Forwarded From: 7Pillars Partners <partners@sirius.infonex.com>
Posted To: IWAR list <iwar@sirius.infonex.com>
Posted at 7:49 a.m. PDT Monday, April 27, 1998
Survey: Collision of technology, ethics seen
BY DEL JONES
USA TODAY
At Pixar Animation Studios earlier this year, someone broke into the
payroll database and spun off companywide e-mail listing the
compensation of all employees.
Adding insult, the intruder tried to make the message appear as if it
came from Pixar CEO Steve Jobs. The culprit has yet to be found.
At Digital Equipment, workers have invaded the computer files of
co-workers to make electronic copies and claim the work as their own.
Others, having let deadlines lapse, blamed the computer for losing their
work.
Such are the high crimes and misdemeanors of the computer age. A new
study being released Monday shows the expanding use of technology and
eroding business ethics may be on a collision course in the modern
workplace. These two powerful forces are converging to present new
ethical dilemmas for workers and challenges for businesses. Companies
are scrambling to re-write policies and develop security methods that
work.
Forty-five percent of workers say they have committed at least one of a
dozen actions over the past year that are either unethical or fall into
a gray area, according to the survey of 726 workers. The survey was
sponsored by the American Society of Chartered Life Underwriters &
Chartered Financial Consultants and the Ethics Officer Association.
The ethical abuses range from the relatively minor -- 13 percent of
workers say they have used company computers to shop the Internet -- to
the potentially catastrophic -- 4 percent of workers say they have done
something to sabotage the computer system or data of their company or
co-workers.
Other actions fall somewhere in between: 6 percent say they accessed
private computer files without permission; 5 percent listened to a
private cellular phone conversation; 13 percent copied company software
for personal reasons; and 11 percent reported to work, logged on and
searched the Internet for another job.
In response to these new challenges, more than a third of major
companies believe they have little choice but to monitor telephone voice
mail, computer e-mail, Internet access, even individual strokes on the
keyboard in a Keystone Cops way of attempting to control what technology
makes uncontrollable. Major companies that never dreamed of warehousing
their regular mail, save every byte of e-mail for three to six months,
said Raytheon Ethics Director Pat Rodgers.
While a few employees have always stolen trade secrets, it has become
easier to do. Once it took enough moxie and muscle to haul documents out
in boxes. A few years ago, it simply required slipping a computer disk
into a pocket. Today, a password and the click of a mouse is all that's
needed, said Jim Settle, former head of the FBI's computer crime squad.
Companies, not wanting customers to know of their vulnerability, report
few incidents. But security experts estimate that at least 75 percent of
sabotage comes from inside a company, not from outside hackers.
Omega Engineering of Bridgeport, N.J., has lived the nightmare. The
company, which does work for NASA and the U.S. Navy, suffered $10
million in productivity losses after someone unleashed a software
program known as a ``logic bomb'' that deleted critical computer files.
Timothy Lloyd, who worked at the company for 11 years, has pleaded not
guilty to charges of destroying company data. His lawyer, Jaime Kaigh,
calls it a ``hyper-technical case.'' He said the culprit could just as
easily have been a computer virus known as Little Red. Lloyd faces up to
15 years in prison if he's convicted at a trial set to begin later this
year in U.S. District Court in Newark, N.J.
In this new hyper-technical world, companies have but one easy call:
Block sex Web sites. They have no business application, can spur sexual
harassment suits and can be largely stopped with software costing $1,000
to $5,000 a year.
But other actions are far from clear cut. Weyerhauser usually permits
workers to use the Internet to help their children with school projects,
but bans playing computer games.
Most companies say they frown on workers doing personal Internet
shopping, but pause when asked if they'd rather have them dashing off to
the store. Sports scores? Stock quotes? Not encouraged, but rarely
forbidden if work is getting done.
Chevron now said its attempt to measure nonbusiness use of the Internet
last year ended in utter failure. At first the company was stunned to
learn that 46 percent of visited sites had no business application, but
then decided it was impossible to know the business needs of its 10,000
workers with Internet access. It now concentrates on blocking sex sites
and all but ignores the rest.
Indeed, when it comes to techno-ethics, there is so much gray area that
corporate policies, still being formulated at most major companies, are
little more than pleas for employees to use common sense and do the
right thing.
It's tricky to limit abuse, ``without coming across as Gestapo,''
Rodgers said.
One problem is that ethical abuses spurred by technology range
enormously in gravity. At one end is sabotage and theft of company
secrets. At the other is the prankster like the one who recently had his
co-workers at Northern Telecom picking up telephones that they only
thought were ringing.
The prankster tape recorded the sound of a ringing phone, then
programmed it into the computer network so that the ring rotated from
the speakers of one computer to another. The stunt got laughs, no
complaints and is the kind of thing Nortel Ethics Director Megan Barry
said the company hesitates to discourage in its quest to stimulate
creativity.
But pranksterism is a hairbreadth from trouble. And, everyone is a
potential victim. Someone from a nearby desk or office can sneak onto
your computer and send out harassing e-mails under your identity. Or
they could change the autocorrect spelling function so that when you
type the first name of your boss it becomes something insulting.
Most techno-ethical dilemmas land somewhere between sabotage and
pranksterism. For example:
-- At Weyerhauser, a traveling worker called in fuming when his laptop
was frozen for an hour after he downloaded an e-mail Valentine sent by a
co-worker.
-- A Texas Instruments worker who belonged to an investment club thought
he was being helpful when he posted to an Internet chat room some
company financial information that had not been released to the public.
He was potentially breaking insider trading laws, Ethics Director Carl
Skooglund said. Other Texas Instrument workers have sent out politically
charged messages with company e-mail suffixes, creating the impression
that it may be a company-sponsored position.
-- Raytheon is among companies that often finds workers running side
businesses from their work stations. It used to be Avon sales over the
phone. One of today's favorites is income tax preparation. Companies
auditing worker e-mail have uncovered mountains of personal financial
information flooding in.
Victory may soon be declared in the war on sex-site visits. That gets
the most media attention, but just 5 percent of workers say they have
made such a visit in the last year. The percentage is the same for men
and women.
But even here, many companies are delicate in their responses. The memos
Nortel sends to sex-site abusers warns them that they might want to
guard their passwords more closely because their computer has been
frequently used to access pornography.
``We do not accuse workers, we accuse the computer,'' laughs Barry.
Fifty-five percent of workers say they do manage to stay above the fray
and have committed no techno-ethical violations in the past year. Dallas
sales agent Linda Milton maintains her ethical standards to the point
that she never forwards the barrage of jokes that arrive via e-mail.
Companies consider employee sabotage the biggest techno-ethical threat,
and the FBI warns that it's just a matter of time before the twin forces
of technology and eroding ethics bring a company to its knees.
Since suffering its data losses, Omega Engineering said it has taken
steps so that it would require a ``conspiracy'' of several key employees
to wreak havoc on its system, not just one acting alone. Beyond that,
said Omega's human resources director Al DiFrancesco, ``My first line of
defense is not to discuss it any further.''
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Dimensional Communications (www.dim.com)
Received on Fri May 1 09:01:43 1998