Henry Magruder made a mistake—he left a CD at the coffee station. Later, when Iris Majwubu was topping off her mug with fresh tea, hoping to wrap up her work on the current SQL code module before it was time to go home, she saw the unlabeled CD on the counter. Being the helpful sort, she picked it up, intending to return it to the person who’d left it behind.
Expecting to find perhaps the latest device drivers, or
someone’s work from the development team’s office, Iris slipped the
disk into the drive of her computer and ran a virus scan on its
contents before opening the file explorer program. She had been
correct in assuming the CD contained data files, and lots of them.
She opened a file at random: names, addresses, and Social Security
numbers appeared on her screen. These were not the test records she
expected; they looked more like critical payroll data. Concerned,
she found a readme.txt file
and opened it. It read:
Jill, see files on this disc. Hope they meet your expectations. Wire money to account as arranged. Rest of data sent on payment.
Iris realized that someone was selling sensitive company data to
an outside information
broker. She looked back at the directory listing and saw that the
files spanned the range of every department at Sequential Label and
Supply—everything from customer lists to shipping invoices. She saw
one file that appeared to contain the credit card numbers of every
Web customer the company supplied. She opened another file and saw
that it only contained about half of the relevant data. Whoever did
this had split the data into two parts.
That made sense: payment on delivery of the first half. Now, who did this belong to? She opened up the file properties option on the readme.txt file. The file owner was listed as “hmagruder.” That must be Henry Magruder, the developer two cubes over in the next aisle. Iris pondered her next action.
Iris called the company security hotline. The hotline was an
anonymous way to report any
suspicious activity or abuse of company policy, although Iris chose
to identify herself. The
next morning, she was called to a meeting with an investigator from
corporate security,
which led to more meetings with others in corporate security, and
then finally a meeting with
the director of human resources and Gladys Williams, the CIO of
SLS.
Questions:
1. Why was Iris justified in determining who the owner of the CD
was?
2. Should Iris have approached Henry directly, or was the hotline
the most effective way
to take action? Why do you think so?
3. Should Iris have placed the CD back at the coffee station and
forgotten the whole
thing? Explain why that action would have been ethical or
unethical.
ANSWERS -
1) Iris was justified in determining the owner of the CD because the CD contained suspicious personal data's and files which leads to information and identity theft issues, also following the ethical behaviour of society and protocols and rules of company Iris has done the job what she had to.
2) No, since the CD contained suspicious data's and files Iris approaching Henry directly is not an effective way and from the scenario its more obvious that Henry is doing something wrong and it also leads to personal confrontation and arguments between them.
Approaching the organisation directly is the right way as it contained company's data's and files and clearing the doubts and clarifications in front of corporate security authorities.
3) If Iris has placed the CD back at coffee station, that would go to the hands of some other person because coffee station is a public place and also knowing that the CD contains the data and files which can lead to identity and information theft, its not ideal to place it back its unethical and unprofessional.
So, Iris made the correct decision by confronting the corporate security about the drive.
Please comment if u need any more info. Please do leave a like, it would mean a lot. Thanks :)
Get Answers For Free
Most questions answered within 1 hours.