Khaira Ummah Generation

Pada 1 maret 2007 yang lalu, special topic class yang saya ambil di semester 2 ini di bawah bimbingan dosen/lecturer/pensyarah Assc. Prof. Wardah, menyelenggarakan seminar dengan tema IT Security Awareness bertempat di Dewan Seminar, D07 Faculty of Computer Science & Information System, UTM.

Sesuai tajuk yang kami pilih, seminar ini membahas kesadaran user akan bergagai ancaman yang semakin menglobal dan membahas solusi apa yang tepat untuk berbagai ancaman tersebut. (The detail .. see at Paperwork below)

Yang menarik dari event ini adalah persiapan yang begitu cepat dan mendadak, kami hanya mempunyai waktu 1 minggu untuk mempersiapkan semuanya dan mempunyai target audience at least 50 persons. So kami harus berbagi tugas dari classmate yang ada, dari invite speaker, advertisement, prepare foods, drinks, gift, and scheduling tentative programme, and so on …. harus selesai dalam waktu 1 minggu.

Speakers yang kami invite adalah :

1. Prof. Zamri b. Mohamed (Director of CICT)

2. Mr. Kannan Velayuthaam (Security Consultant –Antivirus/Firewall - Syemantec)

3. Mr. Meor Ahmad Fauzi b. Meor Zainal Abidin (Redhat Advance Business Partner)

Alhamdulillah dengan guidance, support, dan motivasi dari PM. Wardah dan tentunya kerja keras dari teman-teman, seminar bisa terlaksana dengan baik, bahkan publikasi yang kami lakukan bisa menark lebih dari 70 persons… tahniah.. good job…

Pelajaran menarik dari event ini adalah kekompakan, kerjasama, team work daripada semua committee, sehingga kesukaran dan rintangan bisa diselesaikan dengan baik. Untuk itu saya akan mengucapkan terimakasih kepada:

1. PM. Wardah Zaenal Abidin (event Director)

2. Cik Azhari 3. Syahriah Shalleh 4. Akmal Rakhmadi 5. Cikgu Mohd. Rahdi 6. Dhaffer AlNajrani 7. Mohd. Farhan 8. Hor Sze Lim 98. Voo Nyuk Mee 10. Zhang Han Yi 11. Muh. Isnaini

Thank you so much for all you do;
I appreciate you,
and I thank you.

Sorry if I giving you hardtime
Sorry if I disappoint you
Sorry for everything I did wrong

Best Regards,

your partner (M. Qomaruddin)

Below are detail Informations;

A Security Awareness Program - Paperwork

Each day organizations are faced with an increasing number of threats. While hackers and viruses are attacking from the Internet, social engineers or disgruntled employees may be circumventing security from within. A formal security awareness program is required to help address these threats by educating employees. The primary goal of the program should be to recognize threats and vulnerabilities and respond to them appropriately.

An awareness program should begin with the support of senior management. Ideally the CEO launches the program by sending an e-mail. The CEO’s message should briefly summarize threats and state that security is the responsibility of everyone in the organization.

The next step is to create or revise the organization’s security policies and require employees to sign them. Job descriptions and performance reviews must also include security responsibilities. All employees should attend an annual security briefing and receive an awareness handbook.

Distribute security awareness tips by e-mail about once every two weeks. Tips should advise of best practices and reinforce policy. Here are a few topics to start off with:

• Viruses
• Passwords
• Workstation security
• Continuity
• Destruction of sensitive materials
• Photography
• Systematic removal of accesses
• Laptops
• Don’t be afraid to say no
• Piggybacking and tailgating
• Social engineers
• Operations security
• Backup your data
• Security incidents

Additional training methods include luncheons, a security web site and awareness posters. Each site should have a security representative to assist in the awareness program and address security incidents. Information security day is another effective way to bring security to the forefront of everyone’s mind.

Security audits also raise awareness. Consider implementing office space reviews and annual self-assessment surveys.

The key is to make security a part of everyone’s day without being obnoxious or repetitive. An awareness program requires creativity and constant care and feeding.

An awareness program cannot be conducted in a vacuum. Ensure that security does not negatively impact productivity. Consider the current security culture and choose your battles. It takes time to make a change.

Finally, lead by example. If you believe in security and explain why, it is much easier to bring others around to your way of thinking.

The main objectives for this seminar are:

1. To increase awareness about IT Scurity
2. To know about current statistics and information about IT risk.
3. To provide information on new technology solution to enhance the IT security.