ANALISIS KEAMANAN INFORMASI DATA CENTER MENGGUNAKAN COBIT 5

Iik Muhamad Malik Matin, Arini Arini, Luh Kesuma Wardhani

Abstract


ABSTRAK

Data center pada sebuah institusi telah di amati dan dianalisa untuk mendapatkan deskripsi mengenai keamamanan informasinya. Data center pernah mengalami insiden keamanan informasi berupa Shell Injection. Akibatnya, beberapa situs web tidak dapat diakses beberapa saat. Insiden ini dapat memperngaruhi proses bisnis institusi. Untuk menghindari masalah ini di masa depan, diperlukan audit keamanan informasi. Audit ini dapat dilakukan dengan menggunakan framework COBIT 5. Dalam penelitian ini, audit keamanan indormasi dilakukan terhadap keamanan informasi data center dengan fokus pada proses APO13 (Manage Security) dan DSS05 (Manage Security Service). Penelitian ini Penelitian ini dilakukan melalui tahap Initiation, Planning the Assessment, Briefing, Data Collection, Data Validation, Process Attribute Level dan Reporting the Result. Hasil penelitian ini diketahui tingkat kemampuan APO13 dan DSS05 pada saat ini (As Is) bernilai 1,54 dan 1,68 atau pada level 2, yang berarti proses APO13 dan DSS05 telah dilakukan dan dipelihara sesuai dengan rencana kerja. Oleh karena itu tingkat berikutnya (to be) ditetapkan pada level 3. Untuk mencapai level 3, beberapa rekomendasi diberikan untuk menutupi gap yang telah ditentukan dalam proses APO13 dan DSS05. Data center harus membuat rencana kerja yang rinci, data center yang dikelola dengan baik dan memiliki standar yang jelas untuk diterapkan agar dapat mencapai tujuan bisnis

 

ABSTRACT

A data center of an institution was observed and analyzed in order to get description about its information security.  The data center had ever experienced incidents of information security which is shell injection. As a result, some websites were not accessible for a moment. This incidents can affect business processes of the institution. In order to avoid this problem in the future, this institution needs information security audit. This audit can be done by using Framework COBIT 5. In this research,  an information security audit was conducted to Data Center Information Security by using Framework COBIT 5, focus on the process DSS05 (Manage Security Service) and APO13 (Manage Security). This research was conducted through some stages of initiation, planning the assessment, briefing, data collection, data validation, process attribute level and reporting the result. Form this research, the capability level of APO13 and DSS05 at this moment (as is) worth 1.54 and 1.68 or at level 2, which means process of APO13 and DSS05 had been done and maintained in accordance with the work plan. Therefore the next level (to be) set at level 3. In order to achieve level 3, some recommendations provided to cover the gap that has been determined in the process APO13 and DSS05. The data center have to make a detail work plan, well managed data center and have clear standard to be implemented in order to reach the business goal.

How to Cite : Martin, I.M. Arini. Wardani, L. K. (2017). ANALISIS KEAMANAN INFORMASI DATA CENTER  MENGGUNAKAN COBIT 5. Jurnal Teknik Informatika, 10(2), 119-128. doi: 10.15408/jti.v10i2.7026

Permalink/DOI: http://dx.doi.org/10.15408/jti.v10i2.7026


Keywords


COBIT 5; Data Center; Keamanan Informasi; DSS05; APO13

Full Text:

PDF

References


REFERENSI

S. Zulhuda, "Information Security In The Islam Perspective: Principle and Practices," Information and Communication Technology for The Muslim World (ICT4M), March 13, 2010.

W. Van Grembergen, "Introduction to the minitrack "IT governance and its mechanisms" HICSS 2013," Proceedings of the Annual Hawaii International Conference on System Sciences, 2013.

M. E. Whitman, "Principles of Information Security," Course TechnologyWhitman, M. E., & Mattord, H. J. (2012). Principles of Information Security. Course Technology, 2012, June 7, 2012.

ITGI, IT Assurance Guide : Using COBIT, USA: ITGI, 2007.

S. Gustavo, Data Center Fundamentals, Indanapolis: Cisco Press, 2014.

K. Jayaswal, Administering Data Centers: Servers, Storage, and Voice Over IP, Indianapolis: Wiley Publishing, Inc, 2006.

Isaca, COBIT: A Business Framework for the Governance and Management of Enterprise IT, USA: Isaca, 2013.

Isaca, COBIT 5: Enabling Process, USA: Isaca, 2012.

Isaca, COBIT 5: Implementation, USA: ISaca, 2012.

Isaca, Process Assessment Model: Using COBIT 5, USA: ISaca, 2013.

Isaca, COBIT 5: Enabling Processes, USA: Isaca, 2012.

Isaca, COBIT 5: Foundation With Case Study (ITG-2531.10), USA: Isaca, 2012.




DOI: https://doi.org/10.15408/jti.v10i2.7026

Refbacks

  • There are currently no refbacks.


Copyright (c) 2018 Prodi Teknik Informatika Universitas Islam Negeri Syarif Hidayatullah Jakarta

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Lantai 3, Prodi Teknik Informatika, UIN Syarif Hidayatullah Jakarta
Jl. Ir. H. Juanda No.95, Cempaka Putih, Ciputat Timur. 
Kota Tangerang Selatan, Banten 15412
Tlp/Fax: +62 21 74019 25/ +62 749 3315
Handphone: +6281371798903
E-mail: jurnal-ti@uinjkt.ac.id