A Client Opts for a Less Secure System (Sample Scenarios from the CSTB)

Author(s)
Ronald E. Anderson
Deborah G. Johnson
Donald Gotterbarn
Judith Perrolle
Parent Collection
Sample Scenarios on Social Issues Surrounding Internet Privacy
Contributors
Deborah G. Johnson
Year
1993
Volume
36
Issue
2
Pages
98-107
Rights
Use of Materials on the OEC
Discipline(s)
Computer Sciences
Computer Engineering
Computer, Math, and Physical Sciences
Topics
Security
Engineer/Client Relationships
Case Study / Scenario
Secondary Title
Using the new ACM code of ethics in decision making
Description

A business owner designs a database management system with security protections, but the client opts for less security.

Body

Three years ago Diane started her own consulting business. She has been so successful that she now has several people working for her and many clients. Their consulting work includes advising on how to network microcomputers, designing database management systems, and advising about security.

Presently she is designing a database management system for the personnel office of a medium-sized company. Diane has involved the client in the design process, informing the CEO, the director of computing, and the director of personnel about the progress of the system. It is now time to make decisions about the kind and degree of security to build into the system. Diane has described several options to the client. Because the system is going to cost more than they planned, the client has decided to opt for a less secure system. She believes the information they will be storing is extremely sensitive. It will include performance evaluations, medical records for filing insurance claims, salaries, and so forth.

With weak security, employees working on microcomputers may be able to figure out ways to get access to this data, not to mention the possibilities for on-line access from hackers. Diane feels strongly that the system should be much more secure. She has tried to explain the risks, but the CEO, director of computing and director of personnel all agree that less security will do. What should she do? Should she refuse to build the system as they request?

Notes

From: Anderson, R.E., Johnson, D.G., Gotterbarn, D., & Perrolle, J. (1993)  Using the new ACM code of ethics in decision making, Communications of the ACM, Volume 36 Issue 2, Feb. 1993, Pages 98-107.

(Adapted from: Johnson, D. G. Computer Ethics, Second Ed. Prentice Hall, Englewood Cliffs, N.J., 1993.)

Citation
Ronald E. Anderson, Deborah G. Johnson, Donald Gotterbarn, Judith Perrolle. . A Client Opts for a Less Secure System (Sample Scenarios from the CSTB). Online Ethics Center. DOI:. https://onlineethics.org/cases/sample-scenarios-social-issues-surrounding-internet-privacy/client-opts-less-secure-system.