Sistem informasi & Komunikasi: Special Issue on ICT · Preventing Intruder Access Empat macam penyusup (intruder) yang mungkin melakukan unauthorized access 1. Casual hackers who

S2 SKI TE Universitas Brawijaya

Dr. Eng. Herman Tolle

[email protected]

Sistem informasi & Komunikasi:

Special Issue on ICT

Contents

1. Network Security

2. Profession, Ethics and Certification

3. Software Industry and Market

4. Internet Business Model and Trends

1. Network Security

4

Security Threats

A network security threat : adalah kejadian/peristiwa yang potensial dapat menyebabkan kerugian, yang dapat mengganggu atau menginterupsi sistem dalam jaringan, atau kerugian materiil bagi organisasi

Sekali ancaman itu diidentifikasi maka dicatat dan disusun berdasarkan kemunculannya

Figure 1 summarizes the most common threats to security.

5

Figure 1 Common Security Threats

6 Threats to Network Security

Jenis-jenis Security Threats

1. Disruptions are the loss or reduction in network service. -> Gangguan dari sumber daya listrik

2. Some disruptions may also be caused by or result in the destruction of data.-> Kerusakan

3. Natural (or manmade) disasters may occur that destroy host computers or large sections of the network.-> bencana alam

4. Unauthorized access is often viewed as hackers gaining access to organizational data files and resources. However, most unauthorized access incidents involve employees. -> akses tanpa ijin

7

Types of Attacks

Spoofing (masquerade) attacks

Man-in-the-middle (hijacking) attacks

Denial-of-service attacks

Insider attacks

Front-door-attacks

Brute-force attacks

Trapdoor attacks

Replay attacks

Trojan horse attacks

Social engineering attacks

Viruses

Macros

Executables

Boot sector

Stealth

Polymorphic

Preventing Intruder Access

Empat macam penyusup (intruder) yang mungkin melakukan unauthorized access

1. Casual hackers who only have limited knowledge of computer security.

2. Security experts whose motivation is the thrill of the hunt.

3. Professional hackers who break into corporate or government computers for specific purposes.

4. Organization employees who have legitimate access to the network but who gain access to information they are not authorized to use.

Network Controls

Mengembangkan sebuah jaringan yang secure berarti mengembangkan mekanisme untuk mengurangi atau menghilangkan ancaman terhadap keamanan jaringan, disebut sebagai Network controls.

Ada tiga jenis pengendalian (control):

• Preventative controls - mitigate or stop a person from acting or an event from occurring (e.g. passwords).

• Detective controls – membuka atau mencari event-event yang tidak diinginkan (reveal or discover unwanted events) (e.g., auditing software).

• Corrective controls - rectify an unwanted event or a trespass (e.g., reinitiating a network circuit).

12

2. Profession, Ethics and Certification

Proefesi bidang TIK

a. Kelompok pertama perangkat lunak (software): • Sistem analis, Programmer, Web Designer, Web Programer, Mobile Application Developer

b. Kelompok kedua perangkat keras (hardware) & networking: • Technical engineer, Networking engineer, Telecom Engineer

c. Kelompok tiga operasional & management: • EDP Operator, System administrator, Mis director d. Kelompok empat mereka yang berkecimpung di pengembangan bisnis teknologi informasi IT Entrepreneur

50 Best Jobs in America

1. Software engineer: $80,500 AVERAGE PAY 46% 10-YEAR GROWTH

2. College professor: $81,500 AVERAGE PAY 31% 10-YEAR GROWTH

3. Financial adviser: $122,500 AVERAGE PAY 26% 10-YEAR GROWTH

4. Human-resources manager: $73,500 AVERAGE PAY 23% 10-YEAR GROWTH

5. Physician assistant: $75,000 AVERAGE PAY 50% 10-YEAR GROWTH

Orang Terkaya Indonesia 1. Aburizal Bakrie 5,4 miliar USD

2. Sukanto Tanoto 4,7 miliar USD

3. R. Budi Hartono 3,14 miliar USD

4. Michael Hartono 3,08 miliar USD

5. Eka Tjipta Widjaja 2,8 miliar USD

6. Putera Sampoerna 2,2 miliar USD

7. Martua Sitorus 2,1 miliar USD

8. Rachman Halim 1,6 miliar USD

9. Peter Sondakh 1,45 miliar USD

10. Eddy William Katuari 1,39 miliar USD

Orang Terkaya di Amerika 1. Bill Gates 46,5 miliar USD

2. Warren Buffett 44,0 miliar USD

3. Paul Allen 21,0 miliar USD

4. Larry Ellison 18,4 miliar USD

5. S. Robson Walton 18,3 miliar USD

6. Jim Walton 18,2 miliar USD

7. John T. Walton 18,2 miliar USD

8. Michael Dell 16,0 miliar USD

9. Sheldon Adelson 15,6 miliar USD

10.Steve Ballmer 12,1 miliar USD

Orang Indonesia Kaya Karena Sumber Daya Alam dan Keturunan

Orang Amerika Kaya Karena Pengetahuan

Sertifikasi Bidang TIK

Sertifikasi bidang TIK

Alasan pentingnya sertifikasi profesionalisme dibidang IT :

1. Untuk menuju pada level yang diharapkan, pekerjaan di bidang TI membutuhkan expertise.

2. Profesi dibidang TI, merupakan profesi menjual jasa dan bisnis jasa bersifat kepercayaan.

Manfaat adanya sertifikasi profesionalisme:

1. Ikut berperan dalam menciptakan lingkungan kerja yang lebih profesional.

2. Pengakuan resmi pemerintah tentang tingkat keahlian individu terhadap sebuah profesi.

3. Pengakuan dari organisasi profesi sejenis, baik tingkat regional maupun internasional.

4. Membuka akses lapangan pekerjaan secara nasional, regional maupun internasional.

5. Memperoleh peningkatan karier dan pendapatan sesuai perimbangan dengan pedoman skala yang diberlakukan.

Kelemahan pelaksanaan sertifikasi adalah:

1. Biaya Mahal

2. Kemampuan yang kurang memadai

Lembaga Sertifikasi

1. Institute for Certification of Computing Professionals (ICCP)

Merupakan badan sertifikasi profesi teknologi informasi di Amerika.

ICCP melakukan pengujian terhadap 19 bidang minat, diantaranya adalah bussiness information system, office information system, internet, system development, dan software engineer.

Beberapa contoh sertifikasi dari ICCP adalah : – CDP (Certified Data Processor) – CCP (Certified Computer Programmer) – CSP (Certified Systems Professional)

2. Institute for Certification of Computing Professionals (CompTIA)

Merupakan Asosiasi industri teknologi komputer yang beranggotakan antara lain: Microsoft, Intel, IBM, Novell, Linux, HP, dan CISCO.

Asosiasi ini memberikan sertifikasi di berbagai bidang, misalnya network support, dan computer technical. Adapun beberapa sertifikasi yang diberikan adalah :

• A+ (Entry Level Computer Service) bidang teknisi komputer.

• Network+ (Network Support and Administration) jaringan komputer.

• Security+ (Computer and Information Security) keamanan komputer.

• HTI+ (Home Technology Installation) bidang instalasi sampai pada pemeliharaan dan teknisi home technology.

• IT Project+ (IT Project Managemant) manajemen proyek di bidang teknologi informasi.

Sertifikasi Berorientasi Produk

A. Sertifikasi Microsoft

1. Microsoft Certified Desktop Support Technicians (MCDSTs)

2. Microsoft Certified Systems Administrator (MCSAs)

3. Microsoft Certified Systems Engineer (MCSes)

4. Microsoft Certified Database Administrator (MCDBAs)

5. Microsoft Certified Trainers (MCTs)

6. Microsoft Certified Application Developers (MCADs)

7. Microsoft Certified Solution Developers (MCSDs)

8. Microsoft Office Specialists (Office Specialist)

B. Sertifikasi Oracle

Jenis-jenis Sertifikasi Oracle :

a. Oracle Certified Associate ( OCA )

b. Oracle Certified Professional ( OCP )

c. Oracle Certified Master ( OCM )

C. CISCO :

a. Cisco Certified Networking Associate (CCNA)

b. Cisco Certified Networking Professional (CCNP)

c. Cisco Certified Internetworking Expert (CCIA)

Sertifikasi Berorientasi Profesi

1. Institute for Certification of Computing Professionals (IC3)

a. Certified Data Processor ( CDP )

b. Certified Computer Programmer ( CCP )

c. Certified Systems Professional ( CSP )

2. Institute for Certification of Computing Professionals

a. Entry Level Computer Serivce

b. Network Support and Administration

c. Computer and Information Security

d. Home Technology Installation

e. IT Project Management

3. IC3 (Internet and Computing Core Certification)

IC3 (Internet and Computing Core Certification)

Program IC3 dikembangkan oleh CERTIPORT, Amerika Serikat yaitu sebuah lembaga sertifikasi Internasional bidang teknologi informasi dan komputer bertaraf dunia yang telah dikenal dengan program sertifikasi: IC3, Microsoft Office Specialist dan HP ATA.

Materi yang Diujikan & Syarat Kelulusan

Peserta harus mendapatkan nilai minimal berikut ini untuk bisa lulus pada masing-masing modul:

Computing Fundamental: minimal skor 710 dari 1000

Key Applications: minimal skor 680 dari 1000

Living Online: minimal skor 660 dari 1000

IEEE Computer Society Certification

Oracle Java Certification

Etika Profesi Bidang IT

PAPA = 4 Isu Etika Era Informasi

Privacy (kerahasiaan)

Accuracy (kebenaran)

Property (kepemilikan)

Accessibility (hak akses)

Sepuluh Perintah untuk Etika Komputer

1. Jangan menggunakan komputer untuk membahayakan orang lain.

2. Jangan mencampuri pekerjaan komputer orang lain.

3. Jangan mengintip file orang lain.

4. Jangan menggunakan komputer untuk mencuri.

5. Jangan menggunakan komputer untuk bersaksi dusta.

6. Jangan menggunakan atau menyalin perangkat lunak yang belum kamu bayar.

7. Jangan menggunakan sumber daya komputer orang lain tanpa otorisasi.

8. Jangan mengambil hasil intelektual orang lain untuk diri kamu sendiri.

9. Pikirkanlah mengenai akibat sosial dari program yang kamu tulis.

10. Gunakanlah komputer dengan cara yang menunjukkan tenggang rasa dan rasa penghargaan. (respect)

ACM/IEEE Code of Ethics

The professional societies in the US have cooperated to produce a code of ethical practice

Software engineers shall commit themselves to making the analysis, specification, design, development, testing and maintenance of software a beneficial and respected profession

In accordance with their commitment to the health, safety and welfare of the public, software engineers shall adhere to the following Eight Principles

Code of Ethics – Eight Principles

1. PUBLIC

• Software engineers shall act consistently with the public interest

2. CLIENT AND EMPLOYER

• Software engineers shall act in a manner that is in the best interests of their client and employer consistent with the public interest

3. PRODUCT

• Software engineers shall ensure that their products and related modifications meet the highest professional standards possible

Code of Ethics – Eight Principles 4. JUDGMENT

• Software engineers shall maintain integrity and independence in their professional judgment

5. MANAGEMENT

• Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance

6. PROFESSION

• Software engineers shall advance the integrity and reputation of the profession consistent with the public interest

Code of Ethics – Eight Principles

7. COLLEAGUES

• Software engineers shall be fair to and supportive of their colleagues

8. SELF

• Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession

3. Software Industry and Market

Kondisi Software Development

Jumlah software house di Indonesia sekitar 500 perusahaan di tahun 2010

Jumlah pengembang profesional meningkat sampai 80000 di tahun 2010

Total pengembang profesional di dunia adalah 13,5 juta (Indonesia menyumbang 0,5%). Sumbangan terbesar dari India (10,5%) dan Amerika (18,9%)

Region Asia Pacific Penyumbang Developer Terbesar di Dunia (29,2%) disusul North America (21,7%)

Software Spending per Developer Region Asia Pacific Cukup Rendah, hanya 50% dari Region North America

(The IDC Professional Developer Model)

Statistik Jumlah Developer Dunia

Masalah di Indonesia -1-

Keterbatasan pengetahuan dalam software development dan standard methodology (hajar-bleh methodology)

Software belum bisa menjadi industri profesional, tapi masih model pengrajin atau pedagang buah di pinggiran jalan yang jualan karena ada panen atau mood (tidak ada jaminan kualitas)

Kurangnya keterlibatan pemerintah untuk melindungi pengembang software lokal: Diperlukan proteksi terhadap industri software lokal. Contoh: Ichitaro dan TRON di Jepang

Masalah di Indonesia -2-

Keterbatasan modal usaha, terutama karena industri software dianggap tidak bankable

Pasar yang masih belum kondusif:

•Kebutuhan belum banyak

•Banyak yang menganggap pengembangan software (pesanan) seperti pengadaan barang biasa

Piracy rate Indonesia yang mencapai 87% (nomor 3 sedunia) dan trend SDM IT Indonesia yang ke arah cracking activities (Carding, Defacing, Attacking)

0 5 10 15 20 25 30

RFID

e-Payment

e-Education

e-Government

Game Online

Internet dan Telekomunikasi

Media dan Jejaring Sosial

Mobile Application

Mobile Content dan

Advertising

Business Software

e-Commerce

Antivirus Lokal

Data Jumlah Perusahaan Pada Tiap Kategori

Jumlah Perusahaan

Sumber: A. Mohammad BS, Gelombang Baru Digitalpreneur Indonesia, SWA Maret 2010

Jumlah TotalPerusahaan Aktif:

70 Perusahaan

4. Internet Business Model and Trends

Mobile Internet

Social Media

Online Commerce

Online Advertisin

g

Cloud Computing

Digital Creativity

Internet Application

Trends 2013

Internet Application Trends 2012

1. Mobile Internet: menggusur desktop internet (Kleiner Perkins Caufield & Byers) (J. Walter Thompson) (Insights Trends) (Morgan Stanley Research) (Gartner Group)

2. Social Media: menggusur alat komunikasi lain (Kleiner Perkins Caufield & Byers) (Morgan Stanley Research)

3. Online Commerce: dunia stabil, indonesia berkembang pesat (Kleiner Perkins Caufield & Byers)

4. Online Advertising: menuju mobile advertising (Morgan Stanley Research)

5. Cloud Computing: arah bisnis software dunia? (Gartner Group)

6. Digital Creativity: cara baru membuat perubahan (Morgan Stanley Research) (Gartner Group)

1. MOBILE INTERNET

Mobile Device and Application

•The growth of

mobile device

•Thousands of new

applications are

coming online

•Text messaging is a

way of life

New Computing Cycle Characteristics

Smartphone + Tablet > PC Shipments

Technology Wealth Creation/Destruction Cycles

Augmented Reality

Kombinasi dan penambahan suatu obyek atau informasi yang dihasikan secara virtual (dari komputer) pada pandangan nyata manusia

www.winandmac.com truliablog.com

SWYPE Keyboard

SWYPE Keyboard

2. SOCIAL MEDIA

Distribusi Umur Pengguna Facebook Indonesia

Pakai Facebook untuk Apa?

Social Networking

Targeted Ads

Interaction

Surveys

Social + Local + Mobile (SoLoMo)

3. ONLINE COMMERCE

Online Commerce Gaining Share vs Offline

Market Place and Network

Payment Gateway

4. ONLINE ADVERTISING

Media Time Spent vs Ad Spend Still Out of Whack

Mobile vs Other Advertising Media

Relative Efficacy of Mobile vs. Other Advertising Media

Rolling Out Ad Units in Mobile Apps

5. CLOUD COMPUTING

Cloud Computing

Cloud Computing

A style of computing where scalable and elastic IT-enabled capabilities are delivered as a service to customers using Internet technologies

How does it affect you?

• Common services are available now —

may reduce operating expenses

• Private clouds improve agility and will

dominate

• Focus on service levels

Next Monday Morning

• Evaluate commodity services you

provide and what can move to the cloud

• Evaluate cloud delivery model for

internal use

• Categorize applications/services based

on SLAs and risk before proceeding

Critical Timeframe

2011–2013

Cloud Computing

Cloud Computing

Cloud Computing Characteristics

1. Delivery of capabilities "as a service“

2. Delivery of services in a highly scalable and elastic fashion

3. Using Internet (Web) technologies to develop and deliver services

4. Designing for delivery to external customers

6. DIGITAL CREATIVITY

“the World is Flat”

Thomas Friedman, 2004

“Individu Bisa Membuat Perubahan”

Thomas Friedman, The World is Flat, 2004

Steve Chen dan Chad Hurley

Mark Zuckerberg

Tom Anderson

Matt Mullenweg

Mobile Internet

Social Media

Online Commerce

Online Advertisin

g

Cloud Computing

Digital Creativity

Internet Business

Trends 2012