Should I Tell My Employees to Stop Using TikTok?

Will they stop using tiktok?

One area of cybersecurity that is often challenging to many business owners is mobile device security.

This is especially true when they use a BYOD (bring your own device) program. They’re asking employees to use personal devices for business use, but it’s still their own personal device, so the lines can get blurred when it comes to security.

Mobile app security comes into play when companies are trying to figure out how to secure remote workers and in office staff alike. If you have a rogue app that is gathering too much data from a phone that also contains business data, it can lead to a costly breach.

Companies have close to a 28% chance of suffering data leakage from a mobile device within the next two years.

The video/music app, TikTok has been in the news recently due to security concerns connected to the Chinese government. The social media app’s popularity has exploded during the pandemic with people using it to stay connected and entertained.

Some small businesses have even found success using innovative videos to advertise their products on the platform.

While TikTok may seem like harmless fun, what type of data is this app owned by a Chinese-based company really collecting and who it is being shared with?

That concern has caused organizations like the U.S. Army and U.S. Air Force to ban the app from their devices. The White House is also threatening to ban TikTok, along with another app from a Chinese company, WeChat.

Should you be concerned about TikTok being on an employee device that also contains your business data? Will it put your business network at risk?

We’ve broken down the latest facts about TikTok below, to give you the information you need to make an informed decision.

What Types of Data Does TikTok Collect?

First, let’s look at the type of data the app collects. We put it into two categories: 1) Standard data that pretty much all social media apps collect; and 2) Concerning data that could lead to data leakage.

According to the app’s privacy policy, here are some of the types of data that is collected by the app and given to the app’s parent company, ByteDance.

Standard Data

• INFORMATION PROVIDED AT REGISTRATION (USERNAME, PASSWORD, EMAIL, PHONE, ETC.)
• PUBLIC PROFILE INFORMATION
• CONTENT THAT YOU POST TO THE APP (VIDEOS, COMMENTS, ETC.)
• PAYMENT INFORMATION (IF YOU MAKE A PURCHASE)
• PHONE AND SOCIAL CONTACTS (IF YOU GRANT PERMISSION)
• SOCIAL MEDIA ACCOUNTS THAT YOU LINK TO THE APP
• OTHER INFORMATION FROM PUBLICLY AVAILABLE SOURCES
• YOUR APP USAGE DATA
• IP ADDRESS AND UNIQUE DEVICE IDENTIFIERS

Concerning Data

• LOCATION DATA BASED IN YOUR SIM CARD AND GPS DATA
• CONTENT OF ANY MESSAGES YOU SHARE OVER THE PLATFORM
• APPS THAT ARE ON YOUR DEVICE
• FILE NAMES AND TYPES THAT ARE ON YOUR DEVICE
• KEYSTROKE PATTERNS OR RHYTHMS

Does TikTok Share Data with the Chinese Government?

The big concern about TikTok is that because the app’s parent company, ByteDance, is based in China and subject to Chinese law, that it may be forced to give over user data to the Chinese government.

There is no proof as yet that that has happened or will in the future, but the potential exists.

ByteDance reassures users that TikTok servers are located outside China, in Singapore and the U.S. and that the servers aren’t subject to Chinese law.

But the company is, and data can easily be transferred anywhere in seconds. So, the worry persists that TikTok could be used for espionage and even as a tracking mechanism for U.S. citizens.

Who Does TikTok Share Data With?

Even though ByteDance states they do not share their data with the Chinese government, their privacy policy leaves plenty of concerns about who they do share user data with.

TikTok does not sell personal information to third parties, but there are many parties they share it with, including:

• SERVICE PROVIDERS
• BUSINESS PARTNERS
• CORPORATE PARENT, SUBSIDIARY, OR OTHER AFFILIATES IN ITS CORPORATE GROUP
• IN CONNECTION WITH A SALE OR MERGER
• IN RESPONSE TO SUBPOENAS, COURT ORDERS, OTHER LEGAL REQUESTS
• IN RESPONSE TO GOVERNMENT INQUIRIES (THIS IS THE ONE THAT WORRIES MAY)

Other App Security Concerns

In January, a vulnerability was found in the TikTok app that could allow a hacker to gain access to the account and everything in it. The company that owns TikTok did seal this, and the vulnerability isn’t out of the ordinary from those that you see in other types of applications.

To date, the future of TikTok in the U.S. is up in the air, with potential buyout talks going on with Microsoft.

With so many dangerous apps out there, we recommend that you use mobile device management and proper security protections to ensure your business data isn’t leaked or breached due to a mobile device.

Get Help Securing Your Company Mobile Devices

Unbound Digital can help your Tennessee business put a strong mobile device security plan into place so you can enjoy the flexibility of mobile device use without the security headaches.

Contact us today to schedule a free consultation. Call 423-335-2461 or reach us online.