are required to streamline business and IT operations. They can also help technologists teach workers to put the improvements they propose into action.
 * Network Engineers
 * Network engineers are responsible for the day-to-day maintenance and development of a company's computer network, leveraging their expertise to ensure that it is accessible and valuable to all employees.

Where the IT Professional fits in the Organization
So, as simple as it sounds, an IT professional fits or belongs in the IT department. Now, within the IT department, you have branches needed. There's no right or wrong answer because people have different strengths. For example, if you need a programmer, you wouldn't put a support specialist in the programmer department of your IT staff because it won't be feasible to do. People with well diverse backgrounds that pivoted within the company can move around if appropriately trained, but it is entirely up to the department they think is the best fit for you. The IT department inside a firm involved in designing, managing, and maintaining information technology systems and services is an IT organization (information technology organization). In a large corporation, the IT department may also be in charge of strategic planning to ensure that all IT projects are aligned with its objectives. Depending on the company's demands, IT organizational structures might be centralized or decentralized. The IT department is usually led by a Chief Information Officer (CIO) in a major corporation. An IT director or operations manager may be in charge of smaller IT enterprises.

Contractor from an Outsourced service provider
IT professionals, just like other industries, there are all different types of outsourcing services, such as Structured cabling systems to application development. Due to the essential nature of, the IT industry’s complicated architecture, there are different IT professionals, networks, support desks, hardware, system services, security, infrastructure, internet, and so on. All need to work together just like an orchestra. Enterprises owners are more likely to hire contractors from service providers to save money. However, Contractors are not the employee of the Enterprises, due to different company cultures or working habits, there are a lot of ethical problems would arise:

SLA
A lot of service providers just provide on-site professional services. However, there is no detailed SLA or service level agreement. For example, the typical on-site service will charge clients per man day. A project should be finished in 100 Man Day. But the service provider may charge the client 200 Man-Day or even more. At the same time, the client may always adjust their project expectation to deny paying the service fee. One example would be if a service provider performed work that was not supported by the vendor. All these contradictions were caused by no clear SLA. both client and vendor, or service provider, may lose a lot of profits. Some clients want to terminate the SLA or the contract but have no appropriate execution, so the client will give a lot of difficult tasks to the contractors to finish, or refuse the contractor to use the Internet connection, which is very important to their jobs. Some client even asks the contractor to log what he did every minute.

Service Termination
Service Termination is caused by the project being finished, which is expected. Another is caused by a client's financial problem. If the contractor from the service provider has no other client, the contractor may lose his job. Big IT service providers such as TATA, HP, or IBM, have a lot of projects, and this kind of problem does not exist. Small businesses may be closed due to service Termination. On the side of the client, no need to pay a compensative salary to the contractor, it is not good, ethically. But transfer the cost to the service provider.

Security
Every company has its security policy, such as access card, server account, and database access. I remember many years ago, I went to a client’s server room to install the software. The client’s boss asked a staff member to open the door and let me in. Then he left. I found the door in the server room can not open inside. I refused to work and asked whether the client provides me with a temporary visitor access card or a staff member accompanied me. It is very dangerous to be locked in the server room. Once on fire, all the doors will be locked and the automatic fire extinguishing device will release a kind of toxic gas. Meanwhile, some contractors changed jobs whereas not return the access card or the client did not lock the contractor’s account timely, which will lead to information security problems.

Internal cross-department
IT professionals also work with colleagues from other departments. Different business units have different KPIs, the same project may have different expectations. Here are some decennia for cross-department:
 * CASE 1. As a support engineer, my job is to install software for clients and provide a platinum service for clients for free. Another team from my company, the sales team, committed to the client that the platinum service will be handed over to the client. So the sales asked me to provide the password to the client for the platinum service. I denied the request. Very simply, I can not violate the company’s security policy.
 * CASE 2. The software we installed has a bug that leads to the server rebooting again and again. The sales consultant noticed the bug will be released next week from the internal website. The sales manager asked me to apply the patch for the client. How can I apply a patch which is not been released? I also denied the request.
 * CASE 3: There is a project manager who will manage the project and may be involved with different teams or business units. Another IT engineer just finished the software installation. The PM asked me to take over his job and it is a priority. After talking to the department manager, I denied the PM’s request. The PM is not my boss.

To sum up, every IT professional should not violate the policy and let his direct boss coordinate with others in the project.

Change job to competitions
Due to financial problems, an employee may experience no salary increase. He may change his job for a better salary. It is a very common thing to switch jobs to a competitor’s company for IT professions. For a freshman, just graduating from college without any experience, his buddy or senior staff or his boss may teach him a lot of things. The company may demand him a high expectations. Unfortunately, he changed his job and the new employer is the competition of the old employer, even though it is legal does not mean it is ethical. For example, if the employee masters the core technology, the old company may fail in the market.

Xiaolang Zhang who worked for Apple, was arrested by the FBI in 2019, when he was ready to board the flight to China, got the offer of Xiao Peng Car, Xiaolang had the key hardware and software of auto-piloting core technology.

To sum up, this kind of situation should find a solution from a legal perspective. Ethically we can not stop it.

Codes of Ethics
Ethics and law, although often related, are not the same. Some laws reflect ethics and morality, but some things are perfectly legal that are not necessarily ethical. So where do ethics come from?

In a general context, ethics come from society and what people have decided is right and wrong. Ethics could stem from religion or simply strong values that are passed from parents to children. Often, especially in professional fields, ethics codes will be assembled to provide a guideline for how professionals should conduct themselves. There are many sources from which IT professionals can learn codes of ethics for implementation in their careers.

Codes of Conduct
Often, businesses or employers will devise a code of conduct for their employees, so they have documented guidelines regarding behavior in the work environment. They outline “what the organization aspires to become” and “rules and principles by which members of the organization are expected to abide.

Certifications
Certifications are another way for IT professionals to learn about ethics, as many organizations that offer certifications include ethics as part of the covered material. Certifications are defined as “the action or process of providing someone or something with an official document attesting to a status or level of achievement.”

Some common certifications are the CompTIA A+, Network+, or Security+ certifications, Cisco’s CCNA, Red Hat’s RHCE, or ISACA’s CISA. Often these certifications make certificate holders promise to uphold the standards as given in the certification materials. For example:

All persons having obtained any CompTIA certification or certificate program ("Certified Person") and taking part in CompTIA's Continuing Education Program ("CCEP") must agree that they have read and will abide by the terms and conditions of this CompTIA Candidate Code of Ethics Policy ("Ethics Policy")


 * A Certified Person shall offer and provide professional services with integrity.
 * A Certified Person shall perform professional services in a manner that is fair and reasonable to clients, principals, partners and employers, and shall disclose conflict(s) of interest in providing such services.
 * A Certified Person shall provide services to clients competently and maintain the necessary knowledge and skill to continue to do so in those areas in which they are certified.

The above is an excerpt from CompTIA’s Candidate Code of Ethics, a code that it asserts all CompTIA certificate holders must abide by.

Organizations
There exist some organizations whose purpose is to establish ethical codes for professionals. Often these organizations are specific to specific fields/professions. These organizations typically release their codes of ethics alongside certifications. Essentially, members of the organization are admitted either by simply applying or completing certifications and joining. By joining, members attest they understand and promise to abide by these ethical rules while practicing their profession.

Some organizations for IT ethics include IEEE, ISACA, and ACM. These organizations have their own ethics codes for members. For example:

1.1  Contribute to society and to human well-being, acknowledging that all people are stakeholders in computing.

1.2  Avoid harm.

1.3  Be honest and trustworthy.

1.4  Be fair and take action not to discriminate.

1.5  Respect the work required to produce new ideas, inventions, creative works, and computing artifacts.

1.6  Respect privacy.

This is an excerpt from the “General Ethical Principles” section of the ACM Code of Ethics and Professional Conduct.

How Certifications Affect The Ethical Behavior of IT Professionals
Ethics is a very important concept to IT professionals as well as IT workers. There are many different ways to push proper ethical behavior and propel unethical ones. One example is certification in IT.

What Is a Certification

 * Certifications are defined as “the action or process of providing someone or something with an official document attesting to a status or level of achievement,”. Examples of certifications include:
 * CompTIA’s A+, Network+, Security+
 * CISCO’s CCNA, CCNP, CCIE
 * Red Hat’s RHCE

Certifications are also typically given out by non-governmental organizations (IEEE, ACM, CompTIA, CISCO, and Red Hat).

Ethical Code Of Conduct Example
Below are examples from the IEEE code of ethics/conduct. Excerpts from their code of ethics state:


 * To uphold the highest standards of integrity, responsible behavior, and ethical conduct in professional activities.
 * Unethical practices such as bribery and illegality.
 * To treat all persons fairly and with respect, to not engage in harassment or discrimination and to avoid injuring others.
 * Unethical practices such as discrimination and defamation.
 * To strive to ensure this code is upheld by colleagues and co-workers.
 * Adhering to code of conduct and ethical standards.

Standardization And Measurable Metrics
Certifications tend to have definitive as well as non-definitive codes of conduct and ethics. As such it makes sense to argue that since the more people who have these certifications should at the very least know of more ethical behavior than those who haven’t gotten any. If you were to take two IT workers with the only difference being the certifications they have, you could assume that the worker with certifications from the likes of IEEE and ACM has knowledge of and partakes in their ethical practices. For instance, after taking an IEEE administered exam you must agree to the IEEE Code of Ethics.

Many of the ethics and code of conduct feels fairly standard and self-explanatory. However, if it must be stated chances are that it isn’t common knowledge. As well as having a standard and measurable metric of ethics should prove useful. Violation of these ethical concepts results in actions that are not limited to rejection of certification, revocation of certification, losing the ability to apply for certification, and other legal actions and other remedies. Yet, it is important to remember IEEE isn’t the only association that pushes ethics for their certifications as CISCO and Red Hat are just a few of the names that do it as well. The code of ethics and code of conduct in modern certificate-granting organizations are written differently but contain the same content and context. Essentially fair competition, integrity, compliance, and conflicts of interest are written between all conducts and are pretty comparable. As well as many accredited technical certifications were written with ethics in mind to not only protect the business but also the workers inside and out of that workplace.

What is Compliance?
Compliance is defined by Gartner as “The process of adhering to policies and decisions.”

Compliance is a cornerstone of IT ethics, ensuring that the ethical standards that have been set are upheld. Without compliance, no policy, regulation, standard, or law matters.

Compliance and the Technology Industry
Compliance is a must for any information technology professional. As an industry, compliance ensures that all parties involved are working towards a common goal about the policies, laws, and regulations that are in place. Compliance is also the way that organizations and individuals can measure others against the established standards.

This aspect of compliance plays a significant role in promoting correct ethical behaviors for IT Professionals. When IT Professionals adhere to respect and confidentiality, maintain professional competence, respect property rights, and embrace integrity, honesty, and fairness, this goes a long way toward creating a conducive working environment. Additionally, compliance promotes desirable ethical behaviors by uniting all parties involved by subjecting them to similar guidelines. Compliance promotes fair play and competition in the IT sector. Trust and integrity among the parties involved are established through compliance with a code of ethics. When ethical standards are adhered to, illegal conduct is minimized and positive behaviors are promoted. Additionally, providing development opportunities for ethical behaviors and implementing best practices helps minimize undesirable behaviors.

Compliance and the Workplace/Individual
Compliance or lack thereof can have a significant impact on the workplace, the staff, and the company. Compliance ensures that everyone in the workplace is on the same page regarding responsibilities, restrictions, policies, and laws. Compliance also protects the company and staff, both in reducing the risk of adverse situations and helping to mitigate any fallout should an incident occur. Compliance entails good communication among the employees, the management, and the government. Workplace rules should be accurate, and equitable, and assist in achieving your objectives by communicating them.

Looking at the impact of compliance on the individuals and the workplace, studies have found that “the existence of ethics and a culture of compliance in IT is positively correlated with the overall effectiveness of IT governance.” Compliance helps the workplace maintain a secure, professional environment for all employees.

Looking at the impact of compliance on the organization and the staff, compliance with policies, regulations, and laws can both protect the organization from legal, financial, and reputational damage, as well as limit any impacts of an incident. Policies, regulations, and laws are designed to protect the company and the public by limiting risk and mitigating damage. By complying, the organization is showing its commitment to protecting itself and everyone it comes into contact with.

Addressing the legal aspects to comply with the local, state, and federal business laws is key to effective, ethical behavior promotion. Adhering to insurance policies that improve safety and reduce insurance claims is another way of preventing undesirable ethical behaviors. Workplace rules and regulations governing all employees such as dress code, attendance, theft, fraud, behavior, sick and personal day policies, record keeping, when adequately implemented, work to discourage undesirable IT professional ethical behavior.

Failure to comply can lead to financial penalties, lost contracts, reputational harm, and in extreme cases, criminal charges. These negative outcomes can cost employees jobs, hurt organizational consumers, and even drive organizations out of business. There have even been cases of executives who have committed suicide to escape the ramifications of non-compliance.

Ethical Dilemmas faced by IT Professionals
Many business entities are encountering several ethical challenges. Controlled decisions protect users' rights and data from unauthorized access. Some of the major information technology ethical issues potentially faced include:

Personal Privacy
Personal privacy is a very crucial feature of information technology ethics. IT encourages users to have their system hardware and software products retrieve data from the servers connected to them via a network. The transfer of big data via the internet of computers increases the probability of exposing the information to outsiders and therefore infringing the privacy of users and user groups. It is quite difficult for IT teams and firms to ensure data privacy and correctness and accidentally expose information to unauthorized users.

Misuse of users' details provided as we use the internet, for instance, online transactions we provide credit cards private information the companies store this information to be able to predict our interests but at the same time impede our privacy rights. Business firms use this valuable information to make money and advance their market niche.

Security
The second characteristic of computer systems ethics is security or access rights. It is a major priority for the IT staff and cybersecurity in the changing world of information technology. Online transactions and e-business enrollment raised the need for improved security measures by the corporate and government agencies. Securing the internet from unauthorized users, which is quite impossible, can be reduced by intrusion detection software to differentiate between an authorized and unauthorized user trying to access the system.IT security professionals are also to be intimate with copyright law, an ethical aspect that functions to control and prevent computer systems from bridging security before and after the breaches.

Transparency & Honesty
Also termed liability, is another ethical aspect that software engineers give their word and declarations to the users on the features and state of the software product they will provide as express warrants. Therefore they should be realistic in making these promises about their ability to offer that quality and state of their software and hardware systems capability. This should be enhanced by putting their words and agreements in writing for protection against liability issues. A warning of guaranteed service provision can save a provider from the responsibilities if it fails to achieve the predictions made during agreement formulation.

Artificial Intelligence (AI)
Use of AI: Artificial intelligence has greatly improved the business firm's ability to gain profits.

Facial recognition: using IT software to identify people is less of an ethical aspect. However, there are several issues with this feature, for example, racial biases and invasion of personal free space. Tracking people's activities invades their privacy, and the system can also be incorrect as it uses algorithms to make decisions.

Jobs replacements: the goal of AI is to automate low-level tasks in the organization so that individuals can be used to perform more detailed and complex tasks. This will result in the large-scale elimination of job opportunities; therefore, many individuals are concerned about their job security.

Biasness of the AI technology: the programs and algorithms used in the development of AI carries the biases of their initial developers as all humans are prone to be biased. It only focused the low-level knowledge on the developer's present environment.

Conflicts with Company Policies
One example would be if a patent is used to store and protect private information about a software product from outsiders. However, software needs disclosure of all its features to the outside world apart from that provided in the copyright. This becomes difficult for the developers to expose their secret idea to programmers. Maintaining and protecting valuable and vital information about a firm is also an important ethical issue in information technology, for example, trading secrets. Exposure of this confidential information to the firm's competitors can cause a lot of economic failures.

Harmful Actions
Harmful actions include damaging or inappropriate actions that lead to the loss of crucial data, resources, user rights, or destroying vital user systems are considered harmful. It also includes sharing files containing viruses via web pages that are deemed secure. This concept of ethics controls unauthorized users' use of information systems, to prevent losses by the stakeholders. This includes changing or damaging data and software programs critical to the firm's economic activities. Recovering from these harmful activities is time-consuming, and a lot of energy is needed to clear viruses in the information system.

Copyright and Piracy
Piracy refers to the illegal access and attempts to copy and distribute software. Based on the United States Copyright Act, illegal copying and reproduction of software are subject to attracting legal suits of up to a hundred thousand dollars in fine. Apart from the legal consequences, it is ethically wrong to reproduce another person’s work based on basic principles such as fairness and justice. Programmers and staff involved in the creation of that software require fair compensation for their work, however, when it is reproduced and distributed illegally, they stand to earn nothing to show for their efforts.

Developer Liability
IT professionals need to be aware of the liability issues that can arise from making ethical decisions regarding the programs they publish. Developers make promises to the user regarding the nature of their program and what that program can deliver. Failing to deliver on these promises can not only harm their image and cause nuisance to the user but opens them up to legal retaliation. They need to be practical and honest about the assurances they make about their program and keep in mind the ethical considerations they need to make while delivering the product to their clients. A well-worded and accurate disclaimer can free a developer from being responsible for informal, speculative statements made by a user against their software.

Access Costs
With the increase in awareness about net neutrality, IT professionals have to keep in mind the access costs for every service they publish online. The vast majority of people favor maintaining net neutrality, ensuring that everyone gets fair access to every website and service. This raises the ethical question about whether internet usage and access to the data on the internet are now a universal right that needs to be protected. IT professionals will be the ones who pave the way in this discussion, setting a precedent for future generations and deciding the path that internet usage takes. The access cost to a website will determine the traffic a website gets and how widely it is used. This decision affects the users who may or may not be able to use the website and the developers of the website since it affects how widely used their website or service is.