TikTok Is Banned From British Government Phones

The British government has now officially banned the TikTok app from devices across government due to national security concerns. The Minister responsible, Oliver Dowden, confirmed the decision in a statement to Parliament on 16th March. "Given the particular risk around government devices, which may contain sensitive information, it is both prudent and proportionate to restrict the use of certain apps, particularly when it comes to apps where a large amount of data can be stored and accessed," he said

The app has been under increasing scrutiny over its security and data privacy, with major concerns it could be used to promote pro-China views and steal customer data. The ban applies to government corporate devices within ministerial and non-ministerial departments, but it will not extend to personal devices for government employees or ministers or the general public.

Britain's National Cyber Security Centre (NCSC) has advised that Chinese-owned video app be banned from government phones after the home Office minister, Tom Tugendhat, had asked government cyber security experts to look at the risks posed by TikTok. The announcement comes after Prime Minister Rishi Sunak said the UK would look at what the US, the EU and Canada have done in banning TikTok on government phones. 

“The ban will not extend to personal devices for government employees, ministers or the general public. That is because as I have outlined, this is a proportionate move based on a specific risk with government devices... However, as is always the case, we do advise individuals to practice caution online and consider each social media platform’s data policies before downloading and using them." Dowden said: 

Robert Huber, Chief Security Officer at cyber security platform Tenable has said "Overall this approach aligns with action taken by allies including the United States, Canada and the EU. Our security must always come first, and today we are strengthening that security in a prudent and proportionate way.” While here is active debate in various countries about whether to ban TikTok, but the fact is that there are hundreds of software applications used in government agencies that introduce risk, and unpatched known vulnerabilities that are the source of data breaches. 

“The key is for security leaders to understand their organisation's unique risk profile, discover where vulnerabilities exist and prioritise remediation efforts to root out those that could be the most harmful first." Huber said.

Last month, the European Commission ordered its 32,000 staff to remove the TikTok app from devices as soon as possible, and no later than 15 March. In March, the White House gave US government agency staff 30 days to remove the platform from their work devices. President Donald Trump attempted to introduce an outright ban, but it was later blocked in the courts. The Indian government was more successful, managing to ban 59 Chinese-made apps in 2020, including TikTok. 

Like most other social media companies, TikTok collects huge amounts of data on its users, such as their location and what other apps they have. However, because TikTok is owned by the Chinese tech company, ByteDance,, there have been concerns it could pass information on to the Chinese government. 

Faki Saadi, Director of Sales UK&I at enterprise mobility management specialist firm SOTI commented: “Any app that harvests the data you put into it should be treated with caution... TikTok being banned from UK government devices should act as a wakeup call to other organisations - do you have full visibility over the apps your employees have on their corporate devices? If not, perhaps now is the time to take stock.”

China's National Intelligence Law says all Chinese organisations should "support, assist and co-operate" with the government's intelligence efforts. Researchers at the Georgia Institute of Technology say the law also includes protections for the rights of users, and TikTok says Chinese staff cannot access the data of non-Chinese users. 

However, in December it emerged that several ByteDance employees had access to at least two US journalists' data and a "small number" of others, to track their locations and check whether they were meeting TikTok employees suspected of leaking information to the media.

TikTok says the employees who accessed the information were later dismissed. The British Parliament’s TikTok account was shut down last year after MPs raised concerns about the firm’s links to China. TikTok first launched in China in 2016 and by October 2020 had surpassed 2 billion mobile downloads worldwide. 

Channel News Asia:      ITPro:   Tenable:    Star:   Sky:   Standard:     Republic World:    BBC:       BBC:   

You Might Also Read: 

Chinese Internet Companies Required To Disclose Algorithm Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 










 

« Staying Secure In A Changing World
Crypto Company Loses $200m To Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

GFI Software

GFI Software

GFI Software works with System Administrators, IT Professionals and IT Executives to ensure that their IT infrastructures are monitored, managed, secured and compliant.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

2Secure

2Secure

2Secure is one of Sweden's largest private security companies. Service inlcude personal security, corporate security, information and cyber security.

Cyberlitica

Cyberlitica

Cyberlitica provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Council for Information & Communication Technologies (CTIC)

Council for Information & Communication Technologies (CTIC)

CTIC was set up to address specific issues in the field of ICT relevant to the implementation of electronic government.

Awake Security

Awake Security

Awake Security offer a security solution built on an AI platform that acts like the human brain to sense, detect, and respond to threats you may not even know exist.

Dell Technologies

Dell Technologies

Dell Technologies Consulting Services enables a highly resilient business amidst the proliferation of cloud-based IT services and constant threats to your most critical information.

Servian

Servian

Servian is one of Australia's leading IT consultancies, with expertise in cloud, data, machine learning, DevOps and cybersecurity.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Legit Security

Legit Security

Legit Security's mission is to secure every organization's software factory by protecting the pipelines, infrastructure, code and people for faster and more secure software releases.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

Cybertech Nepal

Cybertech Nepal

Cybertech Nepal is committed to provide high-quality cyber security solutions, including server assessment and hardening, forensics and malware analysis, end-point threat analysis, and VAPT.

Avanade

Avanade

Avanade is a leading provider of innovative digital, cloud and advisory services, industry solutions and design-led experiences across the Microsoft ecosystem.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.