From the grandpa dancing to an 80’s jam to the guy using cups as shoes, TikTok can seem harmless enough and has millions enamored with short and entertaining video clips.
The pandemic has added to the popularity of the app, providing a new entertainment outlet, and for some businesses, an innovative and inexpensive way to reach customers in lockdown. The app had over 315 million installs in the first quarter of 2020 alone.
But… everything hasn’t been rosy in the TikTok world. Just as many people have discovered a new toy, the U.S. may end up banning the app due to security concerns.
TikTok’s parent company is ByteDance, which is based in China. Fears are that whether the firm wants to or not, if directed by the Chinese government to turn over data, they’d have to comply. What would then be done with all that rich user data (which includes location tracking) is the reason for bans of the app by the country of India and organizations like the US Army and US Air Force.
What Does This Mean for My Business?
How does TikTok connect to your Tucson area business? Many companies rely on the use of mobile apps for part of their technology solutions. This means you may have your business data sharing space on a phone with TikTok if an employee uses the social media site.
In fact, 60% of most business endpoints are mobile devices, meaning they can pose a significant risk if they’re not secure or are “leaking data” due to data hungry applications, like TikTok.
What Should Worry Me About TikTok?
Most of us are well versed in the fact that we give up certain types of data to use particular sites, especially those that are free. Social media apps often collect all types of user data that they share with advertisers, including your browsing habits, email address, and more.
TikTok is no different from other social media apps in that regard. It collects many of the same types of data (most would say too much) and shares it with advertisers. Once that happens, that data is pretty much out there and unsecure.
But beyond the typical data you’d expect to be shared, what else should worry you if TikTok is on a device that’s also used for work?
Intrusive Device Data Being Collected
We took at a look at TikTok’s privacy policy and beyond what we’ve mentioned above, there is some eyebrow-raising data collection going on.
Here are some of the types of data the app collects automatically that should concern you:
- Names of apps on your device
- Names and types of files on your device
- Keystroke patterns
- Location information based on your SIM card
- GPS location tracking (you can turn this off on your phone)
- The content of any messages you send or receive on the platform
Important takeaways are that if you have any sensitive files on your phone, like “AccountPasswords.xls” then whoever TikTok’s parent company shares that data with (and whoever may hack them) is going to see a prime target sitting on your device)
The keystroke pattern tracking is also concerning because… what do they mean by “patterns?” It could mean they are tracking keystrokes, which could reveal credit card details you typed into an app, and pretty much anything else you type on your device.
Large List of Entities TikTok Data is Shared with
Once your data is collected, it doesn’t stay safe and sound with TikTok’s parent company. While it states that your data isn’t sold to anyone, it does share your data with many different entities.
These can include:
- Any vendors it uses for data analytics, file storage, etc.
- Its advertisers (who could be anyone)
- Other companies affiliated with TikTok (subsidiaries, parent company, etc.)
- Companies it connects with through sale or merger
- Legal authorities that request information
The worry here is that sensitive business data could be inadvertently leaked from a device with the app (such as details on a contact phonebook that the user granted TikTok permission to access). And there’s a wide range of places that data could end up.
Is China Really Using TikTok for Spying?
Whether or not the fears are true about China using TikTok as a mechanism for spying on users isn’t publicly known. But there’s enough worry that it could happen to cause the threat of a ban.
ByteDance states that it keeps user data on servers outside China, in the US and Singapore, which is good. But… will that really keep the China-based company from having to comply with a demand by the Chinese government to hand over user data? That question is still up in the air.
Are Your Company Mobile Devices Fully Protected?
Did you know? 1 in 36 mobile devices have high risk apps installed on them. If you aren’t sure how safe your company mobile devices are, ECN IT Solutions can take a look and provide solutions.
We’re here and ready to talk mobile security with you! Reach out at 520-355-7553 or through our website.
ECN IT Solutions is a managed service provider (MSP) based in Tucson, Arizona that provides full-service, outsourced IT Support for companies across the Southwest. We offer network monitoring and management, cybersecurity, and a help desk with a response time of under 10 minutes. For more information, contact us online or call (520) 355-7553 and we’ll get in touch with you faster than you can believe.