Analysis of Information System Security Ibis Hotel
*Hafzi Ali, **Abdullah Nainggolan ,
Adhiem Rissanjaya , Dian Erawati , Nita Rahmawati , Maria
Pintha Ito , Indah Ulan Apriyani, Bella Audya Arnas
, Dinda Ayu Budiarti
* Profesor of
Management Mercubuana University, Jakarta Indonesia
**Students of Universitas
Mercubuana, Jakarta Indonesia
ABSTRACT
Now
it's a matter of security of information systems is a very important aspect.
Unfortunately, often these security issues received less attention from the
owner and manager of an information system. Often the problem of security in
duakaan numbers in the order of things that are considered important.
When
this information has become a very important commodity. Skills in accessing and
providing information quickly and accurately is essential for a company, either
in the form of commercial information, universities, government agencies, and
individual information. In the development of the information it is possible
the development of computer technology and telecommunications will increase
rapidly.
Very
important the information is often some information can only be accessed by
certain people. Even the information that falls into the hands of others can
cause harm to the owner of the information, for example, is the collapse of the
business information into the hands of the opponent. Therefore a highly confidential
information must be guaranteed security of information systems security that
are not easily accessible by parties who are not responsible.
Based
on the above explanation we intend to lift the title of "The importance of
the security of information systems".
Keywords : System, Security, AccorHotels
I.INTRODUCTION
COMPANY PROFILE
Company
Name: Hotel Ibis Bandung Trans Studio Bandung
Type:
Networking Group Accor Hospitality France
Style:
3 Stars
Network:
Ibis Hotel, Ibis Style, Ibis Budget
Address:
Jl. Gatot Subroto No. 289 Bandung-West Java
Tel:
(+62) 22/87345555
Fax:
(+62) 22/87347777
General
information: H8060-RE1@accor.com
Website:
www.accorhotels.com
Vision, mission and
commitment
1.
wherever you are and whatever your travel destination, vacationing with the
family or a business, your hotel should be a place that gives comfort. Ibis
hotel in the family, you can immediately feel the comfort when you arrive at
one of our hotels.
2.
We strive to ensure the best comfort in our rooms, by welcoming and serving
consumers and through the design of our hotels. The mission is what motivates
us every day.
3.Commitment us to comfort our
customers is very simple. Our goal is that you can rest easy and totally
relaxed. Because of the experience an enjoyable break is the best thing that
can be offered by a hotel.
II.METHODS
Formulation of the
problem
1.
Why is the information system security is important?
2.
What constitutes a security threat information system?
3.
How to secure information systems?
4.
How is the implementation of the company Hotel Ibis?
Purpose
1. Purpose
in writing this paper was to fulfill the duties of Management Information
Systems.
2. That readers know about
threats to the system and to detect and correct any damage as a result of the
system.
3.
To recognize the importance of information systems security strategy.
4.
To know the threats to the security of information systems.
5.
To find out how to secure information systems.
6. To determine policies in
the security of information systems.
III.
Result & Discussion
1. Why is the information system security is important
Before discussing why it's important information
systems security, we will discuss about the security of the information . According to G. J. Simons, information
security is how we can prevent fraud (cheating) or, at least, detecting fraud
in an information-based system, where information itself has no physical
meaning.
An information security strategy is a plan to reduce
risks while complying with legal requirements, laws, contracts, and developed
internally. Typical measures include a definition of a strategy to build the
control objectives, identification and assessment approaches to meet the goals,
the selection of controls, the establishment of benchmarks and metrics, and
preparation for implementation and testing plans. Why is the security of critical
information systems?
Often an information security system is considered
less important and under-sekiankan. Most of a company is more concerned
menguranggi spending and increase the competitiveness of the company, although
the company knows bahwasannya an information system that is damaged will cost
not less. Especially if there is confidential information taken by parties who
are not responsible for it, if it happens then the company would suffer.
Securing an information system is very important in
terms of maintaining the confidentiality of information of a company, if a
critical information falling into the hands of those who are not responsible
for the company must be very harmed, even could have stolen information can
make the company the insolvent
2. What constitutes a security threat information system
Information system security threats is an action that occurs both within the system and outside the system which can disrupt the balance of the system informasi.Ancaman to information security comes from individuals, organizations, mechanisms, or events that have the potential to cause damage to the sources of information.
Threats in the security of information systems is not only come from outside the company as opposed to business or individuals and other kelompk but can also come from within the company.
A threat in security will be followed by an attack, on this occasion we will discuss about attacks that could threaten the security of information systems:
1. Virus
Obviously we are already familiar with the virus. Basically, the virus is a computer program that is "malicious" (have the intent of harming or harassing users of the system) that can infect one or more computer systems through various means of transmission triggered by otorasisasi or involvement "user" as a computer user. The damage that can be caused also vary from the annoying to the type of damage that is costly in terms of financial
2. Worms
Worms are malicious programs that are designed primarily to infect computers that are in a network system. Differences principles that distinguish worms with virus spread of the worm is that it does not depend on human intervention or manual. Worms are programs that are built with a specific algorithm that is able to replicate itself on a computer network without going through aid and engagement.
Due to its characteristics that do not involve humans, if it spreads very difficult to control or control it. Incorrect handling of business will actually make worms movement becomes more wildly out of control for special handling that is used in the face.
3. Trojan Horse
The term Trojan Horse or a Trojan horse is a tactic of war used in the conquest of the city troy which dikelelilinggi strong fortress. The attackers made a giant horse statue in which includes some of the soldiers that will be when it is within the castle going out to do the hacking from within. This idea inspired a number of hackers and crackers to make viruses or worms that is the way it works is similar to the phenomenon of this war tactic, considering the number of antivirus popping up so they create something that can not be detected by antivirus software.
3. How to secure information systems
In general, the security system can be grouped into two: prevention and treatment. Prevention efforts made in order for a security system does not have a hole in its operation, whereas if treatment is done when there is a hole in the system can be overcome.
Security in an information system is expected to keep any information contained therein. Security in a system can be done in several ways including:
1. Choose Password
2. Install protection
3. Monitoring the attack
4. Integrity Monitoring System
5. Perform regular backups.
6. Using encryption
4. Implementation Of Information System
Security In Hotel IBIS
1.
COMMITMENT TO PROTECTING PRIVACY GROUPS
Because we consider you as an important client, our main priority is to offer you a extraordinary place to stay worldwide.
Your satisfaction and trust to Accor S.A. is important to us. Therefore, as part of our commitment to meet your expectations, we have devised a client's privacy protection policy.
This section states our commitment to you and explain how Accor S.A. use your personal data. The main rules that apply within the Group worldwide Accor Hotels (Accor S.A. and its subsidiaries) was founded on seven principles.
2.
SEVEN PRINCIPLES ACCORS HOTELS TO PROTECT YOUR PERSONAL DATA
The following seven principles apply
in Accor Group hotels worldwide.
1.
Transparency: when collecting and
processing your personal data, we will communicate all the information to you
and inform you of the purpose and recipient data.
2.
Authority: We collect and process
personal data only for the purposes described in this Agreement.
3.
Relevance and accuracy: We will
collect personal data required to process the data. We will take reasonable
steps to ensure that personal data held by us is accurate and current.
4.
Storage: We will store your personal
data for a period of time required to process the data in accordance with the
provisions of the law.
5.
Access, revision, contradiction: You
can access, modify or delete your personal data. You also can not agree to the
use of your personal data, in particular to avoid you receive sales and
marketing information.
6.
Confidentiality and security: we
will ensure the technical and organizational efforts made to protect your
personal data from alteration or loss against accidental or unlawful, or use,
disclosure or unauthorized access.
7.
Distribution and international
transfers: We may share or transfer your data in accorhotels Group or with
third parties (such as commercial partners and / or service providers) for the
purposes described in this Agreement. We will take reasonable steps to ensure
the security when we share or transfer the data.
3. SCOPE OF APPLICATION
This agreement is valid:
1. For all data processing is implemented in the subsidiary companies and hotels that we manage, ie those that operate under the brand name accorhotels Group (Sofitel, Pullman, Novotel, Suite Novotel, Mercure, ibis, ibis Styles, ibis budget, Hotel F1 etc). The list is updated regularly.
2. For all the Accor website S.A., including www.accorhotels.com but also brand website (www.sofitel.com, www.mercure.com etc.).
3. Although the client's privacy protection policy can not be applied in our franchise hotel, Accor S.A. will seek to promote the seven principles outlined in this Agreement, so that our franchisees comply with all applicable legal requirements with respect to the processing of your personal data.
4. PERSONAL DATA COLLECTED
On many occasions, we are obliged to ask
you, as a client Accor S.A, for information about you and / or your family
members, such as:
·
Contact details (for example, last name,
first name, phone number, email)
·
Personal information (eg, date of birth
and nationality)
·
Information relating to your child (eg,
first name, date of birth, age)
·
The number of your credit card (for the
purposes of the transaction and reservation)
·
Your membership number for Accorhotels
loyalty program or programs of other partners (eg airline loyalty program)
·
Date of arrival and departure
·
Preferences and your interests (for
example, smoking or no smoking rooms, choice of flooring, type of bed, kind of
newspapers / magazines, sports and cultural interests)
5. YOUR PERSONAL DATA
PROTECTION AT THE TIME OF TRANSFER INTERNATIONAL
For the purposes referred to in Clause 7
of this Agreement, we may transfer your personal data to internal or external
recipients who might be in the country that provides the level of protection of
personal data are different.
As a result, in addition to implementing
this agreement, Accor S.A. will use appropriate measures to ensure the transfer
of your personal data securely to accorhotels entity or to an external receiver
which is located in a country that has different privacy levels of the country
where personal data is collected.
As part of this activity, your data may
be transferred, in particular as part of the reservation process, to hotels
accorhotels located outside the EU, particularly in the following countries:
South Africa, Algeria, Andorra, Saudi Arabia, Argentina, Australia, Bahrain,
Benin, Brazil, Cambodia, Cameroon, Canada, Chile, China, Colombia, South Korea,
Ivory Coast, Cuba, Egypt, United Arab Emirates, Ecuador, United States, Fiji,
Ghana, Guatemala, Equatorial Guinea, India, Indonesia, Israel, Japan, Jordan,
Kuwait, Laos, Lebanon, Madagascar, Malaysia, Morocco, Mauritius, Mexico,
Monaco, Nigeria, New Zealand, Oman, Uzbekistan, Panama, Paraguay, Peru,
Philippines, Qatar, the Dominican Republic, Russia, Senegal, Singapore,
Switzerland, Chad, Thailand, Togo, Tunisia, Turkmenistan, Turkey, Ukraine,
Uruguay, Vietnam, Yemen, Taiwan, Hong Kong, Macau, Dubai.
In addition to the data necessary to
make your reservations, data flow to countries with a level of protection of
personal data is governed by different managers with the standard contractual
clauses subcontractor as established by the European Commission. The flow of
data to the United States do to entities owned by the Safe Harbor.
6. DATA SECURITY
Accor S.A. make efforts in technical and
organization in accordance with legal provisions, to protect your personal data
against unlawful destruction or accidental changes or accidental loss, and
access or unauthorized disclosure. Until now, we have to make efforts in
technical (such as firewalls) and organizational efforts (such as user ID /
password system, physical protection measures etc.)
By the time you enter your credit card
when making a reservation, the encryption technology SSL (Secure Socket Layer)
is used to ensure the security of transactions.
7. COOKIE
The
use of cookies by Accorhotels
You are informed that the company Accor
S.A. use cookies or other tracking in its online booking site, namely
http://www.accorhotels.com, http://www.sofitel.com,
http://www.pullmanhotels.com, http: //www.mgallery .com,
http://www.novotel.com, http://www.mercure.com, http://www.suitenovotel.com,
http://www.ibis.com, http: //www.hotelf1 .com, http://www.thalassa.com
This
tracker can be installed on your device, depending on the preference you
indicated or could appear at any time in accordance with this policy.
1. Why do we have a
policy of cookies?
With
the aim to provide information and ensure transparency, accorhotels created
this policy so that you can learn more about:
•
Origin and destination information being processed while you browse the Web
Site accorhotels
•
Your rights associated cookies and other tracking used by Accorhotels
2. What are cookies?
Cookies
and other similar trackers is a data packet used by the server to send status
information to the user's browser and restore the original status information
to the server via the same browser.
The
status information may include a session identifier, language, expiration date,
the response column, or other types of information.
During
the validity period, cookies are used to store status information while the
browser is accessing various pages of the website or when the browser back to
this website at a later time.
3. Why use cookies?
We use cookies and other tracking mainly for the
following purposes:
Cookies are required to explore Accorhotels site and to be able to use all the features on the website, and is specifically intended for:
·
Manage
authentication web site visitors and security-related actions, and ensure the
accuracy of authentication module function
·
Optimizing the user
experience and facilitate search, especially in determining "technical
service" for search
·
Storing information
related to information banner "cookie" seen by web site visitors who
have returned to search the website after agreeing to accept cookies on their
devices
·
Implement security
measures (for example, when you are prompted to log in to a content or service
after a certain period of time, or to ensure the operation of the base site
accorhotels and using the technical features of the main, such as performance
monitoring and error search, management of user sessions, etc.)
Cookies are used for certain features, particularly those aimed at:
·
Adjust accorhotels
site with your device display preferences (language, currency, screen
resolution, operating system used, configuration and settings display web pages
based on the device you use, and location, etc.).
·
Storing specific
information that you enter in the Accorhotels site to facilitate and customize
your next visit (including front and rear displays the name of the visitor when
that visitor have a user account)
·
Allows you to
access a personal page faster by storing login data or information you've
previously entered
Cookies for tracking visitors aiming to enhance the user
experience by helping us understand your interaction with Accorhotels site (the
pages most frequently visited, applications used, etc.); These cookies may
collect statistics or test different methods used to display information in
order to improve the relevance and efficiency of our services.
Cookie advertising aimed at (i) to offer to you, in the
field of advertising, content that is relevant and appropriate, you may be
interested (the best deals, other destinations, etc.) Based on your interests,
search habits, preferences and other factors, and ( ii) reduce the frequency of
occurrence of the ad.
Cookie affiliates recognize third-party websites that
redirect visitors to a site accorhotels.
Cookie social networking, arranged by a third party,
allowing you to share your opinion about the site accorhotels and content of
the site accorhotels on social networks (eg, application key "Share"
or "Like" on the social networking).
Social networking applications on the site accorhotels as
mentioned above can, in some cases, allow social networks to recognize you even
if you do not click the button application. This may allow the key types of
social networking-related track your searches on
site accorhotels, simply because your account on social networking enabled on
your device (open session) when you are searching.
4. Approval
Installing certain cookies will apply the appropriate
consent from you. In addition, when the first time you visit the Website accorhotels,
you'll be asked for approval for the installation of this type of cookie, which
will only be activated once you approve it.
This process is supported by information banner on the
home page Accorhotels site, which informs that by continuing the search, you
agree to the installation of cookies that require the approval of your device.
You can change your mind at any time using a variety of
ways which are described in the section "Removing and / or block the
cookie".
5. Remove and / or blocking cookie
You have several options for deleting cookie and other
tracking.
Browser settings
Although in general the browser is set by default to
accept cookies, you may, if desired, choose to accept all cookies, always block
cookies, or choose which cookies to be received by the poster.
You can also set your browser to accept or block cookies
based on the specific case before a cookie is installed. Your browser also lets
you delete cookies from your device regularly. Remember to do the
configurations on all browsers on a variety of your device (tablet, smartphone,
computer, etc.).
Management related cookies and preferences, configuration
can be varied for each browser. This is outlined in the Help menu of your
browser, as well as how to edit your preferences regarding cookies. For
example:
o
For Firefox ™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Storing cookies on your device depending on your desires,
you can choose and change at any time and at no cost, using the settings
provided by your browser software.
If your browser is set to accept cookies on your device, cookies embedded in the pages and content you see will be stored temporarily in a special space on your device. These cookies can only be read by the publishers.
However, you can set your browser to block cookies.
Please note that if you set your browser to block cookies, some features,
pages, and the column Accorhotels site will not be accessible, and we are not
responsible for this.
Platform-specific ads
Some professional advertising platform also gives you the option to accept
or block cookies that are used by companies that are members. This centralized
mechanism does not block ads, but prevent the installation of cookies that
tailors ads to your interests.
For example, you can visit the website http://www.youronlinechoices.com to
prevent the installation of cookies on your device. This web site is offered by
digital advertising professionals who are members of the Digital Advertising
Alliance Europe (European Digital Advertising Alliance - EDAA) and managed in
France by the Interactive Advertising Bureau France.
8. Access And Changes
You have the right to access your personal data collected by Accor S.A. and to change it in accordance with the provisions of applicable law.
You can also use your right to refuse in writing to the following address.
If you are having difficulty to exercise your right, please contact the department for Data Privacy accorhotels Group directly by sending an email to data.privacy@AccorHotels.com or by mail to the following address:
Accor Département Protection des Données Personnelles (Data Privacy) 82, rue Henri Farman 92130 Issy-les-Moulineaux, France
For purposes of confidentiality and data protection, we need to identify you to respond to your request. You will be required to include a copy of proof of official identification, such as driver's license, passport, along with your request.
If your personal data is inaccurate, incomplete, or not current, please send the right changes to data privacy department as listed below:
All requests will receive a response as soon as possible and in accordance with the provisions of applicable law.
You can use your rights with regard to personal data stored and processed by the hotel after stay. To do this, you must contact the hotel directly.
IV. CONCLUSION
CONCLUSION
The conclusion that can be drawn from the explanations that have been described above are:
a. The security of an information system to be under-united for the security of a system that keeps information will provide security against information held.
b. In terms of security responsibility not only to the leaders alone but the entire party.
c. Threats to the security of the system can be overcome if the operation of the security system is always monitored.
d. The security of a system should be prioritized so that the data and information therein is safe and does not harm the parties concerned, if the data is lost or corrupted.
SUGGESTION
a. The author understands the writing of this paper there are still many shortcomings. Feedback from readers is expected to enhance this paper.
b. The security of a system should be a top priority and responsibility for the operation is the collective responsibility instead of individual responsibility.
References
4
http://www.accorhotels.com/id/security-certificate/index.shtml