The Applied Aproach Impact Information Security For Government and Company  (A Review)

Henny Febriana; Dewi Sartika Br Ginting; Fuzy Yustika Manik; Mahyuddin

doi:10.32734/jocai.v6.i1-7935

Authors

Henny Febriana Universitas Sumatera Utara
Dewi Sartika Br Ginting Universitas Sumatera Utara
Fuzy Yustika Manik Universitas Sumatera Utara
Mahyuddin Universitas Sumatera Utara

DOI:

https://doi.org/10.32734/jocai.v6.i1-7935

Keywords:

Information Security, Aplication Security

Abstract

The Government and industry are currently using information and communication technology a lot. The Government and companies in Indonesia have regulations on operational standards and management procedures for information and communication systems security at Government regarding implementing information system security. Information security is essential because there are many threats to information security. Information security in this era of Information and Communication Technology (ICT) is fundamental. Information Exchange Environment (IEE) vulnerabilities have increased as threats become more widespread and complex; therefore, information security has become a fundamental problem for businesses, organizations, and governments. So, in this paper, we will explain the review of the impact of Information Security For Government and companies in terms of threats and types of information security. Some security system methods are analyzed, among others—application Security, cloud security, Cryptography, security infrastructure, Incident response, and vulnerability management. The results of this review analysis, it known threat has several solutions, each depending on the type of threat for both the Government and the Company. Furthermore, Information Security is considered very important, especially for data stored in Government and companies.

Downloads

Download data is not yet available.

References

D. Ciptaningrum, E. Nugroho, D. Adhipta, and J. Grafika, “AUDIT KEAMANAN SISTem Informasi Pada Kantor Pemerintah Kota Yogyakarta Menggunakan Cobit 5,” Vol. 2015, No. Sentika, 2015.

I. J. Aritonang, E. D. Ud Ayanti, And N. Iksan, “Audit Keamanan Sistem Informasi Menggunakan Framework Cobit 5 (Apo13),” Itej (Information Technol. Eng. Journals, Vol. 03, No. 02, Pp. 2548–2157, 2018.

M. Lenawati, W. W. Winarno, And A. Amborowati, “Tata Kelola Keamanan Informasi Pada Pdam Menggunakan Iso/Iec 27001:2013 Dan Cobit 5,” Sentra Penelit. Eng. Dan Edukasi, Vol. 9, No. 1, Pp. 44–49, 2017.

R. G. Mufti And Y. T. Mursityo, “Evaluasi Tata Kelola Sistem Keamanan Teknologi Informasi Menggunakan Framework Cobit 5 Fokus Proses Apo13 Dan Dss05 ( Studi Pada Pt Martina Berto Tbk ),” J. Pengemb. Teknol. Inf. Dan Ilmu Komput., Vol. 1, No. 12, Pp. 1622–1631, 2017.

H. Zafar And J. G. Clark, “Current State Of Information Security Research In Is,” Commun. Assoc. Inf. Syst., Vol. 24, No. 1, Pp. 557–596, 2009.

M. Dečman And M. Vintar, “A Possible Solution For Digital Preservation Of E-Government: A Centralised Repository Within A Cloud Computing Framework,” Aslib Proc. New Inf. Perspect., Vol. 65, No. 4, Pp. 406–424, 2013.

N. Sohrabi Safa, R. Von Solms, And S. Furnell, “Information Security Policy Compliance Model In Organizations,” Comput. Secur., Vol. 56, Pp. 70–82, 2016.

X. Zhang, N. Wuwong, H. Li, And X. Zhang, “Information Security Risk Management Framework For The Cloud Computing Environments,” Proc. - 10th Ieee Int. Conf. Comput. Inf. Technol. Cit-2010, 7th Ieee Int. Conf. Embed. Softw. Syst. Icess-2010, Scalcom-2010, No. 2007, Pp. 1328–1334, 2010.

B. Karabacak And I. Sogukpinar, “Isram: Information Security Risk Analysis Method,” Comput. Secur., Vol. 24, No. 2, Pp. 147–159, 2005.

Heru Pratama, “Audit Keamanan Sistem Informasi Pada Kantor Samsat Di Kota Krui Menggunakan Cobit 5,” vol. 2015, no. Sentika, 2018.

J. M. Hagen, E. Albrechtsen, and J. Hovden, “Implementation and effectiveness of organizational information security measures,” Inf. Manag. Comput. Secur., vol. 16, no. 4, pp. 377–397, 2008.

International Journal of Information Management, “Institutional Repository The information security policy unpacked : A critical study of the content of university policies This item was submitted to Loughborough ’ s Institutional Repository ( https://dspace.lboro.ac.uk/) by the author and is made availa,” https://dspace.lboro.ac.uk/), vol. 29 (6), pp. 449–457, 2009.

S. E. Chang and C. S. Lin, “Exploring organizational culture for information security management,” Ind. Manag. Data Syst., vol. 107, no. 3, pp. 438–458, 2007.

N. S. Safa and R. Von Solms, “An information security knowledge sharing model in organizations,” Comput. Human Behav., vol. 57, pp. 442–451, 2016.

B. Lebek, J. Uffen, M. Neumann, B. Hohler, and M. H. Breitner, “Information security awareness and behavior: A theory-based literature review,” Manag. Res. Rev., vol. 37, no. 12, pp. 1049–1092, 2014.

A. Moffat and A. Turpin, “Static Codes,” Compression and Coding Algorithms, no. August, pp. 29–50, 2002.

A. C. Johnston, M. Warkentin, M. McBride, and L. Carter, “Dispositional and situational factors: Influences on information security policy violations,” Eur. J. Inf. Syst., vol. 25, no. 3, pp. 231–251, 2016.

A. Yip, X. Wang, N. Zeldovich, and M. F. Kaashoek, “Improving application security with data flow assertions,” SOSP’09 - Proc. 22nd ACM SIGOPS Symp. Oper. Syst. Princ., pp. 291–304, 2009.

J. W. J. W. Yoder and J. Barcalow, “Architectural patterns for enabling application security,” Proc. PLoP 1997, vol. 51, p. 31, 1998.

R. Goolsby, “On Cybersecurity, Crowdsourcing and Social Cyber-Attack,” Policy Memo Ser., vol. 1, pp. 1–8, 2012.

M. M. Silva, A. P. H. De Gusmão, T.