IT Ethics & Cybersecurity

IT 246

Er. Bishal Chaulagain

 Unit 4: Ethical Decision in Software Development
and Ethics of IT Organizations 5 Hrs
➢Software Quality and its Importance
➢Strategies for Developing Quality Software
Contents ➢Use of Contingent Workers
➢ H-1B Workers
➢ Outsourcing
➢ Whistle-Blowing
➢ Green Computing
 Software Quality and Its Importance
➢Software quality is an important part of development because it shows how
good and reliable a product is. It checks how well requirements are met, which
affects how happy users are, how well the system works, and how successful the
project is.
➢To get high quality, we must follow standards that cover more than just
functionality carefully.
➢High-quality software systems are systems
➢that are easy to learn and use because they perform quickly and efficiently,
➢they meet their users’ needs, and
➢they operate safely and reliably so that system downtime is kept to a
minimum.
➢Such software has long been required to support the fields of air traffic control,
nuclear power, automobile safety, health care, military and defense, and space
exploration.
 Software Quality and Its Importance
➢Computers and software are integral parts of almost every business, and the
demand for high-quality software in a variety of industries is increasing.
➢End users cannot afford system crashes, lost work, or lower productivity.
➢Nor can they tolerate security holes through which intruders can spread viruses,
steal data, or shut down websites.
➢Software manufacturers face economic, ethical, and organizational challenges
associated with improving the quality of their software.
➢A software defect is any error that, if not removed, could cause a software system to
fail to meet its users' needs.
➢The impact of these defects can be trivial; for example, a computerized sensor in a
refrigerator’s ice cube maker might fail to recognize that the tray is full and,
therefore, continue to make ice.
➢Other defects could lead to tragedy-the control system for an automobile’s antilock
brakes could malfunction and send the car into an uncontrollable spin.
 Software Quality
➢Software quality is an attribute of software that implies the software meets its
specification or needs of its user.
➢Quality management focuses on defining, measuring, and refining the quality of the
development process and the products developed during its various stages.
➢These products including statements of requirements, flowcharts, and user documentation
are known as a deliverable.
➢The objective of quality management is to help developers deliver high-quality systems
that meet the needs of their users.
➢Unfortunately, the first release of any software rarely meets all its users' expectations.
➢A software product does not usually work as well as its users would like it to until it has
been used for a while, found lacking in some ways, and then corrected or upgraded.
➢One cause of poor software quality is that many developers do not know how to design
quality into software from the very start; others simply do not take the time to do so.
➢To develop high-quality software, developers must define and follow a set of rigorous
software engineering principles and be committed to learning from past mistakes.
 Software Quality
➢In addition, they must understand the environment in which their systems will
operate and design systems that are as immune to human error as possible.
➢Another factor that can contribute to poor-quality software is the extreme pressure
that software companies feel to reduce the time to market their products.
➢They are driven by the need to beat the competition m delivering new functionality
to users, begin generating revenue to recover the cost of development, and show a
profit for shareholders.
➢They are also driven by the need to meet quarterly earnings forecasts used by
financial analysts to place a value on the stock.
 Software Quality
➢The resources and time needed to ensure quality are often cut under the intense pressure to
ship a new product.
➢When forced to choose between adding more user features and doing more testing, most
software companies decide in favor of more features.
➢They often reason that defects can be patched in the next release, which will give
customers an automatic Incentive to upgrade.
➢Additional features make a release more useful and therefore easier to sell to customers.
➢A major ethical dilemma for software development organizations is: "How much additional
cost and effort should we expend to ensure that our products and services meet customers'
expectations?"
➢As a result of the lack of consistent quality in software, many organizations avoid buying
the first release of a major software product or prohibit its use in critical systems; their
rationale is that the first release often has many defects that cause problems for users.
➢Because of the defects in the first two popular Microsoft operating systems (DOS and
Windows), including their tendency to crash unexpectedly, many believe that Microsoft did
not have a reasonably reliable operating system until its third major variation Windows NT
 Software Quality Attributes
➢The quality product is defined in terms of its fitness of purpose traditionally. Where quality
product does exactly what the users want it to do. For software products, fitness of purpose
is usually interpreted in terms of satisfaction of the requirements laid down in the SRS
document.
➢The modern view of a quality associates with a software product several quality factors
such as the following:
➢ Portability: A software product is said to be portable, if it can be easily made to work in different
operating system environments, in different machines, with other software products, etc.
➢ Usability: A software product has good usability, if different categories of users (i.e. both expert and
novice users) can easily invoke the functions of the product.
➢ Reusability: A software product has good reusability, if different modules of the product can easily
be reused to develop new products.
➢ Correctness: A software product is correct, if different requirements as specified in the SRS
document have been correctly implemented.
➢ Maintainability: A software product is maintainable, if errors can be easily corrected as and when
they show up, new functions can be easily added to the product, and the functionalities of the product
can be easily modified, etc.
 Software Quality Management System
➢A quality management system (often referred to as quality system) is the principal
methodology used by organizations to ensure that the products they develop have
the desired quality.
➢A quality system consists of:
➢Managerial Structure and Individual Responsibilities: A quality system is actually
the responsibility of the organization as a whole. However, every organization has a
separate quality department to perform several quality system activities. The quality
system of an organization should have support of the top management. Without support
for the quality system at a high level in a company, few members of staff will take the
quality system seriously.
➢Quality System Activities: The quality system activities encompass the following:
➢ Auditing of projects
➢ Review of the quality system
➢ Development of standards, procedures, and guidelines, etc.
➢ Production of reports for the top management summarizing the effectiveness of the quality system in
the organization.
 ISO 9000 certification
➢ISO (International Standards Organization) is a consortium of 63 countries
established to formulate and foster standardization.
➢ISO published its 9000 series of standards in 1987.
➢ISO certification serves as a reference for contract between independent parties.
➢ The ISO 9000 standard specifies the guidelines for maintaining a quality system.
➢The quality system of an organization applies to all activities related to its product
or service.
➢The ISO standard mainly addresses operational aspects and organizational aspects
such as responsibilities, reporting, etc.
➢ISO 9000 specifies a set of guidelines for repeatable and high quality product
development.
➢It is important to realize that ISO 9000 standard is a set of guidelines for the
production process and is not directly concerned about the product itself.
 Types of ISO 9000 quality standards
➢ISO 9000 is a series of three standards: ISO 9001, ISO 9002, and ISO 9003.
➢The ISO 9000 series of standards is based on the premise that if a proper process is
followed for production, then good quality products are bound to follow automatically.
➢The types of industries to which the different ISO standards apply are as follows.
➢ISO 9001 applies to the organizations engaged in design, development, production, and
servicing of goods. This is the standard that is applicable to most software development
organizations.
➢ISO 9002 applies to those organizations which do not design products but are only
involved in production. Examples of these category industries include steel and car
manufacturing industries that buy the product and plant designs from external sources
and are involved in only manufacturing those products. Therefore, ISO 9002 is not
applicable to software development organizations.
➢ISO 9003 applies to organizations that are involved only in installation and testing of
the products.
 The importance of Software Quality
➢A business information system is a set of interrelated components including hardware,
software, databases, networks, people, and procedures that collects and processes data and
disseminates the output.
➢ A common type of business system is one that captures and records business transactions.
➢For example, a manufacturer's order-processing system captures order information,
processes it to update inventory and accounts receivable, and ensures that the order is filled
and shipped on time to the customer.
➢Other examples are an airline's online ticket reservation system and an electronic funds
transfer system that moves money among banks
➢The accurate, thorough, and timely processing of business transactions is a key requirement
for such systems.
➢A software defect can be devastating, resulting in lost customers and reduced revenue.
➢How many times would bank customers tolerate having their funds transferred to the wrong
account before they stopped doing business with that bank?
 The importance of Software Quality
➢ Another type of business information system is the decision support system (DSS), which is used to
improve decision making in a variety of industries.
➢ A DSS can be used to develop accurate forecasts of customer demand, recommend stocks and bonds
for an investment portfolio, or schedule shift workers in such a way as to minimize cost while
meeting customer service goals.
➢ A software defect in a DSS can result in significant negative consequences for an organization and
its customers.
➢ As a result of the increasing use of computers and software in business, many companies are now in
the software business whether they like it or not.
➢ The quality of software, its usability, and its timely development are critical to almost everything
businesses do.
➢ The speed with which an organization develops quality software can put it ahead of or behind its
competitors.
➢ Mismanaged software can be fatal to a business, causing it to miss product delivery dates, incur
increased product development costs, and deliver products that have poor quality
 The importance of Software Quality
➢ Business executives frequently face ethical questions of how much money and effort they
should invest to ensure the development of high-quality software.
➢A manager who takes a short-term, profit-oriented view may feel that any additional time
and money spent on quality assurance will only delay a new product's release, resulting in a
delay in sales revenue and profits.
➢However, a different manager may consider it unethical not to fix all known problems
before putting a product on the market and charging customers for it.
➢Other key questions for executives are whether their products could cause damage and
what their legal exposure would be if they did.
➢Fortunately, software defects are rarely lethal, and few personal injuries are related to
software failures.
➢However, the increasing use of software to control critical functions in vehicles as well as
manage the operation of medical devices introduces product liability issues that concern
many executives.
 Strategies for Developing Quality Software
➢Software development is complex and dynamic in nature.
➢Businesses can succeed by employing strategies for effective software development.
➢Modern software development experiences breakthroughs and disruptions at a fast
pace.
➢With its dynamic essence, the challenge of managing complexity has become
increasingly necessary.
➢As projects grow in size and complexity, developers and teams must employ strategic
approaches to ensure the successful delivery of a software product.
 Strategies for Developing Quality Software
➢Additionally, teams must also look after their product’s long-term maintainability and
scalability.
➢To resolve the challenges, software teams must employ effective software
development strategies relevant to the project.
➢These strategies must address business to keep software product maintainable, scalable,
reliable, and marketable.
➢As individuals and organizations have come to increasing rely on software, developers
have identified multiple strategies for ensuring the quality of their software.
➢Here are some key strategies that can significantly contribute to effective software
development.
 Strategies for Developing…
Modularization and Encapsulation
➢The fundamental principles of managing complexity is to break down a
software system into smaller, self-contained modules.
➢This could be in the migration of monolithic systems into microservices
architectures.
➢Implementing a microservice architecture allows software development teams
to adapt to customers’ increasing complexity and demands easily.
➢By encapsulating functionalities within self-containing modules, developers
can reduce interdependencies.
➢This approach makes understanding, testing, and maintaining individual
components easier. It also promotes code reusability and fosters a more
flexible architecture.
 Strategies for Developing…
Abstraction and Interface Design
➢Abstraction simplifies complex systems by modeling pertinent
aspects of the system while ignoring unnecessary details.
➢With an effective use of abstraction and thoughtful interface
design, developers can create a clear separation of concerns.
➢This allows development teams to work on specific modules
without being burdened by the underlying details.
➢Well-defined interfaces act as contracts that allow for easy
integration and collaboration among different parts of the
software system.
 Strategies for Developing…
Thorough and Consistent Documentation
➢It is always wise to proactively document every detail that goes into
the software development process for referential and resolution
purposes.
➢Clear and comprehensive documentation is vital for managing
complexities and questions during development.
➢Thorough documentation provides insights into system architecture,
design decisions, and code behavior.
➢With solid documentation at hand, teams can facilitate smoother
onboarding for new team members and aid in the debugging process.
➢Robust documentation also contributes to knowledge retention and
transfer within the development team.
 Strategies for Developing…
Automated Tests and Implementing Test-Driven Development
➢To reduce human error and improve efficiency, automated testing is one of the
must-have strategies for effective software development.
➢Comprehensive test suites ensure that changes to the codebase do not
inadvertently introduce bugs or regressions.
➢Furthermore, adopting test-driven development (TDD) practices and
implementing continuous integration pipelines can significantly reduce the
likelihood of defects.
➢With these proactive approaches, software teams can significantly improve code
quality and ease debugging.
 Strategies for Developing…
Leveraging Version Control Systems
➢Version control systems, such as Git, play a pivotal role in managing complex
software development team workflows.
➢ These platforms provide a structured approach to track changes in the codebase
for a project.
➢Branching and merging strategies enable simultaneous development, allowing
teams to work on different features in parallel without disrupting the stability of
the main codebase.
➢With proper version control practices, teams can rectify complexities by
enhancing collaboration, traceability, and the ability to revert changes when
necessary.
 Strategies for Developing…
Code Reviews and Code Refactoring
➢Code reviews are crucial to maintaining code quality and coherence within a development
team.
➢Regular and systematic peer reviews empower teams to catch potential issues early in the
development process and encourage knowledge sharing and adherence to coding standards.
➢This process provides an opportunity for team members to learn from one another and
collectively improve the overall quality of the codebase.
➢Additionally, this process is in conjunction with another best practice, code refactoring.
➢Code refactoring refers to altering the code structure, based on standards or reviews, without
changing its intended functionality.
➢With this technique, teams can reduce complexities by keeping code maintainable, readable,
and scalable.
 Strategies for Developing…
Scalable Architectural Patterns
➢As software projects evolve, having a scalable architectural
foundation becomes imperative to be future-proof.
➢Choosing appropriate architectural patterns, such as microservices or
modular monoliths, can support the system’s growth over time.
➢Scalable architectures also accommodate changes and expansions
without compromising performance or the software’s external
behavior.
➢This helps ensure the software remains robust and adaptable to
evolving requirements.
 Strategies for Developing…
Continuous Monitoring and Feedback

➢Implementing continuous monitoring and feedback mechanisms helps identify

and address issues in real time, breaking complexities almost instantly.

➢Software development teams can proactively respond to challenges, optimize

system performance, and enhance user experience by utilizing tools for
performance monitoring, error tracking, and user feedback.

➢The proactive nature of continuous monitoring ensures that the software

remains resilient and responsive to changing conditions in production
environments.
 Strategies for Developing…
Using Strategies for Effective Software Development
• As the landscape of technology continues to evolve, the future of software
development holds exciting opportunities. On the other hand, it could also
introduce new challenges.
• Anticipating these changes is crucial for developers and teams to stay ahead of
the curve and continue delivering high-quality software solutions.
• Effective software development requires a thoughtful and strategic approach to
managing complexity.
• By adopting the strategies we discussed, development teams can navigate the
intricacies of their projects more successfully.
• As the software development landscape continues to evolve, it’s the best
practice to harness these strategies to build robust, maintainable, and scalable
software solutions.
 Use of Contingent Workers
➢ What are contingent workers, and how are they employed in the
information technology industry?
➢ What key ethical issues are associated with the use of
contingent workers, including H-1B visa holders and offshore
outsourcing companies?
 Contingent Workers
➢Contingent work is a job situation in which an individual does not have an explicit
or implicit contract for long-term employment
➢Contingent workers include:
➢Independent contractors
➢Temporary workers through employment agencies
➢On-call or day laborers
➢On-site workers provided by contract firms
➢Needed for pronounced IT staffing fluctuations
➢Workers hired for the life of the project only
 Contingent Workers (cont’d.)
➢Sources
➢Temporary agencies
➢Employee leasing
➢Consulting organizations
➢Firms that provide temporary help:
➢Recruit, train, and test their employees in a wide range of job categories and
skill levels
➢Assign them to clients
 Contingent Workers (cont’d.)
➢Employee leasing
➢Business outsources all or part of its workforce to a professional
employer organization
➢Subject to special regulations regarding workers’ compensation and
unemployment insurance
➢Co-employment relationship
➢Two employers have actual or potential legal rights and duties with
respect to the same employee or group of employees
 Contingent Workers (cont’d.)
➢Advantages of using contingent workers
➢Business does not pay for benefits
➢Can continually adjust the number of contingent workers to stay consistent
with its business needs
➢Does not customarily incur training costs
 Contingent Workers (cont’d.)
Disadvantages of using contingent workers
➢May lack a strong relationship with the firm
➢Low commitment to the company and its projects
➢High turnover rate
➢Workers gain valuable practical experience working within a company’s
structure and culture
➢Lost when workers depart at the project’s completion
 Contingent Workers (cont’d.)
➢When deciding to use contingent workers:
➢Recognize the trade-off between:
➢ Completing a single project quickly and cheaply
➢ Developing people in the organization
➢When staffing is truly temporary:
➢ Use of contingent workers is a good approach
➢Think twice about using contingent workers:
➢ When they are likely to learn corporate processes and strategies that are key to the
company’s success
 Contingent Workers (cont’d.)
➢Deciding when to use contingent workers
➢Can raise ethical and legal issues
➢Potential liability for:
➢ Withholding payroll taxes
➢ Payment of employee retirement benefits
➢ Payment of health insurance premiums
➢ Administration of workers’ compensation
 Contingent Workers (cont’d.)
➢Deciding when to use contingent workers (cont’d)
➢Can be viewed as permanent employees by:
➢ Internal Revenue Service
➢ Labor Department
➢ State workers’ compensation agency
➢ State unemployment agencies
➢Vizcaino v. Microsoft lawsuit
➢ Deciding factor is degree of control company exercises over employees
➢ Employers must exercise care in the treatment of contingent workers
 H-1B Workers
• Temporary work visa
• U.S. Citizenship and Immigration Services (USCIS)
• For people who work in specialty occupations
• H-1B workers
• Meet critical business needs
• Have essential technical skills and knowledge not readily found in the U.S.
• Employers must pay H-1B workers the prevailing wage for the work being
performed
 H-1B Workers (cont’d.)
• Maximum continuous period of six years
• After six years, the foreign worker must remain outside the United States for
one year before another H-1B petition can be approved
• Make up less than 0.1% of the U.S. workforce
• Nearly 40% employed as computer programmers
• Continued use of H-1B workers
• Symptom of a larger, more fundamental problem
• U.S. not developing sufficient IT employees
 H-1B Workers (cont’d.)
• Top five outsourcing countries
• India
• China
• Canada
• United Kingdom
• Philippines
• Federal cap set on the number of H-1B visas
• Applies only to certain IT professionals
• Large number of workers are exempt from cap
 H-1B Workers (cont’d.)
• English as a second language
• Workers who are not fluent in English:
• May find it difficult and uncomfortable to participate
• May create their own cliques
• May stop trying to acclimate
• Can hurt a project team’s morale and lead to division
• Managers and coworkers should:
• Strive to help improve H-1B workers’ English skills and cultural
understanding
• Be sensitive to workers’ heritage and needs
 H-1B Workers (cont’d.)
• H-1B application process
• Job offer employer must also offer sponsorship
• Application has two stages
• Labor Condition Attestation (LCA)
• H-1B visa application
• If H-1B are more than 15% percent of workforce:
• Must prove that it first tried to find U.S. workers
• Must prove not hiring H-1B after laying off similar U.S. worker
 H-1B Workers (cont’d.)
• American Competitiveness in the Twenty-First Century Act (2000)
• Allows current H-1B holders to start working for employers as soon as their
petitions are filed
• Using H-1B workers instead of U.S. workers
• Good for short-term hiring
• Long-term hiring
• Lessens incentive to educate and develop U.S. workforces
• Does nothing to develop strong core of permanent U.S. IT workers needed in future
 H-1B Workers (cont’d.)
• Potential exploitation of H-1B workers
• Salary abuse by unethical companies
• H1-B workers are paid $10,000 to $30,000 less than U.S. workers in the same
job
• Visa Reform Act (2004)
• Defined a modified wage-rate system
• At end of the six-year visa term
• If no green card, firm loses worker
• Suddenly unemployed worker must return home
 Outsourcing
• Outsourcing
• Approach to meeting staffing needs
• Long-term business arrangement
• Company contracts with an outside organization that has expertise in providing a specific
function
• Rationale
• Lower costs
• Obtain strategic flexibility
• Keep staff focused on core competencies
 Offshore Outsourcing
• Variation of outsourcing
• Services provided by an organization whose employees are in a foreign
country
• Companies reduce labor costs
• Increasing in IT industry
• As key processes move offshore, U.S. IT providers are forced to lower
prices
• Common to use offshore outsourcing for major programming projects
Offshore Outsourcing (cont’d.)
Offshore Outsourcing (cont’d.)
 Offshore Outsourcing (cont’d.)
• Pros and cons of offshore outsourcing
• Low wages
• Increasing due to demand
• Dramatically speeds up development efforts
• Make progress on a project around the clock
• Can also result in new expenses
• Additional time to select an offshore vendor
• Additional costs for travel and communications
• Same ethical issues as H1-B and contingent workers
• Difficulty of communications over long distances
 Offshore Outsourcing (cont’d.)
• Strategies for successful offshore outsourcing
• Expertise in technologies involved in the project
• Project manager speaks native language of employer
• Large staff available
• State-of-the-art telecommunications setup
• High-quality on-site managers and supervisors
 Whistle-Blowing
• Effort to attract public attention to a negligent, illegal, unethical,
abusive, or dangerous act by a company
• Whistle-blower
• Usually has personal or special knowledge
• Risks own career
• Might even affect lives of friends and family
• Must choose between protecting society and remaining silent
 Whistle-Blowing (cont’d.)
• Protection laws allow employees to alert authorities to employer
actions that are unethical, illegal, or unsafe, or that violate specific
public policies
• No comprehensive federal law
• Each law has different:
• Filing provisions
• Administrative and judicial remedies
• Statutes of limitations
 Whistle-Blowing (cont’d.)
• False Claims Act (“Lincoln Law”)
• Enacted during the Civil War
• Enticed whistle-blowers to come forward
• Offered a share of the money recovered
• Qui tam provision allows private citizen to file in name of government
• Violators are liable for three times the dollar amount the government is
defrauded
• Provides strong whistle-blower protection
• Complexity requires advice of an attorney
 Whistle-Blowing (cont’d.)
• Whistle-blower protection for private-sector workers
• Laws prevent workers from being fired because of an employee’s participation
in “protected” activities
• Whistle-blowers can file claims against their employers for retaliatory
termination
• Whistle-blowers are entitled to jury trials
• If successful at trial, can receive punitive damage awards
 Whistle-Blowing (cont’d.)
• Dealing with a whistle-blowing situation
• Assess the seriousness of the situation
• Begin documentation
• Attempt to address the situation internally
• Consider escalating the situation within the company
• Assess implications of becoming a whistle-blower
• Use experienced resources to develop action plan
• Execute the action plan
• Live with the consequences
 Green Computing
• To manufacture truly “green” products,
companies must:
• Reduce the amount of hazardous materials used
• Increase amount of reusable or recyclable materials
• Help consumers dispose of their products in an
environmentally safe manner at the end of the
product’s useful life
• Devices contain thousands of components
• Some harmful to humans and environment
• Entire supply chain at risk
 Green Computing (cont’d.)
• EPEAT (Electronic Product Environmental Assessment Tool)
• Enables purchasers to evaluate, compare, and select electronic products
• Based on a total of 51 environmental criteria
• Products are ranked in three tiers of environmental performance
• European Restriction of Hazardous Substances Directive
• Restricts use of many hazardous materials in computer manufacturing
 Green Computing (cont’d.)
• How to safely dispose of obsolete computers
• Many states have recycling programs
• Some manufacturers have developed programs
• Greenpeace environmental activist organization
• Issues quarterly ratings of manufacturers according to the
manufacturers’ policies on:
• Toxic chemicals, recycling, and climate change
 Green Computing
Green Computing refers to the practice of using computing resources in
an environmentally sustainable way.
The Goals of Green Computing is to:
• Reduce energy consumption.
• Minimize waste.
• Lower carbon footprint.
Core Principles of Green Computing:
• Energy Efficiency: Designing systems and devices to consume less power.
• Resource Optimization: Maximizing hardware and software usage.
• Eco-friendly Disposal: Proper recycling of electronic waste (e-waste).
• Virtualization: Reducing physical hardware through virtual environments.
• Sustainable Manufacturing: Using eco-friendly materials and processes.
 Green Computing
Benefits of Green Computing:
• Environmental Benefits:
• Reduction in greenhouse gas emissions.
• Conservation of natural resources.
• Economic Benefits:
• Lower operational costs (e.g., energy bills).
• Longevity of devices through efficient usage.
• Social Benefits:
• Encourages sustainability awareness.
• Boosts corporate social responsibility (CSR).
 Green Computing
Real world application and initiatives:
• Cloud computing (e.g., AWS, Google Cloud).
• Energy-efficient data centers.
• Eco-label certifications (e.g., ENERGY STAR).
• Apple’s use of 100% recycled aluminum in products.
• Google’s carbon-neutral strategy since 2007.
Challenges:
• High initial cost of green technologies.
• Lack of awareness and adoption.
• Rapid technological obsolescence.
Future Trends:
• Growth in renewable-powered data centers.
• Expansion of AI in optimizing energy consumption.
• Increased governmental regulations promoting sustainability.