I was in the first few months of my second database administrator job when the CTO told me that I needed to give the CFO direct table access into the database that I had designed. Not 3 months later we were having a company meeting so the executive staff could explain to the company that the CFO had stolen our client list and was out luring our customers away. Sound like a security issue? Not the way that I see it.
I had an ethics issue on my hands. From that day in 1997 I have always had my eye out for ethical issues, and more importantly looking for ways we can police ourselves. It does not take long for a new database professional to see that when you have access to data that there is going to be sensitive data in there somewhere. The obvious ones are the HR databases, or the financial databases that reside on our SQL Servers. But there are so many more areas that we need to look before we can get a good handle on how to solve these ethical dilemmas. Take a look at something that I posted a while back that threatened the security of the United States. I cannot imagine that it would take long for an ethical person to say, “Really?”
A few months ago I had to get a security clearance, and pass the Security + certification so I could do a short contract with the Air Force. As I was going over study material in a book I was supplied, I ran across a couple of short notes about ethics. I followed a link or two and I ended up here. When I first started to look at the list of ethics that they had listed, I was really impressed. As I got deeper into what they were saying I became a bit concerned, however. The company that produced this is a corporation, not an organization that has the best interests for the industry as a primary goal. I don’t believe there is anything wrong with being a for-profit, I know I work for one, and well, as an individual I am for-profit. My issues with the code is the code itself appears to be pointed and making the company a profit, at least it does to me. If that is the reason they sponsored the Code of Ethics, then well they violate their own ethics when they say:
“I will not advance private interests at the expense of end users, colleagues, or my employer“.
So here is where that leaves us:
For this month’s t-sql Tuesday question I wanted to highlight the need for Ethics in our industry. Don’t consumers and business owners have to trust someone at some time with their data? This month, take time to participate by talking about DBA ethics. I really hope to see someone address topics such as:
Should we have an ethics statement?
Have ethics issues impacted you? What did you do about it?
Security Audits: how do you police what you and others are doing in the database?
Does a Code of Ethics mean anything to anyone? How do we as a community enforce a Code of Ethics?
Do you have an issue with this Code of Ethics?
What do you believe our Code of Ethics should say if we the SQL Server Community have one?
Have fun, but take the time to dig deep and do some real soul searching. I know with large number of really smart professionals that we have in our community we can think of something. I will do up a summary once I have returned from my trip that week, but to be honest I hope this discussion goes on long after May 8th.
As with each of the T-SQL installments I ask that you follow some basic rules.