Chapter 16

Careers in Information Technology

IT Careers

The textbook ends where it began: by examining IT careers and careers related to the IT field. In this chapter, the various areas of IT are examined with an emphasis on the specific roles that each area requires. Among the details shared are forms of certifications that an IT person might seek and recent salaries. As students of IT may have not given a great deal of thought to their careers as they start college, the text describes a variety of topics that may extend the reader’s interest. These include topics such as IT ethics as well as social concerns in the digital world such as the digital divide, Internet censorship, and Internet addiction. The chapter ends by discussing various forms of continuing education for the IT person.

The learning objectives of this chapter are to

• Discuss careers in IT.
• Describe forms of continuing education in IT.
• Introduce social concerns related to IT.
• Discuss ethical conduct in the IT field.

Are you interested in IT because of the money? Perhaps. More likely, you have grown up as a technology user. Your interest may have started because of social media or from schoolwork or through computer games. Or perhaps you got interested because of friends and family. Whatever interests led you into technology, you are most likely interested in IT because you have fallen in love with using technology. You are probably an analytical person, a problem solver. It is a common path that leads to an IT career. Fortunately for you, careers in IT are not only readily available, but can lead to high-paying and satisfying careers!

Here, we focus on IT career paths. Later in the chapter, we examine some of the aspects of an IT career that you may not have thought of. Beyond the technology, beyond the need to continually upgrade your knowledge and improve your skills, there are issues that you might face: legal, ethical, social.

Careers in IT are high paying, and the outlook for job growth is tremendous for many years to come. Table 16.1 illustrates job growth projections and salary information for a number of different computer-related careers. Notice that computer programmer positions are expected to decrease as the software development field moves from a demand for programmers to a demand for software engineers.

Of the careers listed in Table 16.1, the latter three are careers that an IT major might consider. Database administrators, network administrators, and system administrators are all projected for high growth through 2018, and there is no reason to expect that this trend will not continue further into the future. Other careers not listed here include web developer, website administrator, network architect, and computer security specialist.

All of these careers require a high degree of technical skill. These skills include an understanding of computer systems, operating systems, software, and hardware. Additionally, it is expected that IT personnel be problem solvers. They should also be self-starters and lifelong learners. It is also very important for all IT professionals to be proficient in written and verbal communication, team collaboration, and leadership, have a firm understanding of IT ethics, and the desire to continue to develop their own skills and education. A foundation in business practices can help further an IT specialist’s career.

Today, most organizations looking to hire IT personnel prefer graduates of 4-year accredited university programs. Graduates of these programs have received a much broader education than those who have only focused on technical skills (as found in 2-year technical, vocational, or community colleges). However, 4-year IT degrees are still somewhat rare, so organizations looking to hire IT personnel will sometimes look to related disciplines such as computer science, business administration or management information systems (IS), and information science. Students whose degrees do not fit the IT profile may still be desirable if they have taken appropriate coursework in computer systems, networks, databases, and so forth, or have picked up suitable experience.

The breadth of responsibility in these careers is often dependent on the size of the organization. In large organizations, you may find individuals whose sole responsibility is in an IT specialty area, for example, network security or web server administration. In smaller organizations, it is not uncommon for a single individual to have responsibility for several IT roles. Here, we focus on each of the types of positions that an IT specialist may have and the roles and responsibilities of each of those positions. Additionally, we will examine forms of certification (if any) and salary expectations.

Network Administration

Network administrators are responsible for the installation and maintenance of hardware and software that make up a computer network. Network hardware includes specialized network devices such as switches, routers, hubs, firewalls, adaptive security appliances, wireless access points, and voice-over-IP (VoIP) phones. Network software comprises the various operating systems installed on those hardware devices, the protocols to communicate over the network, and the applications. This includes routing protocols, access lists, trunking protocols, spanning tree protocols, virtual LANs, virtual private networks, IPv4, IPv6, and intrusion detection systems. Network administrators may be responsible for installing, configuring, and maintaining such software. Network administrators may also require securing the network; this task may be accomplished in conjunction with other IT personnel such as system administrators.

If the network slows or shuts down, a network administrator may occasionally find himself or herself in a high-pressure troubleshooting role. The administrator must use his or her skills and knowledge to diagnose the issues, identify potential solutions, and implement the selected solution. A solution should solve the given problem most effectively in terms of user convenience, efficient access, and reasonable cost. In addition, issues and solutions should be well documented.

Higher level network administration positions, sometimes referred to as network architects or network engineers, are often responsible for designing networks that meet the performance and capacity needs of an organization. This job includes choosing appropriate network hardware and planning the allocation of network addresses across an organization.

Network administrators all require a basic knowledge of the TCP/IP stack as well as other network protocols that follow the Open Systems Interconnect (OSI) model. However, network administrators often focus on specialties such as network security, wireless administration, VoIP, management of internet service providers, and network reliability and capacity planning.

From this list of duties, it is obvious that network administrators require a significant amount of training and experience to be successful in their roles. Because of the changing nature of technology, network administrators must constantly learn new technologies through trade journals, conferences, publications, and continuing education. Various career certifications in these specialty areas are a valuable addition to a network administrator’s resume. Among the most sought-after certifications are the CCNA (Cisco Certified Network Associate), CCNP (Cisco Certified Network Professional), Novell CNE (Certified Novell Engineer), CWNA (Certified Wireless Network Administrator), and CompTia’s Network +.

Salaries for network administrators (as of 2008) range from $41,000 to as high as $104,000 and a median average salary of $66,310. Management of company networks currently pays around $3000 more than working for telecommunications carriers, which pays substantially better than similar jobs working for schools of any level.

Systems Administration

Whereas network administrators are responsible for the performance of networking hardware and software, systems administrators are responsible for the installation and maintenance of the resources on that network. The system administrator’s role covers hardware, software, and system configuration. Computers might include mainframe, minicomputers, and personal computers, as well as network servers. The system administrator should also be familiar with multiple operating systems as it is likely that the organization has computers of several platforms.

The responsibilities are varied and will vary by organization. The system administrator will, at a minimum, be required to install and configure operating systems on the organization’s machines, install new hardware, perform software upgrades and maintenance, handle user administration, perform backup and recovery, and perform system monitoring, tuning, and troubleshooting. The system administrator may also be involved with application development and deployment, system security, and reliability, and have to work with networked file systems. The system administrator would most likely have to perform some programming through shell scripting so that repetitive tasks can be automated. A greater amount of programming might be required depending on the organization’s size and staff. Policy creation and IT infrastructure planning may also be tasks assigned to system administrators.

The system administrator’s role may overlap or completely subsume the requirements of a network administrator depending on the size of the organization and the need. Smaller organizations will hire fewer IT staff, and thus duties may be more diverse. On the other hand, smaller organizations will likely have lesser needs because of small networks, fewer computer resources, and perhaps fewer situations that require a system administrator’s attention. The knowledgeable system administrator will turn to any number of web forums available whereby system administrators discuss recent problems and look for solutions.

As with a network administrator, the system administrator will require a great deal of training and experience to ensure that the computer systems run efficiently, effectively, and securely. The system administrator should be proactive in his or her continuing development. Like the network administrator, there are several chances for certification as well as trade journals, conferences, and publications. The certification opportunities include Microsoft’s MCSA (Microsoft Certified Systems Administrator), MCSE (Microsoft Certified Solutions Expert), and MCITP (Microsoft Certified IT Professional), Red Hat’s RHCE (Red Hat Certified Engineer) and RHCSS (Red Hat Certified Security Specialist), and Novell’s CNA (Certified Novell Administrator) as well as the network certifications mentioned earlier.

Salaries for system administrators are in the same basic range as those of network administrators. The two job categories combined promise to see increasing demand through at least 2018 with tens of thousands of new positions opening up.

Web Administration

The web administrator, also known as a webmaster, but more precisely referred to as a web server administrator, is responsible for maintaining websites. This differs from the development of websites (see Web Developer, in Related Careers). Specifically, the web administrator must install, configure, maintain, secure, and troubleshoot the web server. The web server is software that runs on one or more computers. The web administrator may or may not be responsible for the hardware. Typically, the web administrator is not a system administrator on that or those computers. Therefore, the web administrator will have to work with the system administrator on some aspects of installation and configuration.

Configuration involves setting up configuration files to specify such directives as where the web pages will be located, who can access them, whether there is any authorization requirements, what forms of security might be implemented, whether and what documents will be encoded, for instance, using encryption, and what scripting languages the server may execute.

Monitoring the web server’s performance permits the administrator to fine-tune aspects of the server. This might include, for instance, installing larger capacity or more hard disks, adding file compression, and reducing the number of server side scripts. Additionally, monitoring via automatically generated log files provides the administrator with URL requests that could be data mined to discover client browsing behavior.

Securing the web server becomes critical for businesses. The web administrator may be required to set up password files and establish locations where server scripts can be stored and tested. Security may be implemented directly through the web server software, or added through the operating system, or some combination. Security issues may be discovered by analyzing the same log files that are used for data mining.

Web server software is made up of various lesser programs. These programs handle any number of server-related tasks from the simple retrieval of files of URL requests to logging to error handling to URL redirections. There are free web servers such as Apache as well as popular commercial web servers such as IBM WebSphere, Oracle WebLogic, and Microsoft IIS. The web administrator may or may not be involved in the selection of the web server software, but it is the web administrator’s job to understand the software selected and make recommendations on how best to support the software with adequate hardware. Hardware decisions might involve whether the server should be distributed across numerous physical computer servers, whether the server requires multiple IP addresses, and what type of storage system should be used. In monitoring the web server’s performance, the web administrator can make informed recommendations on upgrades and improvements to the hardware.

Web server administrators may be required to either perform application development themselves or to support the developers. Support might be in the form of installation of additional web server modules such as those that can execute Perl or PHP code. There may also be policy decisions that impact development, such as the requirement that all scripts execute outside the web server on another computer or all scripts being stored in a common cgi-bin directory.

Although the web server administration may work for a large organization that wishes to have a presence on the Internet, there are also opportunities to work for companies that host websites. In such a case, a single server might be used to host multiple websites of different companies. The administrator has the added challenges of ensuring the web server(s) performance and dealing with several groups of web developers.

Web master salaries can vary greatly from $40,000 to $90,000 with an average around $55,000. There are fewer certifications available for web administrators. The primary form is known as a Certified Internet Webmaster Server Administrator. This is one of many under the abbreviation CIW, but most of the CIWs involve web development.

Database Administration

Like web administrators and system administrators, database administrators have a long list of important responsibilities, but with a focus on the design, development, and support of database management systems (DBMSs). Tasks will include installation, maintenance, performance analysis, and troubleshooting as with the other administrative areas. There are specific applications, performance tuning parameters, account creation, and procedures associated with the DBMS that are separate from those of system administrators and web administrators. The database administrator may also be involved with the integration of data from older systems to new. As many or most database systems are now available over the Internet (or at least over local area networks), the administrator must also ensure proper security measures for remote access.

There are many different types of DBMSs. The most popular are relational databases such as Oracle, MySQL, or Microsoft SQL Server. But other types of database technology are on the rise including NoSQL databases and databases focused on cloud computing. As with all areas of technology, the continued growth of new database technology requires database administrators to be in a pattern of constant learning and self-improvement.

Unlike a web administrator who will probably not be involved in web development, a database administrator is often expected to play a role in application design and development. This may be by assisting the application developers with the design of the databases needed to effectively support those applications. This requires a unique set of skills that include database modeling, schema development, normalization, and performance tuning.

Because of the more specialized nature of the database administrator, salaries are higher than in the other IT roles listed above. Median average salaries are around $70,000 with the highest salaries being over $110,000. Certifications are primarily those of particular DBMS software such as the Microsoft Certified Database Administrator, Oracle Certified, and MySQL Certification.

Computer Support Specialist

Computer support specialist is somewhat of an umbrella term. Certainly, some of the roles of the support specialist could be a responsibility of a system administrator. The support specialist primarily operates as a trainer and troubleshooter. Training tasks may include the production of material such as technical manuals, documentation, and training scripts. Training may take on numerous forms from group training, individual training, training videos, and the production of training videos and software.

Troubleshooter might involve working the help desk (see below), training help desk personnel, and overseeing the help desk personnel. It might also involve helping out other IT personnel such as the system administrator(s) and network administrator(s). Tasks for the computer support specialist may be as mundane as explaining how to log in or how to start a program, stepping a user through some task such as connecting to the network file server or a printer, or as complex as discovering why organizational members are unable to access a resource.

At an entry level, the computer support specialist serves on the help desk. Such a person will answer phone calls and e-mails of questions from users. The types of questions posed to a help desk person will vary depending on the organization that the person works for. For instance, if you were on the help desk for an Internet Service Provider, you might receive phone calls from clients who cannot connect or have slow Internet connections. As a help desk person, you would have to be able to answer common questions and know how to locate answers for less common questions or be able to refer clients to others who have more specialized knowledge. You would also hear a lot of questions that might cause you to laugh. Be prepared to talk to some ignorant (technologically speaking) people! Here are some examples of (reportedly) true help desk conversations.*

• “What kind of computer do you have?” “A white one.”
• Customer: “Hi, this is Rose. I can’t get my diskette out.” Helpdesk: “Have you tried pushing the button?” Customer: “Yes, sure, it’s really stuck.” Helpdesk: “That doesn’t sound good; I’ll make a note.” Customer: “No. Wait a minute. I hadn’t inserted it yet. It’s still on my desk. Sorry.”
• Helpdesk: “Click on the ‘My Computer’ icon on to the left of the screen.” Customer: “Your left or my left?”
• Helpdesk: “Good day. How may I help you?” Male customer: “Hello, I can’t print.” Helpdesk: “Would you click on start for me.” Customer: “Listen pal; don’t start getting technical on me! I’m not Bill Gates, you know!”
• Customer: “Hi, good afternoon, this is Martha, I can’t print. Every time I try, it says, ‘Can’t find printer’. I’ve even lifted the printer and placed it in front of the monitor, but the computer still says it can’t find it.”
• Helpdesk: “Your password is the small letter ‘a’ as in apple, a capital letter ‘V’ as in Victor, and the number ‘7’.” Customer: “Is that ‘7’ in capital letters?”
• Customer: “I have a huge problem. A friend has put a screensaver on my computer, but every time I move the mouse, it disappears!”
• Helpdesk: “How may I help you?” Customer: “I’m writing my first e-mail.” Helpdesk: “Okay, and what seems to be the problem?” Customer: “Well, I have the letter ‘a’ in the address, but how do I get the circle around it?”

With remote desktop access, a computer support specialist is able to “take control” of a person’s computer remotely. This allows the specialist to better understand, diagnose, and resolve problems. It also allows the specialist to work with little input from the person who is having difficulty. This can save time if the person is unknowledgeable about the computer or the problem.

Unlike the administrative careers, support specialists may not have a 4-year degree nor specialized skills other than those necessary to work at the help desk. However, those with a 4-year degree are more likely to receive promotions and move on to more challenging, and probably more enjoyable, tasks. Salaries vary especially since support specialists can be part-time or full-time employees. Salary ranges can be as low as $25,000 and as high as $70,750, although support specialists more commonly make in the $30,000 to $45,000 range.

IT Management

In addition to requiring strong and often specialized technical skills, all of the IT careers described here require communication and collaboration skills. These soft skills permit the IT specialist to work well with end users, application developers, and upper management. This is one of the reasons why employers are now seeking IT personnel among those potential employees who have a 4-year IT degree that provides a well-rounded education, beyond merely technical training.

Those IT personnel who can demonstrate interpersonal communication, leadership, and understanding of business practices may find themselves well positioned for future IT management positions. The IT Manager is one who understands both the technical side of the IT infrastructure in order to understand the problems that need resolving as well as the management side of the business in order to oversee technical staff and communicate readily with upper management. An IT Manager will be a project manager who will have to establish deadlines, work with external constituents, handle and possibly propose budgets, and make decisions regarding the project(s) being managed. Additionally, hiring and firing may be part of the IT Manager’s responsibilities.

The management positions are typically at a higher pay rate than the technical fields described earlier. If your goal ultimately is to obtain such a management position, you would be best served by increasing your opportunities during your college education. These opportunities include joining college clubs and organizations, participating in student governance, and taking additional classes in business areas such as project management, economics, accounting, and leadership. Oftentimes, a student who is seeking further career advancement will return to school for an advanced business degree such as an MBA or MIS, or an advanced technical degree such as a Master’s Degree in CIT. IT Managers could potentially make salaries twice that of technical employees.

Related Careers

There are other careers that overlap the content covered in a 4-year IT degree. The following list discusses a few of these.

Computer Forensics

Typically, a person who enters a career in computer forensics will have either a computer forensics degree itself, or will have a technical degree with additional background in criminal justice. The technical degree might be computer science, IT, or computer engineering. As computer forensics is a new and growing field, there are few undergraduate programs that offer a complete curriculum in the topic. However, many computer science and IT programs are adding computer forensics classes or minors. Additionally, graduate programs in computer forensics, or the related IS security, are on the rise.

Aside from technical skills learned in IT or computer science programs, one would need practical knowledge in operating systems, computer security, computer storage, software applications, cryptology, and possibly both programming languages and software engineering. Additionally, strong analytical skills are an essential.

A person who works in computer forensics is not just securing computer systems or looking for evidence of break-ins and tampering. Instead, one must provide evidence in computer crime cases to the law enforcement agencies that might hire you. Therefore, you must understand how to build a case and how to identify, collect, preserve, and present evidence in a legal manner.

Job opportunities in computer forensics abound today. Options include working directly for law enforcement, consulting with law enforcement, or working for organizations that have a vested interest in protecting their data and prosecuting violators, such as banks and corporations. Salaries are substantially higher presently than those of other IT careers, with annual salaries being in the $75,000–$115,000 range and an average of $85,000. However, without the specific degree in computer forensics, your options may be more limited than students who have obtained the full 4-year degree.

Web Development

There are many different roles that one might play in web development. An organization might hire a single individual to get their company “up on the web” or a company may hire a staff of web developers. Therefore, the specific role that a web developer might play could vary depending on the company and the situation. What is clear, however, is that the web developer has different skills than the website administrator discussed in Web Administration.

Web developer skills include the ability to use HTML, CSS (cascaded style sheets) and various scripting languages. Scripting might be done in JavaScript, Ruby, Python, Java Applets, Active Server Pages (ASP), Visual Studio .Net (including Visual Basic, C++, or C#), Perl, and PHP. Although a web developer would not be expected to know all of these languages, it is likely that the web developer would use several of them. While the programming aspect of the web developer is important, the web developer would not necessarily require a computer science degree (although we do tend to see a lot of computer scientists as web developers).

A web developer may need to know how to build aesthetically pleasing web pages with the use of proper color, layout, graphics, animation, and so forth. The web developer would also need to understand many of the technical and societal issues related to the Internet. For instance, understanding the nature of network communication, bandwidth speeds, disk caching, and the use of proxy servers would help a web developer build a more efficient and easier to download website. Understanding societal issues can be critical in securing a website from attacks, ensuring data integrity of the website, and ensuring that the website content is politically correct. There are also a number of accessibility concerns so that people with various types of handicaps can still visit and maneuver around the site without complication. It is now a federal law that websites of federal agencies and agencies funded by the government be accessible to people with handicap.

Web development itself includes several different tasks that incorporate graphic design and art, business, database access, telecommunications, human–computer interaction, and programming. Specifically, web application development involves writing server-side scripts and other server applications in support of dynamic web pages and interactions with the server and database.

Web developer positions are in high demand these days. On the other hand, they have a tremendous salary range, possibly reflecting the wide range of companies that are looking to create a web portal for their companies. Salaries can be as low as $30,000 and as high as the mid $70,000 range. There are also a number of certifications available to improve your status. These include the Microsoft Certified Professional Developer, several CIW Web Developer certificates (see the “Web Administration”), HTML Developer Certification, and Sun Certified Web Component Developer, to name a few.

Programming/Software Engineer

Historically, computer programmers have come from any number of disciplines including the sciences, mathematics, and business. The computer science degree became popular starting around 1980. Today, companies do not hire programmers, they hire graduates of computer science programs (or in some cases, computer engineering). With the increased emphasis on software engineering, some schools now have software engineering programs, which are similar in many ways to computer science programs.

The computer science discipline provides a different type of foundation than that of IT. For the computer scientist, a mathematical grounding is necessary to study topics in computability and solvability. These topics give the computer scientist the tools to measure how challenging a given problem is to solve (or whether it is solvable at all). The computer scientist also studies computer organization and operating systems to understand the underlying nature of the computer system. The computer scientist also studies a wide variety of algorithms and data structures and implements programs in a number of programming languages.

As with the IT individual, the computer scientist/software engineer must keep up with the field. However, whereas the IT specialist will largely study the latest operating systems, their features, tools, and security measures, the computer scientist will study new languages and programming techniques. There are certifications for programmers although with a 4-year degree in the field, the certifications may not be very necessary. Salaries, as shown in Table 16.1, tend to be higher in computer science/software engineering than they do in other IT areas, with the notable exception of IT management.

One particularly potent mixture of coursework is to combine the IT degree with computer science coursework. This provides the IT individual with an excellent programming foundation. Alternatively, the computer scientist is well served by taking additional IT courses to gain an improved understanding of operating systems, networks, and computer security.

Information Systems

As described in Chapter 15, IS have existed for longer than computers. An information system is in essence a collection of data and information used to support management of an organization. Most commonly, the organization is some sort of business although it does not have to be. The field of IS is somewhat related to computer science in that IS includes the study of computer hardware, software, and programming. However, the emphasis on software revolves around business software (e.g., DBMSs, spreadsheets, statistical software, transaction processing software), and the study of hardware often revolves around networks and to a lesser extent, storage. The IS discipline covers a number of business topics including introductory accounting and economics and quite often includes several courses in management as well as soft skills that are less emphasized in computer science.

The IS employee might take on any number of roles within an organization from project management to systems development to research. As a project manager, a person is in charge of planning, designing, executing, monitoring, and controlling the project. During the planning and design phases, a manager will be required to produce specifications, and time and cost estimations. The manager may be required to hire employees to support the project. During execution, monitoring, and control phases, the manager coordinates with each project implementation group to keep tabs on progress, determine problems, and resolve the problems by obtaining additional resources. Although the IS manager does not have to have the technical skills of the employees that he or she is managing, it is essential that the IS manager understand the underlying technology.

In IS development, the IS employee is part of the implementation team. Implementation may require programming in a high level language (e.g., Visual Basic, COBOL, or Java) but is just as likely or more likely to use tools that provide the IS person with a greater degree of abstraction over the specific details of the computer code. Many of these tools are referred to as 4th Generation Languages (4GLs), implying that these are programming languages developed during the fourth generation of computing. These languages include report generators, form generators, and data managers such as Excel, Access, SAS, SPSS, RPG, Mathematica, and CASE Tools, and more recently XBase++, Xquery, and Oracle Reports.

IS research examines IS modeling approaches and IS tools. In modeling, one attempts to identify a way to represent some organizational behavior, whether it is the transactions used in an organization’s IS or the way that knowledge is transmitted between organizational units or some process in between. Given a model, the researcher defines methods to perform some task on the model. The model and methods must be specific enough so that the researcher is able to simulate the organization’s processes sufficiently to demonstrate that the model and methods capture the expected behavior. Given the model, the researcher can then attempt to define improvements to the organization’s processes and policies.

Computer Technician

The computer technician is often someone who will work directly on computer hardware installation, repair, and troubleshooting. Commonly, a 2-year technical degree is enough to train a person for such a position. Experience and skill may be gained in other ways such as by putting together computers from parts as a hobby. The computer technician will have to understand the role of the various pieces of hardware in a computer system and understand the electrical engineering technology behind it—such as testing whether a device is receiving power. Skills might include wiring/soldering, using various electrical tools, and troubleshooting. Computer technicians are often not paid very well as there is both less need for computer technicians today and because the skills are not highly specialized.

IT Ethics

As computers play an increasingly important role in our society, IT specialists must become aware of the impacts that computers, and IT in general, have on society. The issues include maintaining proper ethical conduct, understanding legal issues, enforcing IT-related policies, maintaining data integrity and security, and identifying risks to data and employees. Not only will you have to understand these for yourself, but you may also be responsible for the development, implementation, and education of company policies.

Figure 16.1 lists the 10 Commandments of computer ethics, as published by the Computer Ethics Institute, Washington, DC.† Computer ethics is nothing new (the concept originated in 1950, although most of the emphasis on computer ethics has targeted proper ethics for programmers). But with IT as a growing field, the notion of ethical conduct must be expanded to include those in charge of computer systems rather than those who create computer systems. The primary concern regarding IT specialists is that they have greater privileges with respect to the computer systems—they have access to all or many resources. Therefore, they must act in an appropriate manner so that they do not violate the trust that the employers place in them to supervise these systems.

Aside from the 10 Commandments, as listed in Figure 16.1, other organizations have provided computer ethics codes of conduct. These include the Association for Computing Machinery (ACM), the British Computer Society, and the Institute of Electrical and Electronics Engineers (IEEE). These codes of conduct primarily relate to programmers and emphasize professional competence, understanding the laws, accepting professional review of their work, providing a thorough risk assessment of computer systems, honoring contracts, striving to improve one’s understanding of computing and its consequences, and so forth. These codes combine notions of ethics as they pertain to technology as well as ethics of being a professional.

There are a number of issues that any organization must tackle with respect to proper computer ethics, and in particular, the role of administrators. These include notions of privacy, ownership, control, accuracy, and security.

• Privacy—under what circumstances should an administrator view other people’s files? Under what circumstances should a company use the data accumulated about their customers?
• Ownership—who owns the data accumulated and the products produced by the organization?
• Control—to what degree will employee actions be monitored?
• Accuracy—to whom does the responsibility of accuracy fall, specific employees or all employees? To what extent does the company work to ensure that potential errors in data are eliminated?
• Security—to what extent does the company ensure the integrity of their data and systems?

In this section, we will focus first on ethical dilemmas that might arise for an IT professional. Afterward, we briefly examine some policy issues that an IT professional might be asked to provide in an organization.

For the following situations, imagine yourself in the given position. What would you do?

• Your boss has asked you to monitor employee web surfing to see if anyone is using company resources to look at or download pornography. Is it ethical for you to monitor the employees?
• Your boss has asked you to examine a specific employee’s file space for illegally downloaded items. Is this ethical?
• You find yourself with some downtime in your job. You decide to brush up on your knowledge by visiting various technology-related websites. Among them, you read about hacking into computer systems. Is it ethical for you to be reading about hacking? Is it ethical for you to be reading about hacking during work hours?
• You have noticed that the e-mail server is running out of disk space. You take it upon yourself to search all employee e-mail to see if anyone is using company e-mail for personal use. Is this ethical?
• You have installed a proxy server for your organization. The server’s primarily purpose is to cache web pages that other users may want to view, thus saving time. However, the proxy server also creates a log of all accesses. Is it ethical for you to view those accesses to see what sites and pages fellow employees have been viewing?
• You are a web administrator (not a web developer). One of the sites that your company is hosting contains content that you personally find offensive. What should you do? If the content is not obscene by the community’s standards, would this alter your behavior? What if you feel the content would be deemed obscene by your community?
• You are a web developer. You have been asked by the company to produce some web pages using content that they provide you. You believe the content is copyrighted. What should you do?
• You work for an organization that is readying a product for delivery. Although you are not part of the implementation team, being an IT person, you know that the product is not yet ready but management is pressuring them to release the product anyway, bugs and all. What should you do?
• Your boss asks you to upgrade the operating system to a newer version that has known security holes. Is it ethical to do so?
• You fear that your boss is going to fire you because of a number of absences (all of which you feel were justified). You decide, as a precaution, to set up a secret account (a backdoor). Is this ethical? Is this legal?
• Your organization freely allows people to update their Facebook pages on site. You are worried that some of your employees are putting up too much information about themselves. Is it your place to get involved?
• Your organization has a policy prohibiting people from using Facebook at work. You notice one of your colleagues has modified his Facebook page during work hours. Should you report this?

As can be seen from these example situations, you may be asked to put yourself into a position that violates employees’ privacy or confidence. When asked to monitor employees, you are being asked to spy on them. In order to be ethical, you need to consider many factors. These factors include the company’s policy on employee usage of computers and facilities and the role of the IT specialists. Without stated policies, it is difficult to justify spying on employees. On the other hand, even if a company has policies, how well are those policies presented to the employees? If they are unaware of the policies, the policies do little good.

As an IT specialist, your role might include the development and implementation of IT policies (on the other hand, the policies may be specified solely by management). Policies should reflect the ethical stance of the company as well as the law. Policies should cover all aspects of IT usage. Specifically, policies should define:

• The role that IT plays in the company
• Proper employee usage of IT
• The employee’s rights to privacy (if any)
• Proper usage of data
• Security and privacy of data
• Ownership of ideas developed through IT in the company (intellectual property)
• How the company handles copyright protection issues

Drafting policies may be a foreign concept to an IT specialist. It might be best handled by management. However, the IT specialist must be well versed in the organization’s policy in order to make decisions that do not violate the policy. Without knowing the policy, your answers to the earlier questions could put you at risk.

Just as an IT specialist should understand both the policies of the organization as well as the proper ethical stance, understanding the laws is equally important. Consider a situation in which your boss has asked you to install software that he hands to you on a CD-R. Was this software purchased legally? Are there licenses with it? If not, do you go ahead with the installation? Just because your employer has asked you to perform a task does not mean that the task is either ethical or legal. Knowing the law can not only protect you but can also help you inform your employer about potentially illegal situations. Unfortunately, understanding the laws that regulate IT and software can be challenging. Even if you can identify the laws, they are often written vaguely and in legalese.

Consider as an example that your company has created a policy whereby all employees will be known by their social security number. That is, the social security number will serve as their unique identifier for database entries. As such, it is also used in their log in process. Because it is part of their log in, social security numbers are stored in world-readable files in the operating system (for instance, /etc/passwd). As the system administrator, what will you do? Is the use of social security numbers a violation of a company policy? No. Is it illegal? Not strictly speaking. Is it unethical? Probably.

You convince management that using the social security number for log in purposes is a bad idea, and therefore these secure data are removed from any world-readable file. Yet, the values are still available in company databases of which you and the database administrators and database managers still have access. Is this unethical? No, because those who have access are those that the company decrees as having a legitimate need to access such data. However, how can the company assure their employees that the information is secure? The people who have access to secure data need additional training in understanding the sensitivity of such data. The IT staff have the added responsibility of protecting devices that store this sensitive data, such as laptop computers.

Other Social Considerations

The IT professional must understand the consequences of IT decisions. Thus, beyond ethics and law, beyond organizational policy, the IT specialist should also understand key social concerns. Some of the concerns that our society faces are described in this section.

Digital divide. There are gaps in access to computers and the Internet. These gaps impact races, genders, income levels, and geographical locations. The gender gap has been greatly reduced in most societies, especially with the popularity of social networks. But the gaps that occur between technologically advanced and wealthy nations over poor nations continue to grow. Because the Internet has afforded those who have access a tremendous amount of information at their fingertips, those without access become even more disadvantaged with respect to an informed life, a healthy lifestyle, education, and employment. Governments and multinational corporations have addressed the digital divide, but it continues to be a concern. Although, as an IT specialist, you may never have to deal with the ramifications of the digital divide, understanding it might help your organization create reasonable policies.

Computer-related health problems. Heavy computer usage can cause a number of health problems. The primary problems are repetitive stress injuries (RSI) and eye strain. One of the more common forms of RSI is carpal tunnel syndrome, a muscular problem that impacts the wrist. This is often caused by extensive misuse of the keyboard and mouse. Aside from RSI, back strain, sore shoulders and elbows, and even hip and knee strain are often attributed to heavy computer usage. The list of problems also includes headaches and stress. These problems are well documented, and there are a number of solutions. Ergonomics, the study of designing equipment and devices that better fit the human body, and HCI (human–computer interaction) have given us better furniture, computer monitors that are easier on the eye, and less destructive forms of interaction with the computer (e.g., a track point instead of a mouse). In spite of ergonomics, people continue to have health problems because of poor posture or just simply because they are not remembering to take breaks from their computer usage. The IT specialist should understand ergonomic solutions and utilize them when requesting computing resources.

Maintaining privacy. Threats to an individual’s privacy continue to increase. There is already a plethora of private information about you that is made public. This includes such facts as your date of birth, your residence, the car(s) you drive, and when and to whom you are married. Most of this information is made publicly available because, by itself, it does not pose a serious threat to your privacy or life. However, through social networking, websites, and blogs, people are regularly volunteering more information.

Consider a person who tweets that he and his family are leaving town for a weeklong trip. A clever thief could locate the person’s home and, knowing that the house will be empty for a week, break in, and rob the person. Such publicizing of one’s own private information has been called digital litter. Understanding the threats of such self-advertising is important to all computer users in this age of identity theft. Informing employees of the threats may fall on the IT personnel. However, the threats can be far more serious. Phishing attempts are used by scammers to obtain secure information from people directly. A common example is a phone call (or e-mail) claiming to be from an authorized IT person telling you that IT has lost pertinent data (such as your password or social security number) and that you must provide the caller with this information or else your account will be disabled.

Internet addiction. The number of hours that many people are now spending using computers has surpassed the number of hours that they view television. This is a remarkable change in our society. Part of the reason for this shift is that people have become obsessed with electronic forms of communication. These include e-mail, blogging, and social networking sites. This need to always be online has been dubbed Internet addiction, and some people suffer so greatly that they cannot keep their hands off of their smart phones when they are away from home. We see this in the extreme when people are at social events (e.g., movies, out to dinner) spending more time on their smart phones than interacting with people in person. This particular social concern may not directly impact your organization. However, many employers have become concerned with the diversions that impact their employees. Internet addiction can have a tangible impact on work performance.

Obscenity and censorship. The Internet has opened up the ability for people to read and view almost anything on the planet. Unfortunately, not everything presented on the Internet would pass people’s moral compasses. Between pornography websites, violent video content (viewable at sites such as YouTube), and the diatribes posted by disturbed individuals, there is material on the Internet that people will label obscene. Obscenity has long been an issue in our society. Rating services, the Federal Communications Commission (FCC), and watchdog organizations attempt to police movies, television, and radio. However, policing the Internet is an entirely different matter because of its global nature and enormous content. Censorship might be implemented within an organization through a firewall and/or proxy server to block specific content, or content from specific sources. As with many of the issues discussed above, awareness and education are important. Policies on proper computer usage may also provide solutions. Web developers and administrators should have familiarity with the issues to ensure that their website complies with laws and regulations.

Continuing Education

We have already used the term “lifelong learner.” What does this mean? The phrase implies that you will continue to study throughout your life. This is critical for an IT professional because IT continues to change. Recall the various histories presented in this text of computer hardware, software, operating systems, and programming languages. Each area (computer engineering, software engineering, systems engineering) has required that the employees working in that field continue to learn. Without this, as newer technologies emerge, the employee is not able to use them. The employee is now holding the company back from improving itself. It is likely in such circumstances that the employee is determined to be a liability and eventually laid off. Therefore, continuing education in any technology-oriented field is critical. For IT professionals, continuing education is not merely a matter of remaining valuable to your organization, but a matter of helping your organization make informed decisions on future technology directions.

There are numerous forms of continuing education available in IT. Most of these forms revolve around you learning on your own. There are many sources available to learn from, but it is up to you to take the initiative to find and use those sources. Among the forums available are trade magazines and journals, whether they are part of the popular press such as Wired, New Scientist, Dr. Dobb’s Journal, or more academically oriented such as IEEE and ACM publications. Table 16.2 provides a list of some of the more relevant IT publications from IEEE and ACM.‡

Two problems with reading the more academically focused journals are that they tend to emphasize cutting-edge research rather than the industry-available technology and they are presented at a level that might be more amenable to graduate students and faculty. Therefore, as an IT professional, you might prefer instead to research technology through the wide variety of books and websites.

There is a large market in technology books. In fact, just about every IT topic will have several dozen books published on it, from users’ guides to “dummy guides for” style books. Among the more popular IT publishers are Thompson Course Technologies, O’Reilly, Elsevier, and Springer Verlag.

Many technology-oriented websites are created and maintained by IT professionals. They publish their knowledge as a service to others who can benefit by learning from them. There are, for instance, a large number of websites that include information about the Linux operating system, the Windows 7 operating system, the Internet, the Apache web server, and so on. These sites can not only provide you with “how to” knowledge, but also up-to-date tips on known problems and security patches.

If you are not very comfortable learning on your own, guided forms of continuing education are available. These include courses (whether online, through technical schools, through your own organization, or offered by universities) that can prepare you for certification or can broaden or deepen your knowledge. Many companies will support their IT professionals by paying for various forms of continuing education. For instance, the company might pay for your tuition in seeking either an advanced degree or a certificate. A variety of certifications are listed in IT Careers. Today, there exist a very large number of certifications in or related to the IT field. When you interview for IT jobs, you might ask what certifications the organization finds valuable.

There are also trade conferences taking place all over the world, several times per year. These conferences include those sponsored by Adobe, Oracle, VMware, Microsoft, and IBM. Others cover topics such as cloud computing, web services, web 2.0, databases, networking, virtualization, interoperability, emerging technologies, cryptography, and IT best practices to name but a few. As with continuing education courses, it is common for companies to pay for their IT professionals to attend such conferences.

In essence, to continue your IT education, you have to be willing to learn. Hopefully, you are already a self-learner and that continuing your education, whether because your employer finds it valuable or because you are curious, will be something that you will enjoy.

Further Reading

There are many books dealing with computer ethics. Here are a few of the more notable ones.

• Edgar, S. Morality and Machines. Sudbury, MA: Jones and Bartlett, 2003.
• Ermann, M., Williams, M., and Shauf, M. Computers, Ethics, and Society. New York: Oxford University Press, 1997.
• Johnson, D. Computer Ethics. Englewood Cliffs, NJ: Prentice Hall, 1985.
• Johnson, D. and Snapper, J. Ethical Issues in the Use of Computers. Belmont, CA: Wadsworth, 1985.
• Spinello, R. Cyberethics: Morality and Law in Cyberspace. Sudbury, MA: Jones and Bartlett, 2011.
• Spinello, R., and Tavani, H (ed.). Readings in CyberEthics. Sudbury, MA: Jones and Bartlett, 2004.

Information on IT careers can be found at a number of websites including careerbuilder.com, cio.com, dice.com, infoworld.com, itjobs.com, ncwit.org, techcareers.com, and ACM’s SIGITE (Special Interest Group for Information Technology Education). IT certification information can be found through MC MCSE certification resources at www.mcmcse.com or directly at the various websites that offer the certifications such as through Microsoft and Cisco.

Review Terms

Terminology from this chapter

Censorship Internet addiction

Certification IT manager

Computer forensics Network administrator

Computer scientist Obscenity

Computer support specialist Phishing

Computer technician Repetitive stress injuries

Database administrator Soft skills

Digital divide Software engineering

Ergonomics System administrator

Forensics Website administrator

Help desk staff Web developer

Review Questions

1. Why is it important to earn a 4-year IT degree from an accredited institution if you want to work in the IT field?
2. What nontechnical skills might an IT person be required to have?
3. What are the skills necessary to be a system administrator?
4. What are the skills necessary to be a network administrator?
5. What are the skills necessary to be a database administrator?
6. What are the skills necessary to be a website administrator?
7. How does website administration differ from web development?
8. What are the skills necessary to be an IT manager?
9. What types of material will a person study for a career in computer forensics that differs from IT?
10. Why do help desk and computer technician careers require less education than other IT areas?
11. Which of the various IT related careers require an understanding of computer programming?
12. Of the various IT related careers, which one(s) would not necessarily require a 4-year degree?
13. What are the various forms of continuing education available to an IT professional?
14. What types of training would a computer support specialist be asked to provide in an organization?
15. As a system administrator, is it your responsibility to understand current laws as they pertain to IT? Would your answer change if you were a network administrator, database administrator or web administrator?
16. Under what circumstances might you be expected to write computer user policies for your organization?
17. As a system administrator, what kind of policy might you propose for disk quotas in an organization where all employees use a shared file server? Would this policy differ if you were the system administrator for a school/university?
18. As an IT professional, why would you have to understand health-related problems of computer usage?
19. As an IT professional, why would you have to know about privacy concerns?
20. For which of the various IT careers would an understanding of obscenity and FCC regulations be important?

Discussion Questions

1. Imagine that you have been trained (either through a formal education, on your own, or through prior work experience) to be a system administrator. To what extent should you learn about the other IT areas (e.g., network administration, web server administration)?
2. Should an IT education cover all of the various areas of IT such as computer forensics, database administration, web developer, or should it concentrate on one area (presumably system administration)?
3. Your employer has asked you to do something that you believe is unethical but legal. What should you do about it?
4. Your employer has asked you to do something that is illegal. What should you do about it?
5. What is the difference between something being unethical and something being illegal? Why are they not the same?
6. Your best friend at the organization that you work for is doing something that violates your organization’s policies. What should you do about it?
7. As a system administrator, under what circumstance(s) might it be ethical for you to examine employee files and e-mails? If you discover that an employee has illegally downloaded content stored on company file servers, under what circumstances should you report this? Are there circumstances when you should not report this?
8. To what extent should an organization seek input from the IT personnel regarding IT policies? If management creates such policies without involvement from the IT personnel, should the IT personnel provide a response?
9. Assume you work for a small organization of perhaps 15–20 individuals. You would like to have policies that address the digital divide. Try to come up with two to three policies that either promote education about the digital divide, or might help your organization (or your community) lessen the divide. If you worked for a large organization of hundreds of individuals, would your answers differ?
10. Explore one of the codes of conduct mentioned in IT Ethics. Do you find that the listings pertain to IT specialists as much as they do to computer programmers?
11. Your organization has a policy that says that work computers should never be used for personal use. Your boss has asked you, as system administrator, to collect all employees’ Facebook passwords so that the boss can log into their Facebook accounts to make sure that they are not accessing Facebook during work hours. Is the company’s policy legal? What should you do?
12. It is not necessarily an IT person’s responsibility to tackle issues covered in Other Social Considerations (e.g., digital divide). How important is it for an IT person to be aware of the issues?
13. How might an organization be impacted by obscenity, Internet addiction, and the digital divide?
14. As an IT person, should you provide input into your organization’s IT policies in order to help resolve such issues as the digital divide and digital litter?
15. Continuing education is perhaps one of the most critical aspects to keeping up with the continual evolution of IT. Explain how you hope to continue your education.
16. Go to spokeo.com and enter your name and location. Find yourself and examine the content that has been made available. Do you feel that a website such as spokeo.com is doing a public service or disservice? How much of the information that you found there do you feel threatens your privacy? Do you feel that you should be able to do something about it like protest or have the information removed?
17. Given the privacy threats that a site like spokeo.com point out because of the Internet and social media, discuss the pros and cons of social media. Do the benefits outweigh the privacy concerns?

---