Evaluasi Keamanan Sistem Informasi Pada Penyedia Layanan Cloud Dan Perlindungan Data Pribadi Berdasarkan Index Kami Versi 4.2 (Studi Kasus : PTIPD UIN Sunan Kalijaga Yogyakarta)

Authors

  • Faiz Akhmad Hafizuddin Informatika UIN Sunan Kalijaga Yogyakarta
  • Bambang Sugiantoro

DOI:

https://doi.org/10.14421/csecurity.2024.7.1.4280

Abstract

Pusat Teknologi Informasi Dan Pangkalan Data (PTIPD) merupakan salah satu Unit Pelaksana Teknis (UPT) yang ada di Universitas Islam Negri Sunan Kalijaga Yogyakarta yang memiliki tugas untuk mengelola dan mengembangkan sistem informasi manajemen, pengembangan, pemeliharaan jaringan dan aplikasi, pengelolaan basis data, pengembangan teknologi lainnya, dan kerjasama jaringan. Perkembangan teknologi yang pesat dan pola bisnis yang dinamis menyebabkan munculnya risiko keamanan informasi baru. Keterlibatan pihak ketiga penyedia layanan dalam suatu instansi menimbulkan risiko terkait keberadaan dan keterlibatan pihak eksternal. Layanan berbasis infrastruktur awan (Cloud) memberikan peluang efisiensi dan peningkatan kinerja yang sangat signifikan bagi instansi, akan tetapi risiko terkait data yang berada pada pengendalian pihak ketiga (penyelenggara layanan) perlu dimitgasi. Penggunaan tools indeks KAMI dalam penelitian ini hanya berfokus dalam tiga area diantaranya: pengamanan keterlibatan pihak ketiga, pengamanan layanan infrastrukutur awan dan perlindungan data pribadi. Hasil dari evaluasi tingkat presentase kelengkapan dan efektifitas penggunaan teknologi dalam pengamanan aset informasi di PTIPD UIN Sunan Kalijaga Yogyakarta yaitu: untuk pengamanan keterlibatan pihak ketiga mendapatkan presentase 49%, pengamanan layanan infrastruktur awan (cloud) sebesar 33% dan untuk pengamanan perlindungan data pribadi mendapatkan presentase 67%. Rekomendasi dari penelitian ini dapat di jadikan sebagai bahan pertimbangan da evaluasi bagi instansi dalam melakukan perbaikan yang berkaitan dengan mitigasi risiko dan pencegahan terhadap kerentanan keamanan informasi, serta dapat memastikan aturan dapat tercapai dengan baik dan keputusan terhadap kebijakan keamanan informasi dalam satu instansi di masa depan.

Evaluation Of Information System Security In Cloud Service Provider And Protection Of Personal Data Based On Index Kami Version 4.2 (Case Study: PTIPD UIN Sunan Kalijaga Yogyakarta)

Kata kunci: Indeks KAMI, PTIPD, Keamanan Informasi, Penyedia Layanan Cloud, Perlindungan Data Pribadi

-------------------------------------------------------------------------

The Center for Information Technology and Database (PTIPD) is one of the Technical Implementation Units (UPT) at the Islamic University of Sunan Kalijaga, Yogyakarta, which has the task of managing and developing management information systems, developing, maintaining networks and applications, managing databases, developing other technologies, and network cooperation. Rapid technological developments and dynamic business patterns have led to the emergence of new information security risks. The involvement of third party service providers in an agency creates risks related to the presence and involvement of external parties. Cloud infrastructure-based services (Cloud) provide significant efficiency and performance improvement opportunities for agencies, but risks related to data that are in the control of third parties (service providers) need to be mitigated. The use of the KAMI index tools in this study focuses only on three areas including: securing third party involvement, securing cloud infrastructure services and protecting personal data. The results of evaluating the percentage level of completeness and effectiveness of using technology in securing information assets at PTIPD UIN Sunan Kalijaga Yogyakarta, namely: for securing third party involvement gets a percentage of 49%, securing cloud infrastructure services (cloud) for 33% and for securing personal data protection getting a percentage 67%. Recommendations from this research can be used as material for consideration and evaluation for agencies in making improvements related to risk mitigation and prevention of information security vulnerabilities, and can ensure that rules can be achieved properly and decisions on information security policies within an agency in the future.

Keywords: KAMI Index, PTIPD, Information Security, Cloud Service Provider,  Protection Of Personal Data



Downloads

Published

08-11-2024

How to Cite

[1]
F. A. Hafizuddin and B. Sugiantoro, “Evaluasi Keamanan Sistem Informasi Pada Penyedia Layanan Cloud Dan Perlindungan Data Pribadi Berdasarkan Index Kami Versi 4.2 (Studi Kasus : PTIPD UIN Sunan Kalijaga Yogyakarta)”, csecurity, vol. 7, no. 1, pp. 7–17, Nov. 2024.

Issue

Vol. 7 No. 1 (2024): Edisi Bulan Mei Tahun 2024

Section

Articles

License

Copyright (c) 2024 Bambang Sugiantoro

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)

You are free to:

  • Share — copy and redistribute the material in any medium or format
  • Adapt — remix, transform, and build upon the material for any purpose, even commercially.

Under the following terms:

  • Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  • ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
  • No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.