TIMES AUSTRALIA, YOGYAKARTA – Universitas Mercu Buana Yogyakarta or UMBY has once again reaffirmed its commitment to information security by obtaining the ISO 27001:2022 certification for the Information Security Management System (ISMS). This certification was obtained through a rigorous audit conducted by the international agency TÜV Nord from July 28 to 31, 2025.

Previously, UMBY had already obtained ISO 27001:2013 and has now successfully upgraded to the latest version, 27001:2022, which is more adaptive to modern cyber threats and complies with the latest data protection regulations, including the Personal Data Protection Law (UU PDP) and the General Data Protection Regulation (GDPR).

The Head of UMBY's Information Communication & Technology (ICT) Bureau, Albert Yakobus Chandra, S.Kom., M.Eng., MTA, MCE., explained that this certification covers the management of web-based academic information systems, including the security of data belonging to students, lecturers, and educational staff.

“What matters most is not the technology itself, but how we maintain the confidentiality, integrity, and availability of information. Technology is merely a tool. A reliable security system requires disciplined management,” said Albert on Monday (August 4, 2025).

Albert added that the implementation of ISO 27001:2022 also includes enhanced protection against cyber threats such as ransomware, phishing, and data breaches, as well as comprehensive risk management that supports the campus's digital transformation.

One of UMBY’s concrete steps is the implementation of a two-factor authentication (2FA) system within the academic system. “If a user fails to log in five times consecutively, the account will be automatically blocked as a preventive measure against hacking,” he added.

UMBY’s Rector, Dr. Ir. Agus Slamet, MP., MCE., expressed his appreciation for this achievement. According to him, this success reflects UMBY's commitment to implementing quality and sustainable information technology governance.

“This certification shows that the information security system at UMBY operates professionally. We want to ensure that all campus activities, especially those that are digitally based, are protected from external threats,” said Agus.

He added that quality improvement and digital transformation within UMBY will continue to be developed, one of which is through certification and system updates based on global standards. (*)