IT Ethics

Medical professionals, lawyers, accountants, and even taxi drivers are all bound by organizations, which monitor their members’ conduct and set out explicit rules and disciplinary procedures for violating these. These occupations are entrusted with the public’s personal property, their personal security, and in some cases even their lives. It therefore only makes sense that there would be some sort of professional body looking after the public’s best interest.

But what about in IT? What does the public stand to lose? Well, arguably, all of the above, but yet IT as an industry still lacks regulation, guidance, and most importantly a real, binding, professional body overseeing the profession. The “Wild West” is all around us in terms of IT professionals, and the number of “Cowboy Techs” is growing every day. It is becoming a real problem – especially when techs hold a client’s domain names, passwords, MX records, and data hostage with impunity. Undeniably, we are in NEED of some regulation.

Until then, however, we must rely on the kind folks at places like the SANS Institute who care deeply about everything IT. They have done a fantastic job at trying to educate the IT industry about industry best practices, standards and ethics. In fact, they actually have a full code of ethics that IT professionals should adhere to and this can be viewed at http://www.sans.org/resources/ethics.php?ref=3781 . It is definitely worth a read, despite some of the blatant obviousness of some of the points.

For fun, let’s dissect some of the more interesting ones. Please feel free to add comments at the end of this blog as I would like as much feedback as possible.

Here’s the first one……

“When possible I will demonstrate my performance capability with my skills via projects, leadership, and/or accredited educational programs and will encourage others to do so as well.”

I find this point intriguing. The SANS institute actually codified both showing performance and the transmission of knowledge. At first glance, I wasn’t sure whether I agreed that this should be in a code of ethics, but, after some careful reflection I think this is great. Let’s face it, we all know a lazy tech out there that is just scraping along, never reads anything, and never makes an effort to ensure that his clients are getting the best service for their money. At some level, this is taking advantage of the client as they are paying to have a professional make their workflow better – after all, how would you like to go see a specialist for some knee surgery only to find out months later that they gave you the 30-year-old solution that just doesn’t really work. This would be unacceptable in medicine and should be unacceptable in our industry too!

I have always encouraged others to excel in their IT careers and now that I have actually given this some thought will continue to do so even more.

Second point……

“I will not hesitate to seek assistance or guidance when faced with a task beyond my abilities or experience. I will embrace other professionals' advice and learn from their experiences and mistakes. I will treat this as an opportunity to learn new techniques and approaches. When the situation arises that my assistance is called upon, I will respond willingly to share my knowledge with others.”

Ostensibly, it is only pride and one’s ego that gets in the way of doing something right and making the client happy and doing something totally wrong and tarnishing the reputation of both the employer and the tech himself. I mean seriously, if you really don’t know how to do something and you know someone else does, get some advice. Getting advice only ever becomes a problem if you are not genuinely trying to learn from the experience and apply it elsewhere. There is no place in IT for pride-except when it comes from a job well done!

Final point……

“I distinguish between advocacy and engineering. I will not present analysis and opinion as fact.”

This particular point could really be controversial, but, I unconditionally accept it as a valuable point and I understand why the SANS Institute has included it. There are too many techs out there, that tell clients things about their OS, or a particular brand of printer, or even a software package without being totally forthcoming that this is in fact an OPINION. In fact, we should all accept that there are many engineers out there that, YES (I mean really), INDEED, do know more than us. They designed the software package and often understand at a much deeper level why certain implementation and/or configurations are there in the first place.

Opinions are good, but let’s not let an opinion get in the way of getting a better solution for a client. Let’s not let opinions hinder progress. If we go with proven engineering, and modest opinions on how to implement such, everyone benefits – and you will be the one that dared to put Vista into the 70-year-old hands of your number one client’s CEO….well OK… You got me…that IS A STRETCH! HA HA HA

Anyway, I hope you enjoyed the discussion and once again I encourage you to actually log on to the SANS Institute page and go through the code!

Matt

No comments:

Post a comment


Copyright © 2010 Paul Guenette and Matthew Sleno.