Ethical decision-making: Principles, rights and duties, and intuitive cues

Security Strategies This newsletter is sponsored by Panduit Corp Planning Considerations for Data Center Facilities Systems The implementation of a robust, integrated infrastructure to handle stringent data center demands and support future data center growth is now more critical than ever. This white paper shows how business priorities can be balanced with power, cooling, and structured cabling practicalities to develop an integrated comprehensive data center support system. This "capacity planning" process optimizes network investment by ensuring reliable performance now and the flexibility to scale up for future business and technology requirements. Network World's Security Strategies Newsletter, 09/06/07 Ethical decision-making: Principles, rights and duties, and intuitive cues By M. E. Kabay In my last three columns, I've been discussing the July 30 column by Vauhini Vara of the _Wall Street Journal_ entitled, "Ten Things Your IT Department Won't Tell You." The author provides detailed information on how to violate acceptable-use policies for corporate computer equipment. In this last column in the series, I want to finish applying Kallman and Grillo's ethical decision-making methodology. Again, the essential points of the method are: 1. Identify the ethical problem in operational terms. 2. Look for explicit and implicit guidelines relevant to the situation. 3. Identify and apply underlying principles affecting the decision. 4. Explore rights and duties of participants and stakeholders. 5. Respond to intuitive cues. Comprehensive Network Access Control The new wave of sophisticated crimeware not only targets specific companies, but it also targets desktops and laptops as backdoor entryways into business operations and resources. Network access control enables proper configuration and security of user endpoints before they are allowed access on the corporate network. Click here to download this whitepaper I've been analyzing the case of Bob, an employee who signed an appropriate-use agreement with his employer but who chooses to follow Vara's suggestions for cheating his employer of useful work - and then concealing his violations of policy. I covered the first two points of the methodology in previous newsletters; now we move to the final three. Some of the principles that anyone can apply when deciding whether a proposed action is right or wrong can be represented as questions about the proposed course of action: * Does it break a promise? * Damage the trust others have in you? * Damage friendships? * Hurt feelings? * Tarnish your or someone else's reputation? * Be unjust or unfair? * Help you and the world be better, kinder? * Maintain your integrity and pride? * Treat others as individuals, not as tools? * Be a Good Thing if everyone acted so? * Would you be happy to be the recipient of your proposed actions? I think Bob's cheating would generate "Yes" answers for several of these questions. From a contractual point of view, the stakeholders at Bob's place of employment have a right (a claim or an entitlement) to Bob's honest provision of work for pay, just as he has the right to be paid for his work. Reciprocally (which is the usual relationship between rights and duties), Bob has a duty to provide an honest day's work for his pay. Watching sports programs while being paid to do work does not count as fulfilling his duty. Finally, some of the intuitive indicators that help us choose between right and wrong are as follows: * Does it feel wrong? (The "smell test") * Is someone trying to hush up the proposed plan? (The "shusher test") * Would you be proud to tell your parents, your spouse? (The "mom test") * Would you be happy having a full report on the proposed action detailed on prime-time TV news? * Would you be proud to tell strangers what you're proposing to do? * Would you be happy to have your children / siblings / friends acting as you are thinking of doing? Again, I think it must be clear that at least several of these questions should raise alarm bells for any normal person. What about Vara and the WSJ? I leave evaluation of the answers to questions raised by these guidelines to the readers as an exercise. Perhaps they will make interesting discussion points over lunch. I'm sending these articles to Vauhini Vara and to the editors of the WSJ and maybe they will respond - I'll let you know.   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Google: Apps not a Microsoft Office add-on 2. Cisco unveils 802.11n WLAN access point 3. IBM stores data on an atom 4. Why do AdblockPlus users hate my kids? 5. Cisco plans to blend two NAC schemes 6. Cisco playing network defense 7. Foleo, Foleo, where are thou, Foleo? 8. UTM firewalls: Ready for the enterprise 9. Microsoft buying RIM (Blackberry) 10. MPLS proposal spawns IETF, ITU turf war MOST-READ REVIEW: IBM Lotus Sametime tops corporate IM platform review

Contact the author: M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site. This newsletter is sponsored by Panduit Corp Planning Considerations for Data Center Facilities Systems The implementation of a robust, integrated infrastructure to handle stringent data center demands and support future data center growth is now more critical than ever. This white paper shows how business priorities can be balanced with power, cooling, and structured cabling practicalities to develop an integrated comprehensive data center support system. This "capacity planning" process optimizes network investment by ensuring reliable performance now and the flexibility to scale up for future business and technology requirements. ARCHIVE Archive of the Security Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007