Security, Software, and Ethics Essay -- Software Computers Ethics Mora

Security, Software, and Ethics Introduction Every day, we use computer software to perform everyday tasks. These can range from sending e-mail, balancing your checkbook, web browsing, shopping and much more. Most people don't stop to think about the security of the software that we use on a daily basis. Users are more concerned about getting their work done, and security is little more than an afterthought. Security is a very important and often overlooked aspect of software development. Security is used to authenticate users, manage access to resources, and to ensure that data hasn't been compromised. Recent events such as the Sasser, SQL Server, Blaster and Nimda worms have been devastating throughout the world. They've cost companies and everyday people billions of dollars worth of wasted time, money and productivity. In some cases, data gets corrupted, modified or deleted. Businesses are unable to function normally, which can result in heavy financial losses. Some of these worms are still taking over computers to this day, long after patches have been readily available to fix the problem. Security professionals have been telling computer users to patch their systems and keep them up to date, but it their words aren't being listened to in spite of their warnings. Why is this scenario constantly being repeated? Who's responsible for ensuring that software we use is secure? I feel that software companies and software engineers are ethically responsible for making sure that their software is secure. We're becoming more dependent on computer software, which makes us more vulnerable to virus attacks from a security bug in a widely used piece of software. They must be able to ensure that our software is more secu... ...3] Peter Mell and Miles C. Tracy, "Procedures for Handling Security Patches", National Institute of Standards and Technology, August 2002 http://www.csrc.nist.gov/publications/nistpubs/800-40/sp800-40.pdf Suggested resources SANS Institute - Computer security web site, with information about computer security training http://www.sans.org SANS Institute Reading Room - Articles on a variety of security topics http://www.sans.org/rr Security Focus - Web site with news and analysis of security issues http://www.securityfocus.com The Register - Web site with IT-related news http://www.theregister.co.uk Software Engineering Institute, Carnegie Mellon University http://www.sei.cmu.edu/ National Institute for Science and Technology http://www.nist.gov The CERTÂ ® Coordination Center - A reporting center for Internet security http://www.cert.org