The virus scanner of the CIOT, a database with customer data from the telco’s and isp’s, is completed. n once a week manually updated. That raises the question whether the security of private lwa data can be guaranteed.
The virus scanner of the CIOT is only one time per week updated, according to an internal audit report, which Bit of Freedom via the public-bestuurswet the hand has managed to establish. Moreover, the update with the hand. That brings, according to the audit report risks: absence of a system administrator could ensure that the virus definitions are not updated. Also, it is not subsequently to verify that the virus scanner at the right time was not updated because the logging was incomplete.
It is unknown which virus scanner it goes: you may go to the virus scanner on the servers of the CIOT-system, but it may also be that the audit focuses on clients in the organization. The audit does not provide a clarity about. The audit makes clear, however, that the security within the CIOT is not as it should be: according to the standard should be the virus scanner at any time up-to-date. The database of the CIOT contains customer data of all internet and telecom providers and by law enforcement agencies used to establish the identity of online users and callers to be able to figure it out.
The authors of the report have not only criticized the virus: for example, the agreements with users of the CIOT-system – investigation services – since 2004 no longer updated, while in two previous audit reports, though it is recommended. It is, however, CIOT began with the drafting of new agreements. In addition, it is unclear whether there is checked or the software of the database up-to-date and, according to the report is unclear as to whether the statistics that the CIOT releases are valid. According to who statistics in 2010 was 2.6 million times, private information obtained by the CIOT.