TY - GEN
T1 - Mapping Internal Control of Data Security Issues of BYOD Program in Indonesian Banking Sector
AU - Koesyairy, Aboeryzal Ahmed
AU - Kurniawan, Angga
AU - Hidayanto, Achmad Nizar
AU - Budi, Nur Fitriah Ayuning
AU - Ibrahim, Rahmat Mustafa Samik
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/4
Y1 - 2019/4
N2 - Nowadays Bring Your Own Devices (BYOD) has become a trend in the development of Information Technology (IT). BYOD has been used in Indonesian banking sector, in 2016 a Bank in Indonesia has been put BYOD program in their IT transformation strategic. But BYOD program also pose a threats and attacks on company data. Organizations also difficult to ensure BYOD program is complied with the enterprise security policies. Moreover, Banks in Indonesia must protect their customer data to comply with Otoritas Jasa Keuangan (OJK) regulations number POJK 1/POJK.07/2013. So that in order to reduce security incidents and ensure compliance with internal security policies, it is necessary to know which security controls are needed for the implementation of BYOD in Indonesian Banks. This paper proposed security controls needed called internal control to anticipate data security issues related to BYOD programs in the Indonesian Banking sector. Proposed internal controls are validated by using validity and reliability tests to ensure the internal control is applicable for Indonesian Banking sector. The results of this study are 20 valid internal controls for Indonesian Bank to anticipate BYODs data security issues such as malware threats, phising and social engineering, BYOD direct attacks, spoofing or data intersections, BYOD device loss, and policy violations by user.
AB - Nowadays Bring Your Own Devices (BYOD) has become a trend in the development of Information Technology (IT). BYOD has been used in Indonesian banking sector, in 2016 a Bank in Indonesia has been put BYOD program in their IT transformation strategic. But BYOD program also pose a threats and attacks on company data. Organizations also difficult to ensure BYOD program is complied with the enterprise security policies. Moreover, Banks in Indonesia must protect their customer data to comply with Otoritas Jasa Keuangan (OJK) regulations number POJK 1/POJK.07/2013. So that in order to reduce security incidents and ensure compliance with internal security policies, it is necessary to know which security controls are needed for the implementation of BYOD in Indonesian Banks. This paper proposed security controls needed called internal control to anticipate data security issues related to BYOD programs in the Indonesian Banking sector. Proposed internal controls are validated by using validity and reliability tests to ensure the internal control is applicable for Indonesian Banking sector. The results of this study are 20 valid internal controls for Indonesian Bank to anticipate BYODs data security issues such as malware threats, phising and social engineering, BYOD direct attacks, spoofing or data intersections, BYOD device loss, and policy violations by user.
KW - Banking
KW - BYOD Data Security
KW - BYOD Internal Control
KW - BYOD Program
KW - Realibility Test
KW - Validity Test
UR - http://www.scopus.com/inward/record.url?scp=85091327243&partnerID=8YFLogxK
U2 - 10.1109/ICCED46541.2019.9161126
DO - 10.1109/ICCED46541.2019.9161126
M3 - Conference contribution
AN - SCOPUS:85091327243
T3 - 5th International Conference on Computing Engineering and Design, ICCED 2019
BT - 5th International Conference on Computing Engineering and Design, ICCED 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th International Conference on Computing Engineering and Design, ICCED 2019
Y2 - 11 April 2019 through 13 April 2019
ER -