Analysis of Information System Security Ibis Hotel
*Hafzi Ali, **Abdullah Nainggolan , Adhiem Rissanjaya , Dian Erawati , Nita Rahmawati , Maria Pintha Ito , Indah Ulan Apriyani, Bella Audya Arnas , Dinda Ayu Budiarti
* Profesor of Management Mercubuana University, Jakarta Indonesia
**Students of Universitas Mercubuana, Jakarta Indonesia
ABSTRACT
Now it's a matter of security of information systems is a very important aspect. Unfortunately, often these security issues received less attention from the owner and manager of an information system. Often the problem of security in duakaan numbers in the order of things that are considered important.
When this information has become a very important commodity. Skills in accessing and providing information quickly and accurately is essential for a company, either in the form of commercial information, universities, government agencies, and individual information. In the development of the information it is possible the development of computer technology and telecommunications will increase rapidly.
Very important the information is often some information can only be accessed by certain people. Even the information that falls into the hands of others can cause harm to the owner of the information, for example, is the collapse of the business information into the hands of the opponent. Therefore a highly confidential information must be guaranteed security of information systems security that are not easily accessible by parties who are not responsible.
Based on the above explanation we intend to lift the title of "The importance of the security of information systems".
Keywords : System, Security, AccorHotels
I.INTRODUCTION
COMPANY PROFILE
Company Name: Hotel Ibis Bandung Trans Studio Bandung
Type: Networking Group Accor Hospitality France
Style: 3 Stars
Network: Ibis Hotel, Ibis Style, Ibis Budget
Address: Jl. Gatot Subroto No. 289 Bandung-West Java
Tel: (+62) 22/87345555
Fax: (+62) 22/87347777
General information: H8060-RE1@accor.com
Website: www.accorhotels.com
Vision, mission and commitment
1. wherever you are and whatever your travel destination, vacationing with the family or a business, your hotel should be a place that gives comfort. Ibis hotel in the family, you can immediately feel the comfort when you arrive at one of our hotels.
2. We strive to ensure the best comfort in our rooms, by welcoming and serving consumers and through the design of our hotels. The mission is what motivates us every day.
3.Commitment us to comfort our customers is very simple. Our goal is that you can rest easy and totally relaxed. Because of the experience an enjoyable break is the best thing that can be offered by a hotel.
II.METHODS
Formulation of the problem
1. Why is the information system security is important?
2. What constitutes a security threat information system?
3. How to secure information systems?
4. How is the implementation of the company Hotel Ibis?
Purpose
1. Purpose in writing this paper was to fulfill the duties of Management Information Systems.
2. That readers know about threats to the system and to detect and correct any damage as a result of the system.
3. To recognize the importance of information systems security strategy.
4. To know the threats to the security of information systems.
5. To find out how to secure information systems.
6. To determine policies in the security of information systems.
III. Result & Discussion
1. Why is the information system security is important
Before discussing why it's important information systems security, we will discuss about the security of the information . According to G. J. Simons, information security is how we can prevent fraud (cheating) or, at least, detecting fraud in an information-based system, where information itself has no physical meaning.
An information security strategy is a plan to reduce risks while complying with legal requirements, laws, contracts, and developed internally. Typical measures include a definition of a strategy to build the control objectives, identification and assessment approaches to meet the goals, the selection of controls, the establishment of benchmarks and metrics, and preparation for implementation and testing plans. Why is the security of critical information systems?
Often an information security system is considered less important and under-sekiankan. Most of a company is more concerned menguranggi spending and increase the competitiveness of the company, although the company knows bahwasannya an information system that is damaged will cost not less. Especially if there is confidential information taken by parties who are not responsible for it, if it happens then the company would suffer.
Securing an information system is very important in terms of maintaining the confidentiality of information of a company, if a critical information falling into the hands of those who are not responsible for the company must be very harmed, even could have stolen information can make the company the insolvent
2. What constitutes a security threat information system
Information system security threats is an action that occurs both within the system and outside the system which can disrupt the balance of the system informasi.Ancaman to information security comes from individuals, organizations, mechanisms, or events that have the potential to cause damage to the sources of information.
Threats in the security of information systems is not only come from outside the company as opposed to business or individuals and other kelompk but can also come from within the company.
A threat in security will be followed by an attack, on this occasion we will discuss about attacks that could threaten the security of information systems:
1. Virus
Obviously we are already familiar with the virus. Basically, the virus is a computer program that is "malicious" (have the intent of harming or harassing users of the system) that can infect one or more computer systems through various means of transmission triggered by otorasisasi or involvement "user" as a computer user. The damage that can be caused also vary from the annoying to the type of damage that is costly in terms of financial
2. Worms
Worms are malicious programs that are designed primarily to infect computers that are in a network system. Differences principles that distinguish worms with virus spread of the worm is that it does not depend on human intervention or manual. Worms are programs that are built with a specific algorithm that is able to replicate itself on a computer network without going through aid and engagement.
Due to its characteristics that do not involve humans, if it spreads very difficult to control or control it. Incorrect handling of business will actually make worms movement becomes more wildly out of control for special handling that is used in the face.
3. Trojan Horse
The term Trojan Horse or a Trojan horse is a tactic of war used in the conquest of the city troy which dikelelilinggi strong fortress. The attackers made a giant horse statue in which includes some of the soldiers that will be when it is within the castle going out to do the hacking from within. This idea inspired a number of hackers and crackers to make viruses or worms that is the way it works is similar to the phenomenon of this war tactic, considering the number of antivirus popping up so they create something that can not be detected by antivirus software.
3. How to secure information systems
In general, the security system can be grouped into two: prevention and treatment. Prevention efforts made in order for a security system does not have a hole in its operation, whereas if treatment is done when there is a hole in the system can be overcome.
Security in an information system is expected to keep any information contained therein. Security in a system can be done in several ways including:
1. Choose Password
2. Install protection
3. Monitoring the attack
4. Integrity Monitoring System
5. Perform regular backups.
6. Using encryption
4. Implementation Of Information System Security In Hotel IBIS
1. COMMITMENT TO PROTECTING PRIVACY GROUPS
Because we consider you as an important client, our main priority is to offer you a extraordinary place to stay worldwide.
Your satisfaction and trust to Accor S.A. is important to us. Therefore, as part of our commitment to meet your expectations, we have devised a client's privacy protection policy.
This section states our commitment to you and explain how Accor S.A. use your personal data. The main rules that apply within the Group worldwide Accor Hotels (Accor S.A. and its subsidiaries) was founded on seven principles.
2. SEVEN PRINCIPLES ACCORS HOTELS TO PROTECT YOUR PERSONAL DATA
The following seven principles apply in Accor Group hotels worldwide.
1. Transparency: when collecting and processing your personal data, we will communicate all the information to you and inform you of the purpose and recipient data.
2. Authority: We collect and process personal data only for the purposes described in this Agreement.
3. Relevance and accuracy: We will collect personal data required to process the data. We will take reasonable steps to ensure that personal data held by us is accurate and current.
4. Storage: We will store your personal data for a period of time required to process the data in accordance with the provisions of the law.
5. Access, revision, contradiction: You can access, modify or delete your personal data. You also can not agree to the use of your personal data, in particular to avoid you receive sales and marketing information.
6. Confidentiality and security: we will ensure the technical and organizational efforts made to protect your personal data from alteration or loss against accidental or unlawful, or use, disclosure or unauthorized access.
7. Distribution and international transfers: We may share or transfer your data in accorhotels Group or with third parties (such as commercial partners and / or service providers) for the purposes described in this Agreement. We will take reasonable steps to ensure the security when we share or transfer the data.
3. SCOPE OF APPLICATION
This agreement is valid:
1. For all data processing is implemented in the subsidiary companies and hotels that we manage, ie those that operate under the brand name accorhotels Group (Sofitel, Pullman, Novotel, Suite Novotel, Mercure, ibis, ibis Styles, ibis budget, Hotel F1 etc). The list is updated regularly.
2. For all the Accor website S.A., including www.accorhotels.com but also brand website (www.sofitel.com, www.mercure.com etc.).
3. Although the client's privacy protection policy can not be applied in our franchise hotel, Accor S.A. will seek to promote the seven principles outlined in this Agreement, so that our franchisees comply with all applicable legal requirements with respect to the processing of your personal data.
4. PERSONAL DATA COLLECTED
On many occasions, we are obliged to ask you, as a client Accor S.A, for information about you and / or your family members, such as:
• Contact details (for example, last name, first name, phone number, email)
• Personal information (eg, date of birth and nationality)
• Information relating to your child (eg, first name, date of birth, age)
• The number of your credit card (for the purposes of the transaction and reservation)
• Your membership number for Accorhotels loyalty program or programs of other partners (eg airline loyalty program)
• Date of arrival and departure
• Preferences and your interests (for example, smoking or no smoking rooms, choice of flooring, type of bed, kind of newspapers / magazines, sports and cultural interests)
5. YOUR PERSONAL DATA PROTECTION AT THE TIME OF TRANSFER INTERNATIONAL
For the purposes referred to in Clause 7 of this Agreement, we may transfer your personal data to internal or external recipients who might be in the country that provides the level of protection of personal data are different.
As a result, in addition to implementing this agreement, Accor S.A. will use appropriate measures to ensure the transfer of your personal data securely to accorhotels entity or to an external receiver which is located in a country that has different privacy levels of the country where personal data is collected.
As part of this activity, your data may be transferred, in particular as part of the reservation process, to hotels accorhotels located outside the EU, particularly in the following countries: South Africa, Algeria, Andorra, Saudi Arabia, Argentina, Australia, Bahrain, Benin, Brazil, Cambodia, Cameroon, Canada, Chile, China, Colombia, South Korea, Ivory Coast, Cuba, Egypt, United Arab Emirates, Ecuador, United States, Fiji, Ghana, Guatemala, Equatorial Guinea, India, Indonesia, Israel, Japan, Jordan, Kuwait, Laos, Lebanon, Madagascar, Malaysia, Morocco, Mauritius, Mexico, Monaco, Nigeria, New Zealand, Oman, Uzbekistan, Panama, Paraguay, Peru, Philippines, Qatar, the Dominican Republic, Russia, Senegal, Singapore, Switzerland, Chad, Thailand, Togo, Tunisia, Turkmenistan, Turkey, Ukraine, Uruguay, Vietnam, Yemen, Taiwan, Hong Kong, Macau, Dubai.
In addition to the data necessary to make your reservations, data flow to countries with a level of protection of personal data is governed by different managers with the standard contractual clauses subcontractor as established by the European Commission. The flow of data to the United States do to entities owned by the Safe Harbor.
6. DATA SECURITY
Accor S.A. make efforts in technical and organization in accordance with legal provisions, to protect your personal data against unlawful destruction or accidental changes or accidental loss, and access or unauthorized disclosure. Until now, we have to make efforts in technical (such as firewalls) and organizational efforts (such as user ID / password system, physical protection measures etc.)
By the time you enter your credit card when making a reservation, the encryption technology SSL (Secure Socket Layer) is used to ensure the security of transactions.
7. COOKIE
The use of cookies by Accorhotels
You are informed that the company Accor S.A. use cookies or other tracking in its online booking site, namely http://www.accorhotels.com, http://www.sofitel.com, http://www.pullmanhotels.com, http: //www.mgallery .com, http://www.novotel.com, http://www.mercure.com, http://www.suitenovotel.com, http://www.ibis.com, http: //www.hotelf1 .com, http://www.thalassa.com
This tracker can be installed on your device, depending on the preference you indicated or could appear at any time in accordance with this policy.
1. Why do we have a policy of cookies?
With the aim to provide information and ensure transparency, accorhotels created this policy so that you can learn more about:
• Origin and destination information being processed while you browse the Web Site accorhotels
• Your rights associated cookies and other tracking used by Accorhotels
2. What are cookies?
Cookies and other similar trackers is a data packet used by the server to send status information to the user's browser and restore the original status information to the server via the same browser.
The status information may include a session identifier, language, expiration date, the response column, or other types of information.
During the validity period, cookies are used to store status information while the browser is accessing various pages of the website or when the browser back to this website at a later time.
3. Why use cookies?
We use cookies and other tracking mainly for the following purposes:
Cookies are required to explore Accorhotels site and to be able to use all the features on the website, and is specifically intended for:
· Manage authentication web site visitors and security-related actions, and ensure the accuracy of authentication module function
· Optimizing the user experience and facilitate search, especially in determining "technical service" for search
· Storing information related to information banner "cookie" seen by web site visitors who have returned to search the website after agreeing to accept cookies on their devices
· Implement security measures (for example, when you are prompted to log in to a content or service after a certain period of time, or to ensure the operation of the base site accorhotels and using the technical features of the main, such as performance monitoring and error search, management of user sessions, etc.)
Cookies are used for certain features, particularly those aimed at:
· Adjust accorhotels site with your device display preferences (language, currency, screen resolution, operating system used, configuration and settings display web pages based on the device you use, and location, etc.).
· Storing specific information that you enter in the Accorhotels site to facilitate and customize your next visit (including front and rear displays the name of the visitor when that visitor have a user account)
· Allows you to access a personal page faster by storing login data or information you've previously entered
Cookies for tracking visitors aiming to enhance the user experience by helping us understand your interaction with Accorhotels site (the pages most frequently visited, applications used, etc.); These cookies may collect statistics or test different methods used to display information in order to improve the relevance and efficiency of our services.
Cookie advertising aimed at (i) to offer to you, in the field of advertising, content that is relevant and appropriate, you may be interested (the best deals, other destinations, etc.) Based on your interests, search habits, preferences and other factors, and ( ii) reduce the frequency of occurrence of the ad.
Cookie affiliates recognize third-party websites that redirect visitors to a site accorhotels.
Cookie social networking, arranged by a third party, allowing you to share your opinion about the site accorhotels and content of the site accorhotels on social networks (eg, application key "Share" or "Like" on the social networking).
Social networking applications on the site accorhotels as mentioned above can, in some cases, allow social networks to recognize you even if you do not click the button application. This may allow the key types of social networking-related track your searches on site accorhotels, simply because your account on social networking enabled on your device (open session) when you are searching.
4. Approval
Installing certain cookies will apply the appropriate consent from you. In addition, when the first time you visit the Website accorhotels, you'll be asked for approval for the installation of this type of cookie, which will only be activated once you approve it.
This process is supported by information banner on the home page Accorhotels site, which informs that by continuing the search, you agree to the installation of cookies that require the approval of your device.
You can change your mind at any time using a variety of ways which are described in the section "Removing and / or block the cookie".
5. Remove and / or blocking cookie
You have several options for deleting cookie and other tracking.
Browser settings
Although in general the browser is set by default to accept cookies, you may, if desired, choose to accept all cookies, always block cookies, or choose which cookies to be received by the poster.
You can also set your browser to accept or block cookies based on the specific case before a cookie is installed. Your browser also lets you delete cookies from your device regularly. Remember to do the configurations on all browsers on a variety of your device (tablet, smartphone, computer, etc.).
Management related cookies and preferences, configuration can be varied for each browser. This is outlined in the Help menu of your browser, as well as how to edit your preferences regarding cookies. For example:
o For Firefox ™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Storing cookies on your device depending on your desires, you can choose and change at any time and at no cost, using the settings provided by your browser software.
If your browser is set to accept cookies on your device, cookies embedded in the pages and content you see will be stored temporarily in a special space on your device. These cookies can only be read by the publishers.
However, you can set your browser to block cookies. Please note that if you set your browser to block cookies, some features, pages, and the column Accorhotels site will not be accessible, and we are not responsible for this.
Platform-specific ads
Some professional advertising platform also gives you the option to accept or block cookies that are used by companies that are members. This centralized mechanism does not block ads, but prevent the installation of cookies that tailors ads to your interests.
For example, you can visit the website http://www.youronlinechoices.com to prevent the installation of cookies on your device. This web site is offered by digital advertising professionals who are members of the Digital Advertising Alliance Europe (European Digital Advertising Alliance - EDAA) and managed in France by the Interactive Advertising Bureau France.
8. Access And Changes
You have the right to access your personal data collected by Accor S.A. and to change it in accordance with the provisions of applicable law.
You can also use your right to refuse in writing to the following address.
If you are having difficulty to exercise your right, please contact the department for Data Privacy accorhotels Group directly by sending an email to data.privacy@AccorHotels.com or by mail to the following address:
Accor Département Protection des Données Personnelles (Data Privacy) 82, rue Henri Farman 92130 Issy-les-Moulineaux, France
For purposes of confidentiality and data protection, we need to identify you to respond to your request. You will be required to include a copy of proof of official identification, such as driver's license, passport, along with your request.
If your personal data is inaccurate, incomplete, or not current, please send the right changes to data privacy department as listed below:
All requests will receive a response as soon as possible and in accordance with the provisions of applicable law.
You can use your rights with regard to personal data stored and processed by the hotel after stay. To do this, you must contact the hotel directly.
IV. CONCLUSION
CONCLUSION
The conclusion that can be drawn from the explanations that have been described above are:
a. The security of an information system to be under-united for the security of a system that keeps information will provide security against information held.
b. In terms of security responsibility not only to the leaders alone but the entire party.
c. Threats to the security of the system can be overcome if the operation of the security system is always monitored.
d. The security of a system should be prioritized so that the data and information therein is safe and does not harm the parties concerned, if the data is lost or corrupted.
SUGGESTION
a. The author understands the writing of this paper there are still many shortcomings. Feedback from readers is expected to enhance this paper.
b. The security of a system should be a top priority and responsibility for the operation is the collective responsibility instead of individual responsibility.
References
4 http://www.accorhotels.com/id/security-certificate/index.shtml
