• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - IT Ethics Handbook

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
meeeeeeeeee
Just Arrived
Just Arrived


Joined: 05 Feb 2004
Posts: 2
Location: CT, USA

Offline

PostPosted: Sat Apr 02, 2005 3:03 am    Post subject: Book Review - IT Ethics Handbook Reply with quote

IT Ethics Handbook

Author(s): Stephen Northcutt
Publisher: Syngress www.syngress.com
Date Published: June 11, 2004
Book Specifications: Softcover, 604 pages
Category: Ethics
Publisher's Suggested User Level: Not Rated
Reviewer's Recommended User Level: Beginner to Advanced
Suggested Publisher Price: $49.95 US / $69.95 CDN / L33.99 UK
ISBN: 1-931836-14-0
Amazon.com: IT Ethics Handbook
Amazon.co.uk: IT Ethics Handbook



Blurb from back cover:
“Not long ago, knowing the ethics of right from wrong at work was simple: Don’t steal office supplies, don’t pad your expenses, and try and stay sober at the holiday party. Times have changed, and the work place is now globally connected and accessible 24x7. In the vast realm of Information Technology (IT), an ethically "wrong" decision can be the corporate equivalent of splitting the atom--a small, seemingly isolated event that causes a devastating impact on a grand scale. When applied to IT, the issue of ethics can no longer be relegated to the back of the employee manual. Highly acclaimed trainer, speaker, and author Stephen Northcutt provides a detailed blueprint on how to first identify, and then resolve, issues of ethics within the enterprise.”


Introduction
The American Heritage® Dictionary of the English Language, Fourth Edition, defines ethics as “ The rules or standards governing the conduct of a person or the members of a profession.” This book makes a thorough review of the ethics involved with employment in the Information Technology industry.

No matter the involvement of each of us in the IT world, from administrative assistant to CIO, there are bound to be some ethical dilemmas that occur in the course of performing our duties. These issues can be common, such as those to do with interpersonal relations, and those that are brought on by the technology involved, such as whether or not to fully disclose a vulnerability.

Most ethical questions are simple matters that don’t even occur to us as ethical questions. We simply act (or don’t act) instinctively. In fact, we may not question our ethical stance until we are forced to. Then there is often little time for debate, action is necessary. This book heightens our awareness of the ethical dilemmas that confront us every day, and guides us to formulate our ethical guidelines before they are needed to be called into action.


Review Comments
IT Ethics Handbook is very informative in that it presents a myriad of ethical dilemmas for us to peruse, 20 chapters worth to be precise. Northcutt separates the chapters along job titles. There are chapters for System Administration and Operations, Audit, Vulnerability Disclosure, Digital Postmaster, Information Security Officers, Programmers and Systems Analysts, Database Administration, Information Service Providers, Trusted Assistant, Contractors/Consultants, End-users and Employees, Customers, Telecommuters, Personal Computer Users, Penetration Testers, Content Providers, Co-Workers and Management/Employers as well as a general chapter on Privacy and one on Email Scams.

In each chapter Northcutt presents ethical dilemmas and then presents two viewpoints: “liberal” and “conservative” and a summary. While it can be irritating that there is rarely a hard and fast rule to follow, ethics is a personal decision. The author seems to be merely striving to educate us to the areas where an ethical dilemma could spring up. Some are more clear than others. For example, stealing office supplies is clearly unethical behavior. What to do when, in your duties as mailroom admin, you accidentally read a private email is less clear.

Northcutt also has sections dedicated to sharing his opinion on things, which he labels “soapbox” sections. There are also sections dedicated to the sharing of personal stories, both his and others, labeled as “Anecdote.” Both of these sections add a nice touch, bringing the theoretical discussions to life.

Style and Detail
I found the formatting, with the opposing “liberal” and “conservative” viewpoints, in differing fonts, to be distracting from the content of the book. The differing viewpoints are informative, but there must be a more visually pleasing way to present them.

There also are several noticeable misspellings within the text, most prominent being the headers on every page in Chapter 9 which read “Internet Sercive Providers.” Such things distract from the content of the book, and I presume will be corrected in further editions.

An alphabetical index at the back of the book would be most helpful, as it’s a bit time consuming to read the mammoth Table of Contents to locate a particular segment. At 26 pages in length, the Table of Contents is a tad intimidating, although it is well organized.


Conclusion
This book, while hindered by typographical and layout challenges, is a great review of the ethical dilemmas presented in day to day life in the IT field. After having read it, I have more faith in my ability to, without hesitation, ethically handle challenges that may come my way. I have been inspired to think through, at my leisure, many different ethical situations and the way I would want to handle them.

This book receives an honored SFDC Rating of 7/10.



Keywords: IT Ethics

Sarah Zalewski
Security-Forums Dot Com

This review is copyright 2005 by the author, Sarah Zalewski, and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Back to top
View user's profile Send private message
Herc Man
Just Arrived
Just Arrived


Joined: 19 Oct 2004
Posts: 1
Location: Canada

Offline

PostPosted: Wed Apr 06, 2005 4:00 am    Post subject: Reply with quote

Nice review.

I find it kind of ironic that Northcutt would write a book on ethics while watering down the GIAC certs so he can turn a buck. Just my opinion though. Very Happy

The funny thing with ethics is that there really is no right or wrong, just varying degrees of acceptable.
Back to top
View user's profile Send private message
Tom Bair
SF Boss
SF Boss


Joined: 10 Aug 2002
Posts: 16776955
Location: Portland, Oregon USA

Offline

PostPosted: Wed Apr 06, 2005 4:11 am    Post subject: Reply with quote

This statement no doubt will return to me to bite my heels, but...

To learn from another, I'd rather suspect that 'other' would require experience in that which you are wishing to learn from him?

Of course, the argument to the above is simply:

One need not have first-hand experience of a matter in order to understand a matter.

What it comes down to for us is, do you want to read a book written by a researcher or a fellow who teaches a course on the topic, or do you prefer to hear from the fellow who actually is involved in the topic -- good or bad?
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register