Perceptions of Students at Andalas University's Payakumbuh Campus Regarding the Security of Academic Information Systems

https://doi.org/10.55299/ijec.v3i2.976

Authors

  • Yindrizal Study Program of Management, Faculty of Economics and Business, Andalas University, Indonesia

Keywords:

Academic Information System, ISO, System Security, Authentication

Abstract

Higher Education is one of the public service providers that wants to provide the best service to internal and external parties who need information, namely by utilizing academic information systems. The use of academic information systems is prone to data and information crimes, which are problems experienced by many system users and this also occurs in Indonesia. The method in this study uses a qualitative description method in this study and data collection is obtained using triangulation techniques. The results of the study, that it is necessary to improve information security from various threats, thus ensuring the security of valuable information assets. Information security using The International Organization for Standardization (ISO)/IEC 27001. In addition, it is also necessary to perform two-factor authentication which adds a two-step verification process to access the account.

Downloads

Download data is not yet available.

References

Akraman, R., Candiwan, C., & Priyadi, Y., 2018, Pengukuran Kesadaran Keamanan Informasi Dan Privasi Pada Pengguna Smartphone Android Di Indonesia. Jurnal Sistem Informasi Bisnis, 8(2), 115.

Al-Sehri, 2012, Information security awareness and culture, British Journal of Arts and Social Sciences; 6(1): 61-69

Al-Omari A, El-Gayar O, Deokar A., 2012, Security policy compliance: User acceptance perspective. InSystem Science (HICSS), 45th Hawaii International Conference on 2012 Jan 4 (pp. 3317-3326). IEEE.

Arens, Alvin A. And Loebecke, James K., 2005, Auditing An Integrated Approach, Eight Edition, New Jersey: Prentice Hall Inc,

Beecroft, G.D., 1997, Implementation Philosophy: ISO 9000 versus QS 9000. Total Quality Management, 8, 83-87.

Chazar, C., 2015, Standar Manajemen Keamanan Sistem Informasi Berbasis ISO 27001:2005. Jurnal Informasi, VII(2), 48-57.

Darmawan, Deni dan Fauzi, Nur, Kunkun, 2013, Sistem Informasi Manajemen. Bandung: PT Remaja Rosdakarya.

Dhillon, G. dan Backhouse, J., 2002, Risks in The Use ofInformation Technology Within Organizations. International Journal of Information Management, Vol. 16, 1,.

Dhillon, G and Backhouse, J., 2000, Information System Security Management in the New Millennium. Communications of ACM, Vol. 43, No. 7, pp. 125-128.

Darmawan, Deni., & Kunkun Nur Fauzi, 2013, Sistem Informasi Manajemen. Bandung: PT Remaja Rosdakarya.

Dennis Beecroft, G., 1996, Internal quality audits – obstacles or opportunities?, Training for Quality, Vol. 4 No. 3, pp. 32-4.

Dyna Marisa Khairina, 2011, Analisis Keamanan Sistem Login, Jurnal Informatika Mulawarman Vol. 6 No. 2 Juli

Elachgar, Hicham, Brahim Boulafdour, Meryem Makoudi, and Boubker Regragui, 2012, Information Security, 4TH Wave. Journal of Theoretical and Applied Information Technology 43(1): 1–7

Gemalto, 2015, Information Security Threat Annual Reports. Gemalto Corporation. 2015; 43.

Sanyoto, G., & Hendarti, H., 2007, Audit Sistem Informasi Lanjutan + Standar, Panduan, dan Prosedur Audit SI dari ISACA. Jakarta: Mitra Wacana Media

Sanyoto, G., 2007, Audit Sistem Informasi + Pendekatan CobIT. Edisi Revisi. MitraWacana Media. Jakarta.

Hariningsih, 2005, Teknologi Informasi. Yogyakarta : Graha Ilmu

Hermaduanti, Ninki, and Imam Riadi, 2016, “Automation Framework for Rogue Access Point Mitigation in Ieee 802.1X-Based WLAN.” Journal of Theoretical and Applied Information Technology 93(2): 287–96.

Humphreys, E., 2016, Implementing the ISO/IEC 27001 ISMS Standard, (2nd edition). Artech House, London, U.K

Imam Riadi, 2013, Optimalisasi Keamanan Jaringan Menggunakan Pemfilteran Aplikasi Berbasis Mikrotik, Jurnal Sistem Informasi Indonesia

ISO, International Standard ISO/IEC 27001 Information Technology - Security Techniques - Information Security Management Systems - Requirements, IEC, vol. 27001, no. 27001, 2013.

ISO, International Standard ISO/IEC 27002 Information technology — Security techniques — Code of practice for information security controls, IEC, vol. 27002, no. 27002, 2013

Johnston, P. A. 2005. Login System, http://pajhome.org.uk

Krugger, H. A., & Kearney, W. D., 2006, A Prototype for assesing information security awareness. Computer & Securitiy, 289 – 296

Laudon, Kenneth C dan Jane P. Laudon, 2007, Sistem Informasi Manajemen, Edisi ke-10. Terjemahan Chriswan Sungkono dan Machmudin Eka P. Jakarta: Salemba Empat

McLeod, Raymond & Schell, George P., 2008, Sistem Informasi Manajemen, Edisi 10. Jakarta: Salemba Empat.

Menk, T.J. (2008), Internal auditing: key to helping your operations and bottom line, Alpern Rosenthal. available at: ww.alpern.com/resources/publications/internal%20audit.html (accessed 13 January 2008).

M. Hassanzadeh, N. Jahangiri, and B. Brewster, 2014, A Conceptual Framework for Information Security Awareness, Assessment, and Training, in Emerging Trends in ICT Security, 1st ed., B. Akhgar and H. R. Arabnia, Eds. 2014, pp. 99 – 109

Mulyadi & Kanaka Puradiredja, 1998, Auditing, Edisi Kelima,Buku Satu, Jakarta: Penerbit Salemba Empat.

Mokodompit, M. P., & Nurlaela, N., 2017, Evaluasi Keamanan Sistem Informasi Akademik Menggunakan ISO 17799&58, 2000 (Studi Kasus Pada Peguruan Tinggi X). Jurnal Sistem Informasi Bisnis, 6(2), 97-104

Moleong, Lexy J., 2013, Metode Penelitian Kualitatif, Edisi Revisi. Bandung : PT. Remaja Rosdakarya.

Ron Weber, 2000, Information System Control and Audit, PrenticeHall, Inc.: New Jersey

Sanyoto. Gondodiyoto, 2007, Audit Sistem Informasi + Pendekatan CobIT, Edisi Revisi. MitraWacana Media. Jakarta.

Sarno, R & Iffano, 2009, Sistem Manajemen Keamanan Informasi, Surabaya, Percetakan ITS Press

Satoto, Kodrat Iman, dkk., 2008, Analisis Keamanan Sistem Informasi Akademik Berbasis Web di Fakultas Teknik Universitas Diponegoro, Artikel Ilmiah Terpublikasi Seminar Nasional Aplikasi Sains dan Teknologi. ISSN: 1979- 911X, Hal: 175-186, Desember 2008

Sattarova Feruza Y. and Tao-hoon Kim, 2007, IT Security Review: Privacy, Protection, Access Control, Assurance and System Security, International Journal of Multimedia and Ubiquitous Engineering Vol. 2, No. 2, April

Sugiyono, 2015, Metode Penelitian Kuantitatif Kualitatif R&B, Bandung: Aflabeta.

Symantec, 2015, Information Security Threat Reports, Symantec Corporation. 2015; 18

Susanto, Bekti M., 2013, Mengukur Keamanan Informasi: Studi Komparasi ISO 27002 dan NIST 800-55, Seminar Nasional Teknologi Informasi dan Komunikasi.

Susanto, Heru, dkk., 2011, Information Security Management System Standards: A Comparative Study of the Big Five, International Journal of Electrical & Computer Sciences IJECS-IJENS Vol: 11 No: 05.

Thomas M, Dhillon G., 2011, Interpreting deep structures of information systems security, The Computer Journal. Nov 30:bxr118.

Urbach, N. & Mueller, B., 2011, The Update Delone and Mclean Model of Information System, Springer Science and Business Media, p. 28.

Witman, M. E., Mattord, H. J., 2011, Principles of Information security, 4th Edition. Atlanta: Cengage Learning.

Wood, C. C., 1995, Writing InfoSec Policies. Computers & Security, Vol. 14, No. 8, pp. 667-674.

Published

2024-07-23

How to Cite

Yindrizal. (2024). Perceptions of Students at Andalas University’s Payakumbuh Campus Regarding the Security of Academic Information Systems. International Journal of Economics (IJEC), 3(2), 848–860. https://doi.org/10.55299/ijec.v3i2.976

Issue

Vol. 3 No. 2 (2024): July-December

Section

Articles
Copyright & Licensing

Copyright (c) 2024 Yindrizal

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.