Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > REVIEW: "IT Ethics Handbook", Stephen Northcutt

Thread Tools

REVIEW: "IT Ethics Handbook", Stephen Northcutt

Rob Slade, doting grandpa of Ryan and Trevor
Posts: n/a

"IT Ethics Handbook", Stephen Northcutt, 2004, 1-931836-14-0,
%A Stephen Northcutt Removed)
%C 800 Hingham Street, Rockland, MA 02370
%D 2004
%G 1-931836-14-0
%I Syngress Media, Inc.
%O U$49.95/C$69.95 781-681-5151 fax: 781-681-3585
%P 604 p.
%T "IT Ethics Handbook"

This isn't a very good book about ethics, but it is a useful book.
It's just got the wrong title.

The introduction doesn't provide any proper background to the study of
ethics. The brief review of related terms doesn't give much in the
way of help: ethics are defined as personal principles, and
differentiated from morals only in that the latter are assumed to be
accepted from some outside source. (This distinction makes ethics
appear to be the base, uneducated, conscience.) Most of the anecdotes
listed deal with cultural, rather than ethical, issues.

The work contains hundreds of questions or scenarios. These are
divided into twenty topical chapters, although the categorization
isn't particularly solid. Chapter one, "System Administration and
Operations," starts off with a series of items more directly related
to development, even though there is a "Programmers and Systems
Analysts" chapter later on. Each item is presented with a
"conservative" view, a "liberal" perspective, and a summary. (There
are also "soapboxes" and anecdotes, bringing personal views and real
experiences to the discussion. I'd forgotten that I'd actually
submitted one, until I came across it on page 500.) Interesting
points are raised, but these are seldom based in ethics, tending to
deal more with standards of formal policy as opposed to the messy
practicalities of life.

It is, in fact, in the field of policy creation and review that this
volume should be used. Over and over again it challenges commonly
accepted policies and practices in the security field. Is your usage
policy flexible enough to cover all cases? Does your monitoring
policy run counter to the law? Does your disclosure policy help or
hinder the development of secure products?

The book raises lots of questions, although it provides few answers.
(What advice exists is occasionally contradictory, such as the
recommendations regarding email monitoring on page 33 versus 107.) At
times the material doesn't even deal with policy issues: chapter
five's content on email scams is more relevant to personal security
matters such as phishing.

Some, although relatively few, of the items can be used for scenarios
when discussing ethics. Almost all of the questions can be used
during an assessment of the coverage of a corporate security policy.
So, yes, the book is useful for those in the security field. (It
would have been even more useful if an index had been included.)

copyright Robert M. Slade, 2004 BKITETHB.RVW 20041010

(E-Mail Removed) (E-Mail Removed) (E-Mail Removed)
============= for back issues:
[Base URL] site
or mirror
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Book reviews: [Base URL]mnbk.htm
Review mailing list: send mail to (E-Mail Removed)
or (E-Mail Removed)

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
New releases: Stephen King Collection, ALF & Leon UMD: Updated complete downloadable R1 DVD DB & info lists Doug MacLean DVD Video 1 06-22-2006 06:59 PM
Looking for Stephen Turner, maintainer of informixdb Carsten Haese Python 2 04-04-2005 09:14 PM
The Oscar with Stephen Boyd and Elke Sommer? Anytime...? Edward Holub DVD Video 3 01-28-2004 06:12 PM
Re: Stephen Hawking Not So Smart After All Father Joeseph Murphy O'Brian Computer Support 0 10-10-2003 11:20 PM
REVIEW: "Intrusion Signatures and Analysis", Stephen Northcutt et al Rob Slade, doting grandpa of Ryan and Trevor Computer Security 0 10-01-2003 02:38 PM