If the social media app TikTok has just come on your radar, it’s no surprise. It has been mentioned in the news lately, initially because of the explosion of users due to the pandemic, and then because of concerns about the app’s safety.
For business owners in Texas and everywhere else, even if you don’t personally use the app, you still need to be concerned about apps like TikTok and others because they could be installed on mobile devices that employees also use for work.
Internal network monitoring doesn’t always extend to mobile devices unless you have a mobile device management plan in place. This means companies need to be aware of any potentially dangerous mobile apps or other mobile device threats out there.
Only 30% of companies use encryption with sensitive data contained on mobile devices.
When it comes to TikTok, we’ll go through what the controversy is and what the facts are about the app’s safety (or lack thereof).
What is the TikTok Security Issue All About?
While TikTok was first launched in the US and other markets in 2017, it’s only recently come under increased scrutiny due to the rise in popularity during the pandemic.
TikTok is a social media app that allows users to make short video clips to share with others over the platform. It makes it easy to add effects and sounds from a large library of songs, which led to its popularity.
The issue is that the company that owns TikTok, ByteDance, is a Beijing, China based company. This means they are subject to Chinese law, which leads to the worry that the government could demand that ByteDance turn over TikTok user data, which includes GPS location tracking (if enabled by the user), among other things.
Where is TikTok Data Stored?
ByteDance states that it stores user data on U.S. based and Singapore based servers and that data is not located in China.
However, the company itself is located in China and subject to Chinese law, so it’s unclear whether or not a demand on the company by the Chinese government could still allow them to share data on non-Chinese based servers.
U.S. military branches have already banned TikTok from being used on their devices because of the security risk and potential espionage concern.
Amazon was going to ban use of TikTok, then held off on it. Wells Fargo did tell employees to remove the app from corporate devices due to security concerns.
The biggest looming ban is that it could be banned for use in the United States altogether. There’s no confirmed timeframe on this and currently Microsoft looks to be trying to purchase the app, so the pending country-wide ban is currently up in the air.
What Should I Be Concerned About with TikTok?
Here is an overview of the concerning factors about the app.
The Device Data It Collects
Any social media platform collects a lot of data on the user. It’s the price paid for use of a “free” app. Most of it is used for advertising – things you like, sites you visit, etc. – but TikTok collects some device related data that can be seen as invasive.
Information that is collected automatically from a device includes:
- Apps on the device
- File name & types of files on the device
- Keystroke patterns
Why this type of data is concerning is because if a phone has a business app on it, like QuickBooks Online, that’s a cue to anyone that has that data that hacking the phone could get them a big payday.
The filename and type information is also concerning, because it could reveal a sensitive company document with file name “Confidential Corporate R&D Information.”
Keystroke patterns is another red flag, because it could be interpreted to mean everything you key in on your device (like a credit card number) is being tracked.
Who the Company Says It May Share Data With
Some of those noted on the TikTok site that may have access to your data are:
- Service Providers
- Business Partners
- Corporate parent, subsidiary, or other affiliates in its corporate group
- In connection with a sale or merger
- In response to subpoenas, court orders, other legal requests
- In response to government inquiries
That last one “in response to government inquiries” goes right back to the security fears that have caused the controversy, which is that TikTok’s parent company may be forced to share user data with the Chinese government if they request/demand it.
All-in-all, even though the jury may still be out on whether TikTok is being used for espionage, there are plenty of risks to worry about with the app that should have any company taking a hard look at whether or not they want it on their devices.
Does Your Mobile Security Plan Need a Checkup?
Mobile app security is a vital part of your overall business cybersecurity. If those devices aren’t secure, neither is your network. Texas I.T. Pros can help you with a mobile security checkup and let you know where you stand.
Contact us today to schedule a consultation! Call 940-239-6500 or reach out online.