The Federal Government is looking into the possibility of a ban on the popular video-sharing app TikTok, citing data privacy concerns stemming from its parent company ByteDance. This ban looms over 150 million Americans who use the app, as well as businesses that count on the app for marketing purposes. While officials fear that the data collected from users could reach the Chinese government and be used for cyber-theft of unique information, other social media apps, such as Snapchat, Google, and Meta, also collect data from users for more accurate targeting of ads.
Businesses that allow their employees to bring personal devices into the office or use them for work purposes must thoroughly review their policies – such as an Acceptable Use Policy (AUP) – to ensure no sensitive company info is accessible on those devices. Additionally, technical solutions that prevent sensitive company data from being collected by apps, or being accessible in general, must be installed and monitored. For instance, organizations might choose to issue their own devices to their employees that are pre-loaded with security controls, granting them control over the types of apps allowed on those devices.
Of course, this is a tricky issue, especially when it comes to the privacy of American consumers. Security leaders should work to ensure that their organization’s information is protected to make better risk decisions about how it is handled. CIOs and CISOs can take comfort in the fact that the issue of data privacy does not begin and end with TikTok and must be a part of any organization’s overall security strategy.
The San Francisco Executive AI Summit on July 11-12 will discuss how leaders can best use artificial intelligence for success. At this event, top executives from the tech industry will be gathering to share their knowledge on utilizing AI to benefit business investments. Participants will be provided with the diverse perspectives and solutions to ensure they are up-to-date on the emerging trends in artificial intelligence.
CISO is the acronym for Chief Information Security Officer. This high-level role is typically responsible for preserving the integrity, availability and confidentiality of a company’s information technology systems, in addition to keeping up with trends in cybersecurity and other aspects of IT. Faced with the potential of a TikTok ban, a CISO might be tasked with assessing the risk posed by having an app like TikTok on employee devices and implementing the appropriate measures to protect their company data. Keeping a keen eye on the app’s data collection practices, setting up employee privacy restrictions, and having information security strategies in place are key elements to consider when developing a policy on whether employees should be allowed to have the app on their devices or not.