In a situation where a software engineer is asked to design a system with inherent security vulnerabilities, many ethical issues involving different stakeholders are encountered. Diane Jones is the owner of a software development company who was tasked with designing a database management system for the personnel department of a medium-sized toy manufacturing company. Members of the toy manufacturer's management team involved with Diane in designing the system include the CEO, director of information technology, and director of personnel. The database system will contain sensitive information relating to the toy manufacturer's employees. Poor security of personal data regarding toy company employees raises red flags for the software development team. This information includes medical records for insurance claims, performance evaluations, and salary information. Therefore, an ethical dilemma occurs when the toy company persists in building an ineffective security system in order to provide a short-term financial respite. The software development company and the people involved in this project risk a negative impact on their reputation if the system requested from the customer is fundamentally flawed, thus creating a public image that conveys their inability to produce quality software that respects the most high safety standards. Ms. Jones has the right to express her concerns to her employer and therefore the responsibility, as an ethical software engineer, to try to convince the toy manufacturer's personnel department to adopt a more secure system despite the increase of expenses. The aforementioned top executives of the toy manufacturing company involved the...... middle of paper ...... to adequately protect the confidential data contained in the system. The software development team carefully explains the danger of data compromise both in the form of a technologically savvy employee and the potentially larger and more damaging data theft perpetrated by online hackers. The financial loss due to inadequate data storage and security is also explained to the customer. The point of this explanation is the understanding that a larger upfront investment can ultimately be much less costly than a breach of an insecure system. In case the customer is unable or unwilling to change the structure of the system, the recommended course of action is for the software development team to refuse the implementation of the system taking into account the resulting damage to the organization's reputation of software development.