In an era where digital resilience defines national progress, cybersecurity takes center stage—not just as a technical challenge, but as a strategic imperative. This principle guided the recent workshop at Universitas Airlangga (UNAIR), Surabaya, where JagaMaya’s CEO, Tri Febrianto, joined experts, academics, and students for an insightful session on protecting digital assets in higher education.
Workshop Theme: “Lindungi Reputasi Institusi: Praktik Cerdas Cyber Security untuk Media Sosial Universitas”
Hosted by UNAIR’s Faculty of Science and Technology, the 90-minute session combined expert insights with live practice on securing institutional social media accounts. Tri Febrianto, representing JagaMaya and the Inotech Group, addressed the growing threats facing university digital channels and how proactive cyber hygiene is key to institutional trust.
Key Highlights from the Workshop
1. Real-World Case Study: Social Media as a Strategic Asset
Tri began with a stark reminder: university social media accounts are now prime targets. He cited a 2023 breach of UNAIR’s Instagram account (@univ.airlangga), where attackers posted crypto scam content. Despite a swift recovery, the reputational damage underscored the need for readiness.
2. Understanding Cybersecurity Threats to Social Media
Participants were introduced to real attack vectors:
- Phishing: Fake support messages with malicious links
- Social Engineering: Fraudsters impersonating campus leaders
- Session Hijacking: Admins logging in from public Wi-Fi
- Impersonation: Fake university accounts collecting student data
- Malicious Apps: Third-party apps exploiting account permissions
3. Pre-Incident Prevention: Policies and Tools
Tri emphasized prevention through:
- Limited access and documented admin responsibilities
- Institutional emails and strong, unique passwords
- Two-factor authentication (2FA)
- Device hygiene and password managers (e.g., Bitwarden)
- Routine audits and simulated phishing campaigns
4. Incident Response: When Things Go Wrong
He laid out a structured crisis response:
- Reclaim account access via password resets and revoking devices
- Notify platform support and affected audiences
- Use backup accounts to maintain communication
- Document all actions for post-incident evaluation
5. Post-Incident Hardening
Recovery is not the end—it’s the beginning of reform:
- Review access logs and revoke suspicious third-party apps
- Update standard operating procedures (SOPs)
- Rebuild internal and public trust through transparent communication
6. Securing the Official Website
Beyond social media, Tri also discussed website security:
- Prevent defacement and brute-force attacks with WAFs and CMS updates
- Encrypt traffic with HTTPS
- Automate daily cloud backups
Hands-On Practice Session
In the final 30 minutes, participants conducted real-time security checks:
- Activated 2FA on official accounts
- Audited login activity and device locations
- Updated passwords and revoked untrusted apps
A practical checklist was provided to ensure ongoing compliance:
- Is your account linked to an institutional email?
- Have all admins enabled 2FA?
- Are all logins restricted to official devices?
- Has your password been updated in the last 3 months?
Closing Message: Building a Cyber-Aware Culture
Tri Febrianto closed with a call to action:
“Keamanan media sosial bukan hanya soal teknis—ini soal reputasi dan kepercayaan. Jadikan keamanan digital sebagai budaya kerja.”
He urged UNAIR’s Public Communication and Information Center (PKIP) to lead in setting digital protocols, incident readiness, and routine cybersecurity education.
JagaMaya remains committed to empowering Indonesian institutions with practical cybersecurity knowledge, tools, and culture. For more workshops and digital resilience support, follow us or reach out at jagamaya.id.
Leave a Reply