TikTok security case points to a fixable problem

Anyone working in an IT department, no matter the size of the company, is constantly on the lookout for new cyber-security threats. It’s one of their main raisons d’être. But what if you’re a small business and you don’t have a dedicated expert to help protect your data…and your livelihood?

Microsoft has plenty of nimble, affordable solutions for small and medium-sized enterprises and Amaxra can help you find the right solution for your business. You can’t afford to cross your fingers and hope you haven’t got any data someone else would find valuable on your cloud-based storage platform. Implementing a sound cyber-security plan is an important business decision.

There’s no shortage of cases in which hackers have breached seemingly impenetrable walls and held companies for ransom, or stolen personal and proprietary information. And while businesses need to create uniform IT policies that can be applied across the board following national and international rules, hackers have no rules and adhere to no laws. They are mercenary, and they are free to improvise. This keeps the IT community on its toes.

Fortunately, there are agencies – both government and private – that dedicate their resources to anticipating the improvisation, trying to foresee the potential breaches in security.

The best example of this in recent history is the controversy surrounding the viral Chinese social media platform, TikTok. With an astonishing 800 million users worldwide, it’s the platform of preference for an active – highly vocal  – Gen Z.

And it’s been in the cross-hairs of the US government – and cyber-security experts – for months.

While political pundits speculate that some of the scrutiny is due to the ongoing trade tensions between China and the US, there are legitimate security concerns to address. And they point to a potential vulnerability in your company’s Cloud-based information management.

TikTok security: a threat to the nation or to personal privacy…or both?

The threats identified by its critics vary in severity.

At best, the nascent software was ripe for hackers to mine names, birthdates, and email addresses without too much effort. Researchers revealed that a hacker could upload private videos and share other private content after gaining access to a user account.

While there’s no evidence that individuals with malintent put this weakness to the test, TikTok was quick to remedy the vulnerability.

Not, however, before officials in the US ordered the removal of the app from all government-issued phones in certain departments as a precautionary measure. Their concerns centered around espionage, though there’s no evidence to date that information was acquired by a foreign government.

The oversight on the part of TikTok designers – an apparent “rookie mistake” – was chalked up to the fact the founders were focussed on growth and hadn’t thought of the downstream dangers of unchecked customer sign-ups. They were making the app as easy as possible to download and launch…without considering the security measures that should be in place.

A greater concern emerged on TikTok and other social media and gaming apps when it was revealed the phone-based apps were quietly reading the contents of the devices’ clipboards. And in some cases, the iPhone was “spying” on the user’s Macs and iPads.

The potential for hackers to lift passwords, addresses, or other personal information related to banking and healthcare was a serious cause for alarm.

None of the apps identified in the breach were guilty of using any of the data they’d unwittingly been collecting, but a breach due to a lack of foresight is still a breach. Every company has been tasked with ceasing this “eavesdropping”, and industry watchdogs are keeping a close eye on new and well-established app providers to preserve data integrity.

TikTok security challenges highlight the need for effective data protection

The TikTok security case is multi-layered, going beyond the technical aspects to factors encompassing geopolitics and economics.

Politics aside, it draws into sharp focus the need for a strong cyber-security plan to protect your Cloud-based data. Now more than ever, you have to be mindful of where your data is going and who has access.

It’s likely that your office-based staff has shrunk during the pandemic. The vast majority of your employees are probably working from remote locations, using personal and business phones and computers…and using apps other than those included in your business operations.

It’s possible to have a company-wide security blanket that keeps your data safe while allowing your employees to function efficiently and easily.

Resist the urge to implement a “one-size-fits-all” security solution. Our expert team can customize a solution for you using the powerful, and affordable, Microsoft Business 365. Whether you opt for the Basic or Premium plan, we can help you tailor the software to perfectly suit your business.

If your company already had a remote workforce or relied on contractors, you probably have good systems for employee turnover and working from a distance. But if you’re relatively new to the off-site workforce and looking to put safety measures in place, we can help.

You can check out our step-by-step guide for enabling stronger cyber-security on your Microsoft Windows 10 platform right now, or get in touch for a more in-depth look at your Cloud-based security needs.

With our status as a Gold Partner with Microsoft, you get the benefit of our years of experience. We have solutions to fit your small or medium-sized business.

Want to learn more about cybersecurity? Read some of our other articles:

Contact me at technology@amaxra.com or call 425 708 8841 if you have any questions or comments on this blog.

about the author

Mike Arntzen

Mike is an experienced Technology expert who is skilled in Enterprise Software and Security and Cloud Implementation. He has a strong engineering background graduated from the Royal Australian Air Force School of Radio, with postgraduate studies in Fibre Optics from Royal Melbourne Institute of Technology. Known at Amaxra as "Mr FixIt" there isn't much Mike can't resolve. He has recently implemented Amaxra's switch to Skype for Business within the Amaxra office.

Limited time offer: Let Amaxra manage your Office 365 licensing and we will configure security such as multi-factor authentication at no additional cost. Email technology@amaxra.com or chat with us on this website to find out more.

How can we help you?

get in touch