Sistem informasi & Komunikasi:
Special Issue on ICT
S2 SKI TE Universitas Brawijaya Dr. Eng. Herman Tolle
[email protected]
Contents 1. Network Security 2. Profession, Ethics and Certification 3. Software Industry and Market 4. Internet Business Model and Trends
1. Network Security
Security Threats A network security threat : adalah kejadian/peristiwa yang potensial dapat menyebabkan kerugian, yang dapat mengganggu atau menginterupsi sistem dalam jaringan, atau kerugian materiil bagi organisasi Sekali ancaman itu diidentifikasi maka dicatat dan disusun berdasarkan kemunculannya
Figure 1 summarizes the most common threats to security.
4
Figure 1 Common Security Threats
5
Threats to Network Security
6
Jenis-jenis Security Threats 1.
Disruptions are the loss or reduction in network service. -> Gangguan dari sumber daya listrik
2.
Some disruptions may also be caused by or result in the destruction of data.-> Kerusakan
3.
Natural (or manmade) disasters may occur that destroy host computers or large sections of the network.-> bencana alam
4.
Unauthorized access is often viewed as hackers gaining access to organizational data files and resources. However, most unauthorized access incidents involve employees. -> akses tanpa ijin
7
Types of Attacks
Spoofing (masquerade) attacks
Front-door-attacks
Man-in-the-middle (hijacking) attacks
Trapdoor attacks
Denial-of-service attacks Insider attacks
Brute-force attacks Replay attacks Trojan horse attacks Social engineering attacks
Viruses Macros Executables Boot sector Stealth
Polymorphic
Preventing Intruder Access
Empat macam penyusup (intruder) yang mungkin melakukan unauthorized access 1.
Casual hackers who only have limited knowledge of computer security.
2.
Security experts whose motivation is the thrill of the hunt.
3.
Professional hackers who break into corporate or government computers for specific purposes.
4.
Organization employees who have legitimate access to the network but who gain access to information they are not authorized to use.
Network Controls Mengembangkan sebuah jaringan yang secure berarti mengembangkan mekanisme untuk mengurangi atau menghilangkan ancaman terhadap keamanan jaringan, disebut sebagai Network controls. Ada tiga jenis pengendalian (control): • Preventative controls - mitigate or stop a person from acting or an event from occurring (e.g. passwords). • Detective controls – membuka atau mencari event-event yang tidak diinginkan (reveal or discover unwanted events) (e.g., auditing software). • Corrective controls - rectify an unwanted event or a trespass (e.g., reinitiating a network circuit).
12
2. Profession, Ethics and Certification
Proefesi bidang TIK a. Kelompok pertama perangkat lunak (software): • Sistem analis, Programmer, Web Designer, Web Programer, Mobile Application Developer b. Kelompok kedua perangkat keras (hardware) & networking: • Technical engineer, Networking engineer, Telecom Engineer c. Kelompok tiga operasional & management: • EDP Operator, System administrator, Mis director d. Kelompok empat mereka yang berkecimpung di pengembangan bisnis teknologi informasi IT Entrepreneur
50 Best Jobs in America 1. Software engineer: $80,500 AVERAGE PAY 46% 10YEAR GROWTH 2. College professor: $81,500 AVERAGE PAY 31% 10YEAR GROWTH
3. Financial adviser: $122,500 AVERAGE PAY 26% 10YEAR GROWTH 4. Human-resources manager: $73,500 AVERAGE PAY 23% 10-YEAR GROWTH 5. Physician assistant: $75,000 AVERAGE PAY 50% 10YEAR GROWTH
Orang Terkaya Indonesia 1. Aburizal Bakrie 2. Sukanto Tanoto 3. R. Budi Hartono 4. Michael Hartono 5. Eka Tjipta Widjaja 6. Putera Sampoerna 7. Martua Sitorus 8. Rachman Halim 9. Peter Sondakh 10. Eddy William Katuari
5,4 miliar USD 4,7 miliar USD 3,14 miliar USD 3,08 miliar USD 2,8 miliar USD 2,2 miliar USD 2,1 miliar USD 1,6 miliar USD 1,45 miliar USD 1,39 miliar USD
Orang Terkaya di Amerika 1. Bill Gates 2. Warren Buffett 3. Paul Allen 4. Larry Ellison 5. S. Robson Walton 6. Jim Walton 7. John T. Walton 8. Michael Dell 9. Sheldon Adelson 10.Steve Ballmer
46,5 miliar USD 44,0 miliar USD 21,0 miliar USD 18,4 miliar USD 18,3 miliar USD 18,2 miliar USD 18,2 miliar USD 16,0 miliar USD 15,6 miliar USD 12,1 miliar USD
Orang Indonesia Kaya Karena Sumber Daya Alam dan Keturunan
Orang Amerika Kaya Karena Pengetahuan
Sertifikasi Bidang TIK
Sertifikasi bidang TIK Alasan pentingnya sertifikasi profesionalisme dibidang IT : 1.
Untuk menuju pada level yang diharapkan, pekerjaan di bidang TI membutuhkan expertise.
2.
Profesi dibidang TI, merupakan profesi menjual jasa dan bisnis jasa bersifat kepercayaan.
Manfaat adanya sertifikasi profesionalisme:
1.
Ikut berperan dalam menciptakan lingkungan kerja yang lebih profesional.
2.
Pengakuan resmi pemerintah tentang tingkat keahlian individu terhadap sebuah profesi.
3.
Pengakuan dari organisasi profesi sejenis, baik tingkat regional maupun internasional.
4.
Membuka akses lapangan pekerjaan secara nasional, regional maupun internasional.
5.
Memperoleh peningkatan karier dan pendapatan sesuai perimbangan dengan pedoman skala yang diberlakukan.
Kelemahan pelaksanaan sertifikasi adalah: 1. Biaya Mahal 2. Kemampuan yang kurang memadai
Lembaga Sertifikasi 1. Institute for Certification of Computing Professionals (ICCP) Merupakan badan sertifikasi profesi teknologi informasi di Amerika. ICCP melakukan pengujian terhadap 19 bidang minat, diantaranya adalah bussiness information system, office information system, internet, system development, dan software engineer. Beberapa contoh sertifikasi dari ICCP adalah : – CDP (Certified Data Processor) – CCP (Certified Computer Programmer) – CSP (Certified Systems Professional)
2. Institute for Certification of Computing Professionals (CompTIA)
Merupakan Asosiasi industri teknologi komputer yang beranggotakan antara lain: Microsoft, Intel, IBM, Novell, Linux, HP, dan CISCO. Asosiasi ini memberikan sertifikasi di berbagai bidang, misalnya network support, dan computer technical. Adapun beberapa sertifikasi yang diberikan adalah : • A+ (Entry Level Computer Service) bidang teknisi komputer.
• Network+ (Network Support and Administration) jaringan komputer. • Security+ (Computer and Information Security) keamanan komputer. • HTI+ (Home Technology Installation) bidang instalasi sampai pada pemeliharaan dan teknisi home technology.
• IT Project+ (IT Project Managemant) manajemen proyek di bidang teknologi informasi.
Sertifikasi Berorientasi Produk A. Sertifikasi Microsoft
B. Sertifikasi Oracle
1. Microsoft Certified Desktop Support Technicians (MCDSTs)
Jenis-jenis Sertifikasi Oracle :
2. Microsoft Certified Systems Administrator (MCSAs)
b. Oracle Certified Professional ( OCP )
3. Microsoft Certified Systems Engineer (MCSes)
4. Microsoft Certified Database Administrator (MCDBAs) 5. Microsoft Certified Trainers (MCTs) 6. Microsoft Certified Application Developers (MCADs) 7. Microsoft Certified Solution Developers (MCSDs) 8. Microsoft Office Specialists (Office Specialist)
a. Oracle Certified Associate ( OCA ) c. Oracle Certified Master ( OCM )
C. CISCO : a. Cisco Certified Networking Associate (CCNA) b. Cisco Certified Networking Professional (CCNP) c. Cisco Certified Internetworking Expert (CCIA)
Sertifikasi Berorientasi Profesi 1. Institute for Certification of Computing Professionals (IC3) a. Certified Data Processor ( CDP )
b. Certified Computer Programmer ( CCP ) c. Certified Systems Professional ( CSP ) 2. Institute for Certification of Computing Professionals a. Entry Level Computer Serivce b. Network Support and Administration c. Computer and Information Security d. Home Technology Installation
e. IT Project Management 3. IC3 (Internet and Computing Core Certification)
IC3 (Internet and Computing Core Certification) Program IC3 dikembangkan oleh CERTIPORT, Amerika Serikat yaitu sebuah lembaga sertifikasi Internasional bidang teknologi informasi dan komputer bertaraf dunia yang telah dikenal dengan program sertifikasi: IC3, Microsoft Office Specialist dan HP ATA. Materi yang Diujikan & Syarat Kelulusan Peserta harus mendapatkan nilai minimal berikut ini untuk bisa lulus pada masing-masing modul: Computing Fundamental: minimal skor 710 dari 1000 Key Applications: minimal skor 680 dari 1000
Living Online: minimal skor 660 dari 1000
IEEE Computer Society Certification
Oracle Java Certification
Etika Profesi Bidang IT
PAPA = 4 Isu Etika Era Informasi Privacy (kerahasiaan)
Accuracy (kebenaran) Property (kepemilikan)
Accessibility (hak akses)
Sepuluh Perintah untuk Etika Komputer 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
Jangan menggunakan komputer untuk membahayakan orang lain. Jangan mencampuri pekerjaan komputer orang lain. Jangan mengintip file orang lain. Jangan menggunakan komputer untuk mencuri. Jangan menggunakan komputer untuk bersaksi dusta. Jangan menggunakan atau menyalin perangkat lunak yang belum kamu bayar. Jangan menggunakan sumber daya komputer orang lain tanpa otorisasi. Jangan mengambil hasil intelektual orang lain untuk diri kamu sendiri. Pikirkanlah mengenai akibat sosial dari program yang kamu tulis. Gunakanlah komputer dengan cara yang menunjukkan tenggang rasa dan rasa penghargaan. (respect)
ACM/IEEE Code of Ethics The professional societies in the US have cooperated to produce a code of ethical practice
Software engineers shall commit themselves to making the analysis, specification, design, development, testing and maintenance of software a beneficial and respected profession In accordance with their commitment to the health, safety and welfare of the public, software engineers shall adhere to the following Eight Principles
Code of Ethics – Eight Principles 1. PUBLIC • Software engineers shall act consistently with the public interest 2. CLIENT AND EMPLOYER
• Software engineers shall act in a manner that is in the best interests of their client and employer consistent with the public interest 3. PRODUCT • Software engineers shall ensure that their products and related modifications meet the highest professional standards possible
Code of Ethics – Eight Principles 4. JUDGMENT • Software engineers shall maintain integrity and independence in their professional judgment 5. MANAGEMENT • Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance 6. PROFESSION • Software engineers shall advance the integrity and reputation of the profession consistent with the public interest
Code of Ethics – Eight Principles 7. COLLEAGUES • Software engineers shall be fair to and supportive of their colleagues 8. SELF
• Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession
3. Software Industry and Market
Kondisi Software Development Jumlah software house di Indonesia sekitar 500 perusahaan di tahun 2010
Jumlah pengembang profesional meningkat sampai 80000 di tahun 2010 Total pengembang profesional di dunia adalah 13,5 juta (Indonesia menyumbang 0,5%). Sumbangan terbesar dari India (10,5%) dan Amerika (18,9%) Region Asia Pacific Penyumbang Developer Terbesar di Dunia (29,2%) disusul North America (21,7%) Software Spending per Developer Region Asia Pacific Cukup Rendah, hanya 50% dari Region North America (The IDC Professional Developer Model)
Statistik Jumlah Developer Dunia
Masalah di Indonesia -1 Keterbatasan pengetahuan dalam software development dan standard methodology (hajar-bleh methodology) Software belum bisa menjadi industri profesional, tapi masih model pengrajin atau pedagang buah di pinggiran jalan yang jualan karena ada panen atau mood (tidak ada jaminan kualitas) Kurangnya keterlibatan pemerintah untuk melindungi pengembang software lokal: Diperlukan proteksi terhadap industri software lokal. Contoh: Ichitaro dan TRON di Jepang
Masalah di Indonesia -2 Keterbatasan modal usaha, terutama karena industri software dianggap tidak bankable
Pasar yang masih belum kondusif: • Kebutuhan belum banyak
• Banyak yang menganggap pengembangan software (pesanan) seperti pengadaan barang biasa Piracy rate Indonesia yang mencapai 87% (nomor 3 sedunia) dan trend SDM IT Indonesia yang ke arah cracking activities (Carding, Defacing, Attacking)
Data Jumlah Perusahaan Pada Tiap Kategori Antivirus Lokal
Jumlah Perusahaan
e-Commerce Business Software
Mobile Content dan Advertising Mobile Application Media dan Jejaring Sosial
Jumlah TotalPerusahaan Aktif:
Internet dan Telekomunikasi
70 Perusahaan
Game Online e-Government e-Education e-Payment RFID
Sumber: A. Mohammad BS, Gelombang Baru Digitalpreneur Indonesia, SWA Maret 2010
0
5
10
15
20
25
30
4. Internet Business Model and Trends
Mobile Internet Digital Creativity
Social Media
Internet Application Trends 2013 Cloud Computing
Online Commerce Online Advertisin g
Internet Application Trends 2012 1. Mobile Internet: menggusur desktop internet (Kleiner Perkins Caufield & Byers) (J. Walter Thompson) (Insights Trends) (Morgan Stanley Research) (Gartner Group)
2. Social Media: menggusur alat komunikasi lain (Kleiner Perkins Caufield & Byers) (Morgan Stanley Research)
3. Online Commerce: dunia stabil, indonesia berkembang pesat (Kleiner Perkins Caufield & Byers)
4. Online Advertising: menuju mobile advertising (Morgan Stanley Research)
5. Cloud Computing: arah bisnis software dunia? (Gartner Group)
6. Digital Creativity: cara baru membuat perubahan (Morgan Stanley Research) (Gartner Group)
1. MOBILE INTERNET
Mobile Device and Application •The growth of mobile device •Thousands of new applications are coming online •Text messaging is a way of life
New Computing Cycle Characteristics
Smartphone + Tablet > PC Shipments
Technology Wealth Creation/Destruction Cycles
Augmented Reality Kombinasi dan penambahan suatu obyek atau informasi yang dihasikan secara virtual (dari komputer) pada pandangan nyata manusia
www.winandmac.com
truliablog.com
SWYPE Keyboard
SWYPE Keyboard
2. SOCIAL MEDIA
Distribusi Umur Pengguna Facebook Indonesia
Pakai Facebook untuk Apa?
Social Networking
Targeted Ads
Interaction
Surveys
Social + Local + Mobile (SoLoMo)
3. ONLINE COMMERCE
Online Commerce Gaining Share vs Offline
Market Place and Network
Payment Gateway
4. ONLINE ADVERTISING
Media Time Spent vs Ad Spend Still Out of Whack
Mobile vs Other Advertising Media Relative Efficacy of Mobile vs. Other Advertising Media
Rolling Out Ad Units in Mobile Apps
5. CLOUD COMPUTING
Cloud Computing Cloud Computing A style of computing where scalable and elastic ITenabled capabilities are delivered as a service to customers using Internet technologies
How does it affect you? • Common services are available now — may reduce operating expenses • Private clouds improve agility and will dominate • Focus on service levels
Next Monday Morning • Evaluate commodity services you provide and what can move to the cloud • Evaluate cloud delivery model for internal use • Categorize applications/services based on SLAs and risk before proceeding
Critical Timeframe 2011–2013
Cloud Computing
Cloud Computing
Cloud Computing Characteristics 1. Delivery of capabilities "as a service“ 2. Delivery of services in a highly scalable and elastic fashion 3. Using Internet (Web) technologies to develop and deliver services
4. Designing for delivery to external customers
6. DIGITAL CREATIVITY
“the World is Flat” Thomas Friedman, 2004
“Individu Bisa Membuat Perubahan” Thomas Friedman, The World is Flat, 2004
Steve Chen dan Chad Hurley
Mark Zuckerberg
Tom Anderson
Matt Mullenweg
Mobile Internet Digital Creativity
Social Media
Internet Business Trends 2012 Cloud Computing
Online Commerce Online Advertisin g