Security

Awareness
KPTIK BMN Makassar
Asrar Abu Khair
Wowrack Indonesia

Support Team
T3 LSA & Solution Architect
Wowrack.co.id
Wowrack.com Provide Support, Planning and Infrastructure
Design for Linux Environment
Asrarabukhair.com
Credentials

Asrar Abu Khair

T3 LSA & Solution Architect

linkedin.com/in/asrar-abu-khair/
Wowrack Indonesia Contact | Email: Sales@wowrack.co.id | Phone : 031 6000 2888
Wowrack Indonesia Contact | Email: Sales@wowrack.co.id | Phone : 031 6000 2888
 Berpengalaman dalam managed service lebih dari 4000 server secara global untuk berbagai jenis industri
berbasis IT. (Manufacture, Fintech, E-commerce, Public Services, Real Estates, Agriculture, dan lain-lain)

Spesialisasi Wowrack adalah Sistem Administrasi Cloud Technology, Tata Jaringan Cloud, Desain dan
Implementasi, Migrasi, dan Daily Operational Managed Service untuk berbagai Cloud System dan Enterprise
Services.

Bekerja bersama 50+ Certified System Engineers untuk menjaga kualitas ketersediaan Support 24/7 dengan
berbagai konsentrasi

Wowrack Indonesia mengacu pada CLIENT CENTRIC SOLUTION.

Kami percaya setiap client berhak untuk mendapat layanan uptime dan support yang baik untuk
menjalankan dan fokus pada core businessnya.

Data Center Wowrack Indonesia memiliki sertifikasi ISO 27001: 2013 untuk SystemKeamanan Informasi
dan TIA 942 certified Tier 2 dan 3 guna mendukung Uptime yang Tinggi.

Wowrack Indonesia Contact | Email: Sales@wowrack.co.id | Phone : 031 6000 2888

Wowrack Indonesia Contact | Email: Sales@wowrack.co.id | Phone : 031 6000 2888
Wowrack Indonesia Contact | Email: Sales@wowrack.co.id | Phone : 031 6000 2888
 Goals

Security Principals
Outline Awareness

Breach Source

Impact of Security Breach

Password Protection/Identity Check

Security Implementation

Use Case
Goals Awareness and Responsibility

Regulasi, Organisasi/Lembaga,
Personal/Habit.
Security Principals ● Confidentiality
Kerahasiaan
● Integrity
Integritas
● Availability
Ketersediaan
Security Principals ● Confidentiality
Data Pajak
● Integrity
Data Pajak <> Pendapatan Perorangan
<> Laporan Keuangan negara
● Availability
Dapat diakses saat dibutuhkan.
Use case
Wowrack Security Standard | ISO 9001, 27001, HIPAA, SIC1,SIC2…
Wowrack Solution Standard | ISO 9001, 27001, HIPAA, SIC1,SIC2…
Awareness
Data Breaches
1

01

Gambaran tren kebocoran data global

2019-2021. (Terlapor)
Data Breaches
1

02

Gambaran tren kebocoran data 2019-2021

Data Breaches
1

03

Gambaran tren kebocoran data 2019-2021

Data Breaches
1

04

Gambaran tren kebocoran data 2019-2021

Data Breaches
1

05

Gambaran tren kebocoran data 2019-2021

Data Breaches
1

06

Gambaran tren kebocoran data 2019-2021

Data Breaches
1

07

Gambaran tren kebocoran data 2019-2021

Data Breaches
08

https://www.kompas.tv/article/267177/da
ta-pengguna-pajak-go-id-bocor-ini-kata-pi
hak-ditjen-pajak
Source of Data
1

Breaches

Norton Data Breach Index 2016

Source of Data
1

Breaches

Verizon Data Breaches Report 2016

Source of Data
1

Breaches

Verizon Data Breaches Report 2016

Breach Source
Malware
Malware
Ransomeware
How You Got Infected
➔ Klik link yang tidak credible (Browser, Messenger, Email, Etc)

➔ Download Software Cracked/Nulled/

➔ Download/Install Apps di luar dari official site.

➔ Meng-copy dari device (Phone, fd, disk,etc)

 ● Methode tebar umpan
Phishing ● Disebarluaskan menggunakan banyak
platform, seperti weblink, false-
domain, email, etc
● Umumnya menyerupai
alamat/situs/organisasi yang resmi.
● Bertujuan mengambil informasi
pribadi, menyebarkan malware dan
gain access.
Phishing
Phishing
Phishing
Phishing
Phishing
Phishing
How to Avoid
➔ Pastikan mengenal pengirim/link/domain dari pesan/file yang diakses

➔ Biasanya penulisan dan font yang digunakan buruk atau tidak formal

➔ Bisakan untuk menulis kembali link tujuan jika memungkinkan.

➔ Gunakan komputer yang Aman.

➔ Gunakan network yang Aman.

➔ Selalu mengakses website dengan https

Password Protection and Personal Data
Check
More for personal data and identity checking
Password
01 80
Kompleksitas password
*score minimum

● Lebih dari 16 character

● Upper case, Lower case, special
character, number.
● Tidak berurutan.
 ● https://passwordsgenerator.net/
Password ● https://www.lastpass.com/features/p
assword-generator
02 ● https://passwordsgenerator.net/plus/
Password
03

● 2FA (2 factor authentication)

● MFA (Multi factor authentication)
 ● https://www.kredibel.co.id/search/ph
Identity Check ●
one
https://cekrekening.id/home
01 ●
●
https://periksadata.com/
https://www.dehashed.com/
Impact Of Security/Data Breach
Reputational
Damage
Financial Loss
● Device/Data Cost
● Consulting Cost
● Investigation Cost
● Assurance/Audit Cost
Operational ● Layanan tidak bisa diakses
Downtime ●
●
Data menjadi tidak valid
Domino effect
Legal
● Tuntutan hukum dari entitas
Consequence B/G yang bekerjasama
● Tuntutan hukum dari entitas
customer
● Incident reporting,
investigation update.
Data Loss
Security Implementation
Organization
● Regulasi
● Edukasi
● Budget
● Sumber Daya Manusia
 User
01 85
Awareness

https://setjen.kemenkeu.go.id/api/Medias/
304e43f9-495d-4bd1-bff4-72f9a44b1d3
5
Technical Overview
● Search Engine Safety
● Web Content Filtering
● Email Protection
● Network Protocol Standard
● VPN
● Device/Internet-of-things Protection
● 2FA/MFA (OTP)
● Regular Password Changes
Security Implementation (Use Case)
In-Office Security Architecture Standard | ISO 9001, 27001, HIPAA,
Home-2-Office Security Architecture Standard | ISO 9001, 27001, HIPAA,
Questions?
See You
Supporting
information
03
Julia
Team Manager
Reference your personas, if you have them.
Describe the content of Julia’s job and the
problem she and her team are currently facing.
Use cases / user stories
➔ Use cases, user stories, notes to set up the wireframes. Such as…

➔ “As an Administrator, I would like to restrict permissions based on role.”

➔ “As a Moderator, I would like to flag and approve comments.”

➔ Executives indicated that being able to see a summary of each segment of data was their #1
priority.

➔ Note: secondary admin workflow not planned for this release.

Assumptions
State your assumptions or any unknowns here.
Solution Proposal
Solution description
Now that you’ve justified your attention to the problem, summarize your solution in one or two
sentences.
Why it’s better than existing solutions
Return to the problem now that you’ve introduced your solution. Compare your solution to others and
describe how it is superior.
Wireframes
Information architecture Balsamiq Tip | Information architecture is the flow of content across the site or application (more info).
 Call out key parts of the UI

Component Browser Balsamiq Tip | Use the Balsamiq add-on to make your own wireframe.
Component Detail
 Articulate your design decisions
by adding justifications

Component Detail (Mobile)

Contacts
Contacts (Mobile)
Next Steps
What next?
➔ Present the timeline.

➔ Solicit comments on these slides or reviews on these wireframes in the Balsamiq add-on.

➔ User testing plan.

Timeline

MAY JUN TODAY AUG SEPT OCT NOV

Requirements
User research Wireframes Review Prototype User testing Dev hand-off
gathering
References
Tips for Presenting Your Wireframes

3 Steps to Better UI Wireframes

Wireframing for Beginners