| Title | Information Security Assessment On Court Tracking Information System: A Case Study from Mataram District Court |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Auliani, Aishananda S., Candiwan |
| Conference Name | 2021 IEEE 12th Annual Ubiquitous Computing, Electronics Mobile Communication Conference (UEMCON) |
| Keywords | assessment, CMMI, Damage Assessment, Government, Information security, ISO standards, ISO/IEC 27001:2013, Mobile communication, passwords, pubcrawl, Regulation, Resiliency, security management, SIPP |
| Abstract | The Government of Indonesia has implemented an Electronic-Based Government System (SPBE) to provide fast and unlimited services by distance, space, and time. The Case Investigation Information System (SIPP) is a service for the public that requires good integration of information so that legal services are provided quickly and easily. In 2020 court websites experienced many hacker attacks based on data from internal court sources, at least there were more than 20 courts throughout Indonesia that were affected by damage to both the website, the SIPP web feature, and the court library featured. Based on the Minister of Communication and Informatics Regulation No. 4 of 2016 in article 7, every SPBE organizer must implement information security following the information security standards described by the Ministry of Communication and Information. Since this regulation is conceived to minimize the risk of the security breach on SPBE, and there is such numerous security breach in 2020 therefore this indicates poorly implemented of the regulation. Based on this finding this research aims to investigate which area is neglected. To achieve this, this research employs gap analysis using ISO/IEC 27001:2013and maturity level to reveal the neglected areas in information security. Current findings show there are SIPP users that still use weak passwords and lack of awareness of top management personnel in several information security areas such as securing sensitive documents or policies that regulate information security specifically for SIPP. These findings entails that the security management in Court is most likely at the initiative level. |
| DOI | 10.1109/UEMCON53757.2021.9666617 |
| Citation Key | auliani_information_2021 |
Information Security Assessment On Court Tracking Information System: A Case Study from Mataram District Court