Tata Kelola Pengamanan Perangkat Lunak

Tony Seno HartonoNational Technology OfficerMicrosoft Indonesia

Public CloudOn Premise Private Cloud

Database/

Data WarehousingIdentity

Information

Security &

Privacy

Geo Location &

Maps

Policy

Enforcement

Email &

Calendar

Enterprise Unified

Communication

Portal &

Collaboration

Workflow &

Automation

Content &

Enterprise

Search

ProductivityBI & Data

Mining

Information

Dissemination

Middleware, &

Interoperability

Language

Translation

Budget

Management

Project Accounting &

Grants Mgmt

Budget Planning &

Formulation

Human Resources

Mgmt & Payroll

Big Data & Social

Media Analytics

AssessmentInformation

Gathering

Disaster Recovery &

Business Continuity

Data Loss

Prevention

Single

Domain

User and Device

Management in Microsoft

Tony Seno HartonoNational Technology OfficerMicrosoft Indonesia

The explosion of devices is eroding the standards-based approach to corporate IT.

Devices

Deploying and managing applications across platforms is difficult.

Apps

Today’s challenges

Data

Users need to be productive while maintaining compliance and reducing risk.

Users expect to be able to work in any location and have access to all their work resources.

Users

User and Device Management

Enable users

Access to company resources consistently across devices

Simplified registration and enrollment of devices

Synchronized corporate data

Unify your environment

On-premises and cloud-based management of devices within a single console.

Simplified, user-centric application management across devices

Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles

Protect your data

Protect corporate information by selectively wiping apps and data from retired/lost devices

A common identity for accessing resources on-premises and in the cloud

Identify which mobile devices have been compromised

Personal Apps and Data

Lost or Stolen

Company Apps and Data

Remote App

Help protect corporate information and manage risk

Centralized Data

EnrollmentRetired

Company Apps and Data

Remote App

Policies

Policies

Lost or Stolen

Company Apps and Data

Remote App

Policies

Personal Apps and Data

Retired

Personal Apps and

Data

IT can provide a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies.

Users can access corporate data regardless of device or location with Work Folders for data sync and desktop virtualization for centralized applications.

• Identify at-risk devices through jailbreak and root

detection

• Selective wipe removes corporate applications, data,

certificates/profiles, and policies based as supported by

each platform

• Full wipe as supported by each platform

• Can be executed by IT or by user via Company Portal

• Sensitive data or applications can be kept off device and

accessed via Remote Desktop Services

Microsoft Security Development Lifecycle

Cybercrime costs US economy up to

$140 billion annually, report says

Los Angeles Times [2013]

How hackers allegedly

stole “unlimited”

amounts of cash from

banks in just a few hours

Ars Technica [2013] Ars Technica [2013]

Universities face a

rising barrage of

cyberattacks

HEADLINES

Malware burrows deep

into computer BIOS to

escape AV

The Register [September 2011]

Researchers have discovered one of the

first pieces ever used in the wild that

modifies the software on the motherboard

of infected computers to ensure the

infection can’t be easily eradicated…

New York Times [2013]

Cyberattacks on the rise

against US corporations

Forget carjacking, soon

it will be carhacking

The Sydney Morning Herald [2013]

Rising cyber security risks to drivers as

their cars become increasingly powered

by and connected to computers have

prompted the US auto-safety regulator to

start a new office focusing on the threat…

Espionage malware

infects rafts of

governments,

industries around

the world

Ars Technica [2013]

Cyberspace changes

the fog of war

Politics.co.uk [2013]

Business Innovation

Application Lifecycle

Management

Tony Seno Hartono

National Technology Officer, Microsoft Indonesia

stake holders in development process

Stake holders in development process

TEAMFOUNDATION

SERVER

SCM Work Item

Tracking

Lab

Management

Build

Automation

Integrated

Reporting and

Analytics

Testing Tools

and ServicesPlanning

No-process SCRUM CMMI Custom

44 agile planning

Modern Application Lifecycle Management

MonitorImplement

DefineIdeation

DevelopIdea to working

software

OperateWorking software

in production

Value realization

Team Integration | Increased Efficiency | Shorter Cycle Times | Reduced Costs

REQUIREMENTS

PRODUCTBACKLOG

OPSBACKLOG

MonitorSprint

WORKING SOFTWARE

DefineIdeation

DevelopIdea to working software

OperateDeployment to feedback

Visual Studio 11

Application Lifecycle

Management

TEAM

FOUNDATION

SERVER

Microsoft Office

Expression Blend/SketchFlow

Third Party Tools

Project Server

Systems Center

Windows Azure

Windows Server

Visual Studio

46 agile planning

Project management dashboard

47 agile planning

Planning for continuous value delivery

Most Value

Minimal Planning

Highest Value

Features

Minimal RiskManage Demandand Define Requirements

Continuous cadence of value delivery

48 agile planning

Build, Measure, Learn - Repeat

Value

Time spent on planning

Traditional Planning

Value

Time spent on planning

Increased value

over time

Agile Planning

http://www.scrum.org

Roles

Product Owner

Scrum Master

Development

Team

Note: All Events are timeboxed

Artifacts

Product Backlog

Sprint Backlog

The Increment(of working software)

Events

The Sprint

Sprint Planning

Meeting

Daily Scrum

Sprint Review

Sprint Retrospective

52 agile planning

collaboration and planning the Product Backlog

53 agile planning

Planning what can be done next

54 agile planning

Balancing work with team capacity

55 agile planning

Burndown chart – will the work get done?

56 agile planning

Task board – a status update on all work

57 agile planning

Using the Kanban Board to optimize work flow

58 agile planning

Project management dashboard

QA

Testing postimplementation. Mostly

manual with limitedautomation.

UAT

UAT post implementation

and systemstesting

Operationsreadiness

verification

Pre-deploymentverification

Document requirements as BRDs and

functional specs

Write code to implement

requirements

Continuous quality

Shortened cycle

times

User

Interface

Services

Business Processes

Business Rules and Logic

Service integrations

Data access

Identity

Data

Automated testing

Manual testing

Automated testing

Thank You