The rapid progress of Information and Communication Technology (ICT) makes it easier for people to communicate and get information. Information of strategic value needs to be safeguarded and stakeholders must be aware of all potential vulnerabilities in information and communication system transactions. There are several aspects that must be met in building information security in e-government. The first aspect that must be met is confidentially and privacy. The Ministry of Law and Human Rights of the Republic of Indonesia is currently implementing e-government in internal business processes and public services. One of them is the use of the Correctional Database System (SDP). Data and information in SDP are confidential because one of them contains data and information on criminal offenders in Indonesia. With the use of information technology and the more information presented by the government as part of public services the greater the vulnerability to the security and confidentiality of the information system itself. The research method used is a qualitative method with a case study approach with the application of the defense in depth model to analyze information security involving several layers of security to keep information safe. Descriptive analysis results explain that the design and development of SDPs pay attention to the basic principles of information security, namely confidentiality, integrity and availability of data. But there are vulnerabilities in information security loopholes that are very likely to occur at the layer of host defense, network defense, and physical defense.