TikTok, the short video sharing app owned by Beijing-based ByteDance, has already been banned by the United States military, Wells Fargo, and the nation of India. A new report says no corporate phone, or private devices that may access secure information, should install it. 

The International Association of IT Asset Managers warned its loose permissions - and we know few people pay attention to those - are security risks for companies and government agencies, which means your banking info could also be vulnerable. The cold reality of dictatorships is that if you exist at all, you are working for their government. If China can bully the UN World Health Organisation into repeating party talking points about coronavirus not being spread human-to-human, and have all of Europe unwilling to call them frauds for their minuscule COVID-19 death claims, a company manned by Chinese citizens has no hope of even existing unless they are willing to turn over user data on command.

Allowing employees to use TikTok, even on personal phones and tablets if they're used to do company work, could be piracy waiting to happen. The TikTok app was already caught gathering data, even clipboard history, of users, which the organization compared to the Fitbit security breaches where military bases were mapped as soldiers exercised.

“The TikTok app unnecessarily endangers data in a way that any government agency or corporation should be concerned about. Combine that with the blending of corporate and personal assets due to work-from-home conditions for employees and you have a perfect storm for sensitive data to be placed into the wrong hands. As things stand today, allowing TikTok in or near your organization’s environment is not consistent with maintaining data integrity,” said Dr. Barbara Rembiesa, president and CEO of IAITAM. “Acceptable data risk needs to be ascertained prior to downloading software and such software should be managed by an IT asset manager. The risk posed by the data permissions of TikTok does not meet data security best practices.”