IMPLEMENTASI SISTEM PENGAMANAN INFORMASI DALAM APLIKASI INAPORTNET UNTUK MARITIME CYBER SECURITY
Abstract
Abstrak- Perkembangan teknologi informasi dan komunikasi telah mempengaruhi domain maritim. Perkembangan ini telah membawa ancaman baru dalam domain maritim yaitu ancaman cyber. Inaportnet merupakan salah satu pemanfaatan teknologi informasi dan komunikasi dalam domain maritim yang dilakukan oleh Kementerian Perhubungan. Inaportnet merupakan portal elektronik berbasis internet yang mampu mengintegrasikan seluruh sistem informasi pemangku kepentingan yang ada di pelabuhan. Ancaman cyber dalam aplikasi Inaportnet dapat dicegah apabila mempunyai sistem pengamanan informasi yang kuat. Tujuan dari penelitian ini yaitu menjelaskan mekanisme sistem pengamanan informasi dalam aplikasi Inaportnet dan memahami aspek pendukung dan penghambat dalam sistem pengamanan informasi di aplikasi Inapornet untuk melindungi informasi dari ancaman cyber. Metode penelitian yang digunakan adalah kualitatif eksploratif yaitu untuk mengungkapkan alasan tertentu mengapa informasi tersebut terjadi. Sedangkan pengolahan data untuk memeriksa keabsahan data menggunakan software NVivo, serta analisa data menggunakan teknik Soft System Methodology (SSM) untuk menghasilkan hasil analisa yang lebih mendalam, serta hasil pemikiran dan analisa yang lebih terstruktur. Hasil yang didapat adalah implementasi keamanan informasi dalam aplikasi Inaportnet belum berjalan dengan baik. Walaupun secara sistem teknologi sudah memenuhi namun aspek lain yaitu kesadaran untuk keamanan informasi masih kurang, hal ini berdasarkan temuan di lapangan. Inaportnet masih belum mempunyai Information Security Handbook, padahal buku ini diperlukan untuk banyak hal yang mendukung sistem keamanan informasi Inaportnet. Inaportnet juga belum mempunyai jadwal rutin untuk melakukan penetration test dan patch. Oleh karena itu, sebagai pemegang kebijakan aplikasi Inaportnet Direktorat Jenderal Perhubungan Laut perlu untuk membuat Inaportnet information security handbook agar sistem keamanan informasinya tidak hanya baik di teknologinya saja, namun juga baik secara manajemen antar stakeholder dan cyber security awareness di tingkat individunya.
Kata Kunci: Inaportnet, Keamanan Informasi, Maritime Cyber security.
Abstract- The development of information and communication technology has influenced the maritime domain. This development has brought cyber threats in the maritime domain. Inaportnet is one of the uses of information and communication technology in the maritime domain carried out by the Ministry of Transportation. Inaportnet is an internet-based electronic portal that is able to integrate all stakeholder information systems in the port. Cyber threats in Inaportnet applications can be prevented if they have a strong information security system. The purpose of this study is to explain the mechanism of information security systems in the Inaportnet application and understand the supporting and inhibiting aspects of the information security system in the Inapornet application to protect information from cyber threats. The research method used is qualitative explorative which is to reveal certain reasons why the information occurred. While processing data to check the validity of data using NVivo software, and data analysis using Soft System Methodology (SSM) techniques to produce more in-depth analysis results, as well as more structured results of thought and analysis. The results obtained are that the implementation of information security in the Inaportnet application is not running well. Although the technology system has fulfilled but other aspects, namely awareness for information security is still lacking, this is based on findings in the field. Inaportnet still does not have the Information Security Handbook, even though this book is needed for many things that support the Inaportnet information security system. Inaportnet also does not have a routine schedule for doing penetration tests and patches. Therefore, as the holder of the Inaportnet, Directorate General of Sea Transportation application policy, it is necessary to make Inaportnet information security handbook so that the information security system is not only good in the technology, but also in management between stakeholders and cyber security awareness at the individual level.
Keywords: Inaportnet, Information Security, Maritime Cyber security.
References
Referensi
Buku
Kementerian Pertahanan Republik Indonesia. 2015. Buku Putih Pertahanan Indonesia. Jakarta: Kementerian Pertahanan Indonesia.
Layton, Timothy P. 2007. Informaton Security: Design, Implementation, Measurement, and Compliance. Florida: Auerbach Publications, Taylor & Francis Group.
Vacca, John R. 2009. Computer and Information Security Handbook. USA: Morgan Kaufmann Publishers imprint of Elsevier.
Bandur, Agustinus. 2016. Penelitian Kualitatif: Metodologi, Desain, dan Teknik Analisis Data dengan NVIVO 11 plus. Jakarta: Mitra Wacana Media.
Springer, Paul J. 2013. Cyber Warfare: a reference handbook. USA : ABC-CLIO, LLC.
Jurnal
Darmono, Bambang. 2010. “Konsep dan Sistem Keamanan Nasional Indonesia”. Jurnal Ketahanan Nasional. Volume 15 (1).
Bueger, Christian. 2014. “What is Maritime Security?”. Marine Policy, Volume 53.
Grozdanoska, Natasha.2014. “National Defence and Security”. European Scientific Journal. Volume.1. ISSN-1857-7431.
Ahokas, Jenna dan Tuomas Kiiski. 2017. ”Cybersecurityin Ports”. Publication of the Hazard Project: Volume 3.
Peraturan
Peraturan Menteri Perhubungan Nomor 192 Tahun 2015 tentang perubahan atas PM Nomor 157 Tahun 2015 tentang Penerapan Inaportnet untuk Pelayanan Kapal dan Barang di Pelabuhan.
Website
Anita Chandraker,”How can you improve cyber security awareness in your organization?” dalam https://www.paconsulting.com/insights/how-can-you-improve-cyber-security-awareness-in-your-organisation/ diakses pada 27 November 2018.
Downloads
Published
Issue
Section
License
Proposed Policy for Journals That Offer Open Access. Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access. Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
