Strategic CIO // Executive Insights & Innovation
Commentary
6/22/2007
05:51 PM
John Soat
John Soat
Commentary
Connect Directly
RSS
E-Mail
50%
50%

How Do IT Workers Know How To Act?

Figuring out what IT workers should look at, shouldn?t look at, and what liability lies in between is not as easy as it, uh, looks.

Figuring out what IT workers should look at, shouldn?t look at, and what liability lies in between is not as easy as it, uh, looks.I recently wrote a satirical column (moi?) for InformationWeek magazine on the responsibility of IT workers who have access to sensitive data and personal files to respect propriety and the right to privacy in the workplace. It was based on a survey of IT workers by a company called Cyber-Ark Software, in which one in three admitted snooping through company systems and peeking at confidential information such as salary data, personal e-mails, private files, and HR background. Cyber-Ark said one IT administrator even laughed out loud as he answered the survey. ?Why does it surprise you that so many of us snoop around your files,? he said. ?Wouldn?t you, if you had secret access to anything you can get your hands on??

Now, that?s too good not to have a little fun with. But an IT manager wrote to take me to task for making light of a very serious subject. Here?s what he said:

?The importance of work ethics and the possibility of abuse of access privileges cannot be denied. I, myself, am dedicated to the professional ethics and standards usually adopted by consultants regarding confidentiality--keep your mouth shut, don't reveal anything to third parties. I have no problem, for example, signing NDAs. But in my own case, it's hardly necessary. Anything I learn, I keep to myself. Frequently, coming across confidential or sensitive information is inadvertent; the task at hand may require reviewing the contents of files, for example, and it may not be possible to do what is needed if you don't have administrator level privileges.

The more worrisome and potentially disastrous problem, IMHO, is that with those privileges comes the possibility of very serious legal threats. We are faced constantly with the triple-threat of corporate policy, state laws, and federal laws that jeopardize our well being with legal retaliation and punishment for unauthorized access of equipment and data. It's no laughing matter--the mere false accusation of even a minor infraction can result in massive financial hardship and loss, just in the attempt to defend yourself, as a number of workers in the IT industry have already discovered for themselves. Many IT workers continue to do their jobs without actual explicit written authorization or consent from their employers to access and handle their systems; for them, it is merely "implied" that they have that consent, since they are employees. But how far does that implication go if you are faced with felony charges??

What do you think? Should IT workers have access rights written into their contracts? Should there be indemnity for IT workers who accidentally run across competitive or confidential information, or illegal content such as child pornography? Should there be an IT Workers Code of Ethics?

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.