Yogyakarta, November 19th 2019 - The numerous challenges our society faces in preserving their data makes the importance of data authenticity equivalent to none. The issue of data authenticity pushes us to verify the validity of our data, and digital signature is one of the means in which data authenticity can be manifested. In collaboration with PrivyID, Center for Digital Society held 35th series of Digitalk that invited Krishna Chandra as the Chief Information Officer of PrivyID), who shared his thoughts on how we should emphasize on the importance of data authenticity, on Tuesday (19/11) at Auditorium FISIPOL UGM.
Krishna started the session by explaining the CIA triad (confidentiality, integrity, and availability) - a model designed to guide policies for information security to be implemented within an organization. First, confidentiality is a set of rules that limits the access to information. This information can be available, but it can only be given to certain trusted parties (for example: account password, mother’s name, corporate data, etc.). Krishna also added that confidentiality can be violated not only through hacking or web penetration, but also through the Standard of Operation that was agreed in the Terms and Conditions of parties requesting the data. He suggested that users need to implement a strong password and store their password in encrypted form in order to improve confidentiality.
Krishna then continued to explain about integrity, which is the assurance that the information is trustworthy and accurate. Data are expected not to be changed during its transit period, and steps must be taken to ensure that data cannot be altered by unauthorized people. Krishna suggested that there are two ways to maintain the integrity of the data even better. “First, we can implement blockchain technology, in which a verification and several other steps must be done before any transaction could be completely done. The second one is the utilization of digital signature that includes public key infrastructures and asymmetric cryptography.”, he explained. Lastly, Krishna also discussed the third aspects of the CIA triad, which is availability. This aspect talks about the guarantee of reliable access to the information by authorized people. Krishna suggested that by employing disaster recovery center and data center services, having offline backup data, and employing redundant hardware, those can help to prevent the unavailability of the data.
PrivyID is a technology company that focuses on providing digital signature service that is recognized by the Indonesian law. PrivyID itself has received several prestigious awards such that from Bank Indonesia, Reuters, Kompas, and Danamon.
Writer: Charissa P.
Editor: Raka W.