INLS 285 – Information Use for Organizational
Information Case 1:
Option A. Dilemma for software programmer
is a software programmer for a large internet service provider (ISP). He has
worked for the company for more than ten years and he is reputedly one of the
best in the business. Recently, he was
tasked with the responsibility of adding a new feature to the corporate
Intranet of one of ISP’s largest clients, ACME Publishing. The new feature will allow ACME’s employees to share files more easily. As he began
the work, he discovered a glitch in the security for the site that had left the
organization vulnerable to outside access for over three years.
was concerned about the glitch. Although he fixed it quickly and easily, he
knew that his company was responsible for it. A careful testing of the site at
the time it was created would have revealed the problem, so someone at ISP had
not done his job well. He checked the security logs and could not find any
evidence that the site had been invaded or hacked, but he was concerned just
the same. ACME Publishing’s revenues had
been declining over the last few years. One of their most prolific authors took
her latest project to another publisher and ACME failed to sign two promising
new mystery writers.
informed Mike, his manager, of the glitch. Mike seemed unconcerned as long as
the problem had been repaired, but Jack was uneasy. Jack felt that the client
should be informed of the glitch, and he felt that the company should take
immediate action to test all production systems and to ensure that proper
testing procedures were followed in the future. Mike assured him that there was
nothing that could be done about the past, and assured him that the legal fine
print of the contract with ACME protected ISP from responsibility. “The
information on the site is ACME’s problem, not ours –
we just design and configure the system,” said Mike.
The above case involves two types of organizations: (1) the internet
service provider that employed Jack; and (2) the client, ACME Publishing. If
there had been a breach in security of the site, others could be affected as
well – authors, suppliers, distributors, employees, and anyone else who
conducts business with ACME. Although there is no evidence that anyone ever hacked into the system, the system was
vulnerable to hackers for three years.
What are the ethical and human issues of this case? What should Jack do?
What should his company do? If faced with this problem yourself, what would you
do? Why? If you were the CEO of ACME, and you learned about the glitch, how
would you feel about ISP and what would you do? Include your answer in a 2-3