Scenario - Who is to blame? You have just been hired as the senior data security and compliance officer of your organization. Consider a situation where your organization is tasked to manage protected private data in a business critical system. You have uncovered that the IT department's data administration group does not integrate effective measures to ensure safety of the data. A general statement to distract misuse of the data is the only practice in place from a safety-of-data position. An employee compromises the data.
- In this scenario, while the person who compromises the database and misuses the data has committed an ethical infraction, in your opinion, what responsibility falls on the database developer who was required to integrate security but does not secure the data?
- What if the developer implemented security, but did it in such a poor fashion that no security was added? Is he still responsible? Why or why not?
Your initial post should be a minimum of three hundred words.