paint-brush
Is TikTok a Security Risk for Businesses?by@devinpartida
1,928 reads
1,928 reads

Is TikTok a Security Risk for Businesses?

by Devin Partida4mNovember 28th, 2022
Read on Terminal Reader
Read this story w/o Javascript

Too Long; Didn't Read

Is TikTok a security risk for businesses? Ultimately, businesses need to determine whether they trust ByteDance’s reported security efforts or not. Continuing to use TikTok to connect with customers can indicate a business’s endorsement of the platform, too, which may be an issue if a business is concerned about its customers’ personal data.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Is TikTok a Security Risk for Businesses?
Devin Partida HackerNoon profile picture

Is TikTok safe for businesses to use?

Does the platform protect account and user data well enough to be trusted? These questions have been shrouded in heated debate for the past few years. Businesses need to analyze the evidence of security concerns on TikTok as well as some ethical concerns in order to determine whether TikTok is the right platform for connecting with customers.

TikTok Security and Privacy Scrutiny

TikTok has exploded in popularity since 2020. However, the platform’s focus on massive growth has left many concerned that it is lacking in adequate security and privacy measures.

In 2019, the independent security firm, Check Point, released a study revealing numerous concerning security vulnerabilities within the TikTok app. These included the risk of hackers using TikTok to send malicious links to users over SMS, manipulating users’ accounts and posts, revealing personal information tied to TikTok accounts, and uploading videos to users’ TikTok accounts.

Accusations like these have led to calls to ban TikTok by U.S. government officials. The U.S. Army and Navy have both banned the app on government-issued devices. In fact, the Trump Administration did attempt to ban TikTok nationally in 2020 and then shifted to proposing a deal for TikTok to be purchased by Oracle and Walmart and moved to the United States. The primary concern is that TikTok is being used to funnel American data to the Chinese government, posing serious threats to national security.

What Businesses Should Consider

What do these claims mean for businesses? It’s a difficult question, especially considering the amount of mystery still surrounding these security concerns. International technology experts have pointed out that there is significant tension between U.S. and Chinese tech giants, which may be contributing to TikTok security fears.

Some American social media platforms, such as Twitter, have faced significantly fewer data privacy concerns compared to TikTok. There is also the 'element of the unknown' – TikTok is the first Chinese social media platform to gain international popularity. TikTok’s parent company ByteDance has responded to security concerns with security patches, updates, and reassurances. This does not seem to be effective for quelling security fears, though.

This situation brings up a challenging dilemma: Are TikTok and ByteDance facing security scrutiny because they are based in China, or because of legitimate evidence of untrustworthy practices?


TikTok and ByteDance certainly appear to be taking action to reassure U.S. users that the platform is safe.

ByteDance quickly rolled out patches to secure the vulnerabilities Check Point identified in 2019. In 2022, TikTok announced that U.S. data would be stored in the U.S. on Oracle’s servers moving forward. In 2019, ByteDance also agreed to pay a $5.7 million settlement for violating the Children’s Online Privacy Protection Act (COPPA) on Musical.ly, the older version of TikTok. ByteDance, which bought Musical.ly/TikTok in 2017, also agreed to abide by COPPA regulations after the lawsuit.

So, if ByteDance and TikTok are to be taken at face value, the platform is certainly making an effort to improve security and privacy. The risks of data being shared with or being accessed by Chinese government personnel is mainly a threat to individuals, where sensitive personal information is concerned. For businesses, this is somewhat less of a concern.

However, by posting content on business TikTok accounts and interacting on the platform, businesses are arguably showing support for TikTok. So, businesses need to consider whether or not they trust TikTok and ByteDance to be truthful about their security efforts. If they do not, businesses should stick to interacting with their customers on less controversial platforms.

If businesses are using TikTok to keep up with trends among their customers, there are ways to watch TikTok videos without using the app, such as on YouTube.

How TikTok Compares to Other Social Media Platforms

When analyzing security and privacy concerns on TikTok, it is worth stepping back and looking at those concerns in the context of other social media platforms. The top three social media platforms in the U.S. by active monthly users are Facebook, Instagram, and TikTok. Both Facebook and Instagram are owned by Meta, Facebook’s parent company.

Meta has been the subject of intense scrutiny in recent years over security and privacy concerns. Numerous investigations over the years have found evidence that Meta is using Facebook to collect massive amounts of user data, then selling it and leveraging it without users’ knowledge.

Such a stockpile of data poses a serious security concern in the event of a data breach at Meta, which is a real possibility. In 2022, news broke that Meta handed over an undisclosed amount of user data to hackers posing as law enforcement. Cases like this indicate that no social media platform is entirely bulletproof – even domestic, U.S.-based platforms.

Should Businesses Use TikTok?

Is TikTok a security risk for businesses? Ultimately, businesses need to determine whether they trust ByteDance’s reported security efforts or not. Continuing to use TikTok to connect with customers can indicate a business’s endorsement of the platform, too, which may be an issue if a business is concerned about its customers’ personal data.