S2 SKI TE Universitas Brawijaya Dr. Eng. Herman Tolle
emang@ub.ac.id
Sistem informasi & Komunikasi:
Contents
1.
Network Security
2.
Profession, Ethics and Certification
3.
Software Industry and Market
4
Security Threats
A network security threat : adalah
kejadian/peristiwa yang potensial dapat
menyebabkan kerugian, yang dapat mengganggu atau menginterupsi sistem dalam jaringan, atau kerugian materiil bagi organisasi
Sekali ancaman itu diidentifikasi maka dicatat dan disusun berdasarkan kemunculannya
Figure 1 summarizes the most common threats to
5
6
Threats to Network SecurityJenis-jenis Security Threats
1. Disruptions are the loss or reduction in network service.
-> Gangguan dari sumber daya listrik
2. Some disruptions may also be caused by or result in the
destruction of data.-> Kerusakan
3. Natural (or manmade) disasters may occur that destroy host computers or large sections of the network.->
bencana alam
4. Unauthorized access is often viewed as hackers gaining
access to organizational data files and resources.
However, most unauthorized access incidents involve employees. -> akses tanpa ijin
Types of Attacks
Spoofing (masquerade) attacks Man-in-the-middle (hijacking) attacks Denial-of-service attacks Insider attacks Front-door-attacks Brute-force attacks Trapdoor attacks Replay attacks Trojan horse attacks Social engineering
Viruses
Macros Executables Boot sector Stealth PolymorphicPreventing Intruder Access
Empat macam penyusup (intruder) yang mungkin melakukan unauthorized access
1. Casual hackers who only have limited knowledge of
computer security.
2. Security experts whose motivation is the thrill of the
hunt.
3. Professional hackers who break into corporate or
government computers for specific purposes.
4. Organization employees who have legitimate
access to the network but who gain access to information they are not authorized to use.
Network Controls
Mengembangkan sebuah jaringan yang secure berarti mengembangkan mekanisme untuk
mengurangi atau menghilangkan ancaman terhadap keamanan jaringan, disebut sebagai Network
controls.
Ada tiga jenis pengendalian (control):
• Preventative controls - mitigate or stop a person from acting
or an event from occurring (e.g. passwords).
• Detective controls – membuka atau mencari event-event
yang tidak diinginkan (reveal or discover unwanted events) (e.g., auditing software).
• Corrective controls - rectify an unwanted event or a
trespass (e.g., reinitiating a network circuit).
2. Profession, Ethics and
Certification
Proefesi bidang TIK
a. Kelompok pertama perangkat lunak (software):
• Sistem analis, Programmer, Web Designer, Web Programer,
Mobile Application Developer
b. Kelompok kedua perangkat keras (hardware) & networking: • Technical engineer, Networking engineer, Telecom Engineer
c. Kelompok tiga operasional & management: • EDP Operator, System administrator, Mis director d. Kelompok empat mereka yang berkecimpung di
50 Best Jobs in America
1. Software engineer: $80,500 AVERAGE PAY 46% 10-YEAR GROWTH
2. College professor: $81,500 AVERAGE PAY 31% 10-YEAR GROWTH
3. Financial adviser: $122,500 AVERAGE PAY 26% 10-YEAR GROWTH
4. Human-resources manager: $73,500 AVERAGE PAY 23% 10-YEAR GROWTH
5. Physician assistant: $75,000 AVERAGE PAY 50% 10-YEAR GROWTH
Orang Terkaya Indonesia
1. Aburizal Bakrie 5,4 miliar USD
2. Sukanto Tanoto 4,7 miliar USD
3. R. Budi Hartono 3,14 miliar USD
4. Michael Hartono 3,08 miliar USD
5. Eka Tjipta Widjaja 2,8 miliar USD
6. Putera Sampoerna 2,2 miliar USD
7. Martua Sitorus 2,1 miliar USD
8. Rachman Halim 1,6 miliar USD
9. Peter Sondakh 1,45 miliar USD
Orang Terkaya di Amerika
1. Bill Gates 46,5 miliar USD
2. Warren Buffett 44,0 miliar USD
3. Paul Allen 21,0 miliar USD
4. Larry Ellison 18,4 miliar USD
5. S. Robson Walton 18,3 miliar USD
6. Jim Walton 18,2 miliar USD
7. John T. Walton 18,2 miliar USD
8. Michael Dell 16,0 miliar USD
9. Sheldon Adelson 15,6 miliar USD
Orang Indonesia Kaya Karena
Orang Amerika Kaya Karena
Sertifikasi bidang TIK
Alasan pentingnya sertifikasi profesionalisme dibidang IT :
1. Untuk menuju pada level yang diharapkan, pekerjaan di bidang TI membutuhkan expertise.
2. Profesi dibidang TI, merupakan profesi menjual jasa dan bisnis jasa bersifat kepercayaan.
Manfaat adanya sertifikasi profesionalisme:
1. Ikut berperan dalam menciptakan lingkungan kerja yang lebih profesional.
2. Pengakuan resmi pemerintah tentang tingkat keahlian individu terhadap sebuah profesi.
3. Pengakuan dari organisasi profesi sejenis, baik tingkat regional maupun internasional.
4. Membuka akses lapangan pekerjaan secara nasional, regional maupun internasional.
5. Memperoleh peningkatan karier dan pendapatan sesuai perimbangan dengan pedoman skala yang diberlakukan.
Kelemahan pelaksanaan sertifikasi adalah:
1. Biaya Mahal
Lembaga Sertifikasi
1. Institute for Certification of Computing Professionals (ICCP) Merupakan badan sertifikasi profesi teknologi informasi di
Amerika.
ICCP melakukan pengujian terhadap 19 bidang minat, diantaranya adalah bussiness information system, office information system, internet, system development, dan software engineer.
Beberapa contoh sertifikasi dari ICCP adalah : – CDP (Certified Data Processor)
– CCP (Certified Computer Programmer) – CSP (Certified Systems Professional)
2. Institute for Certification of Computing Professionals
(CompTIA)
Merupakan Asosiasi industri teknologi komputer yang
beranggotakan antara lain: Microsoft, Intel, IBM, Novell, Linux, HP, dan CISCO.
Asosiasi ini memberikan sertifikasi di berbagai bidang, misalnya network support, dan computer technical. Adapun beberapa sertifikasi yang diberikan adalah :
• A+ (Entry Level Computer Service) bidang teknisi komputer.
• Network+ (Network Support and Administration) jaringan komputer.
• Security+ (Computer and Information Security) keamanan komputer.
• HTI+ (Home Technology Installation) bidang instalasi sampai pada pemeliharaan dan teknisi home technology.
• IT Project+ (IT Project Managemant) manajemen proyek di bidang teknologi informasi.
Sertifikasi Berorientasi Produk
A. Sertifikasi Microsoft
1. Microsoft Certified Desktop
Support Technicians (MCDSTs)
2. Microsoft Certified Systems Administrator (MCSAs)
3. Microsoft Certified Systems Engineer (MCSes)
4. Microsoft Certified Database Administrator (MCDBAs)
5. Microsoft Certified Trainers (MCTs)
6. Microsoft Certified Application Developers (MCADs)
7. Microsoft Certified Solution Developers (MCSDs)
8. Microsoft Office Specialists (Office Specialist)
B. Sertifikasi Oracle
Jenis-jenis Sertifikasi Oracle :
a. Oracle Certified Associate ( OCA ) b. Oracle Certified Professional ( OCP ) c. Oracle Certified Master ( OCM )
C. CISCO :
a. Cisco Certified Networking Associate (CCNA)
b. Cisco Certified Networking Professional (CCNP)
c. Cisco Certified Internetworking Expert (CCIA)
Sertifikasi Berorientasi Profesi
1. Institute for Certification of Computing Professionals (IC3)
a. Certified Data Processor ( CDP )
b. Certified Computer Programmer ( CCP )
c. Certified Systems Professional ( CSP )
2. Institute for Certification of Computing Professionals
a. Entry Level Computer Serivce
b. Network Support and Administration
c. Computer and Information Security
d. Home Technology Installation
e. IT Project Management
IC3 (Internet and Computing Core Certification)
Program IC3 dikembangkan oleh CERTIPORT, Amerika Serikat yaitu sebuahlembaga sertifikasi Internasional bidang teknologi informasi dan komputer bertaraf dunia yang telah dikenal dengan program sertifikasi: IC3, Microsoft Office Specialist dan HP ATA.
Materi yang Diujikan & Syarat Kelulusan
Peserta harus mendapatkan nilai minimal berikut ini untuk bisa lulus pada masing-masing modul:
Computing Fundamental: minimal skor 710 dari 1000
Key Applications: minimal skor 680 dari 1000
PAPA = 4 Isu Etika Era Informasi
Privacy (kerahasiaan)
Accuracy (kebenaran)
Property (kepemilikan)
Accessibility (hak akses)
Sepuluh Perintah untuk Etika Komputer
1. Jangan menggunakan komputer untuk membahayakan orang lain.
2. Jangan mencampuri pekerjaan komputer orang lain.
3. Jangan mengintip file orang lain.
4. Jangan menggunakan komputer untuk mencuri.
5. Jangan menggunakan komputer untuk bersaksi dusta.
6. Jangan menggunakan atau menyalin perangkat lunak yang belum
kamu bayar.
7. Jangan menggunakan sumber daya komputer orang lain tanpa
otorisasi.
8. Jangan mengambil hasil intelektual orang lain untuk diri kamu sendiri.
9. Pikirkanlah mengenai akibat sosial dari program yang kamu tulis.
10. Gunakanlah komputer dengan cara yang menunjukkan tenggang
ACM/IEEE Code of Ethics
The professional societies in the US have cooperated to produce a code of ethical practice
Software engineers shall commit themselves to making
the analysis, specification, design, development,
testing and maintenance of software a beneficial and respected profession
In accordance with their commitment to the health,
safety and welfare of the public, software engineers shall adhere to the following Eight Principles
Code of Ethics – Eight Principles
1. PUBLIC
• Software engineers shall act consistently with the public interest
2. CLIENT AND EMPLOYER
• Software engineers shall act in a manner that is in the best interests of their client and employer
consistent with the public interest
3. PRODUCT
• Software engineers shall ensure that their products and related modifications meet the highest
Code of Ethics – Eight Principles
4. JUDGMENT
• Software engineers shall maintain integrity and independence in their professional judgment
5. MANAGEMENT
• Software engineering managers and leaders shall
subscribe to and promote an ethical approach to the management of software development and
maintenance
6. PROFESSION
• Software engineers shall advance the integrity and reputation of the profession consistent with the public interest
Code of Ethics – Eight Principles
7. COLLEAGUES
• Software engineers shall be fair to and supportive of their colleagues
8. SELF
• Software engineers shall participate in lifelong
learning regarding the practice of their profession
and shall promote an ethical approach to the practice of the profession
3. Software Industry and
Market
Kondisi Software Development
Jumlah software house di Indonesia sekitar 500 perusahaan di tahun 2010
Jumlah pengembang profesional meningkat sampai 80000 di tahun 2010
Total pengembang profesional di dunia adalah 13,5 juta
(Indonesia menyumbang 0,5%). Sumbangan terbesar dari India (10,5%) dan Amerika (18,9%)
Region Asia Pacific Penyumbang Developer Terbesar di Dunia (29,2%) disusul North America (21,7%)
Software Spending per Developer Region Asia Pacific Cukup Rendah, hanya 50% dari Region North America
Masalah di Indonesia -1-
Keterbatasan pengetahuan dalam software
development dan standard methodology (hajar-bleh
methodology)
Software belum bisa menjadi industri profesional, tapi masih model pengrajin atau pedagang buah di
pinggiran jalan yang jualan karena ada panen atau mood (tidak ada jaminan kualitas)
Kurangnya keterlibatan pemerintah untuk melindungi pengembang software lokal: Diperlukan proteksi
terhadap industri software lokal.
Masalah di Indonesia -2-
Keterbatasan modal usaha, terutama karena industri software dianggap tidak bankable
Pasar yang masih belum kondusif:
• Kebutuhan belum banyak
• Banyak yang menganggap pengembangan
software (pesanan) seperti pengadaan barang biasa
Piracy rate Indonesia yang mencapai 87% (nomor 3 sedunia) dan trend SDM IT Indonesia yang ke arah cracking activities (Carding, Defacing, Attacking)
0 5 10 15 20 25 30 RFID e-Payment e-Education e-Government Game Online Internet dan Telekomunikasi Media dan Jejaring Sosial Mobile Application Mobile Content dan
Advertising Business Software
e-Commerce Antivirus Lokal
Data Jumlah Perusahaan Pada Tiap Kategori
Jumlah Perusahaan
Sumber: A. Mohammad BS, Gelombang Baru Digitalpreneur Indonesia, SWA Maret 2010
Jumlah TotalPerusahaan Aktif:
4. Internet Business Model and
Trends
Mobile Internet Social Media Online Commerce Online Advertisin g Cloud Computing Digital Creativity
Internet Application
Trends 2013
Internet Application Trends 2012
1. Mobile Internet: menggusur desktop internet
(Kleiner Perkins Caufield & Byers) (J. Walter Thompson) (Insights Trends) (Morgan Stanley Research) (Gartner Group)
2. Social Media: menggusur alat komunikasi lain
(Kleiner Perkins Caufield & Byers) (Morgan Stanley Research)
3. Online Commerce: dunia stabil, indonesia berkembang pesat
(Kleiner Perkins Caufield & Byers)
4. Online Advertising: menuju mobile advertising
(Morgan Stanley Research)
5. Cloud Computing: arah bisnis software dunia?
(Gartner Group)
6. Digital Creativity: cara baru membuat perubahan
Mobile Device and Application
•
The growth of
mobile device
•
Thousands of new
applications
are
coming online
•
Text messaging
is a
way of life
Augmented Reality
Kombinasi dan
penambahan suatu obyek
atau informasi yang
dihasikan secara virtual
(dari komputer) pada
pandangan nyata
Pakai Facebook
untuk Apa?
Mobile vs Other Advertising Media
Cloud Computing
Cloud Computing
A style of computing where scalable and elastic
IT-enabled capabilities are
delivered as a service to customers using Internet technologies
How does it affect you?
• Common services are available now — may reduce operating expenses
• Private clouds improve agility and will dominate
• Focus on service levels
Next Monday Morning
• Evaluate commodity services you
provide and what can move to the cloud
• Evaluate cloud delivery model for internal use
• Categorize applications/services based on SLAs and risk before proceeding
Critical Timeframe
Cloud Computing Characteristics
1.
Delivery of capabilities "
as a service
“
2.
Delivery of services in a
highly scalable and
elastic
fashion
3.
Using
Internet (Web)
technologies to develop
and deliver services
“the World is Flat”
“
Individu
Bisa Membuat
Perubahan”
Mobile Internet Social Media Online Commerce Online Advertisin g Cloud Computing Digital Creativity
