As a company that manages large amounts of sensitive data, information system security is a critical factor to protect important company information and maintain data integrity and availability. This article aims to analyze the implementation of information system security at the Herald Sulsel Company, as well as identify the steps taken by the company to protect its information system. This study uses a qualitative approach by collecting data through interviews with key personnel involved in information system security management, as well as through a review of existing security documents and policies. The results of this analysis provide an in-depth understanding of employee awareness of the importance of information system security, the company's efforts to protect information system security and internal and external network management to prevent security attacks. The findings of this study indicate that the Herald Sulsel Company has implemented a number of effective security measures. Herald Sulsel uses its own and third party server systems to prevent unauthorized access to their network. Encryption and authentication are also used to protect sensitive data sent over the network.