Watch and Learn @TikTokTips
TikTok's approach to global security
Defense-in-depth model
Prioritizing security, based on principles
On Platform defense Machine learning & automated monitoring tools track anomalous & inauthentic user behavior ByDesign Integrate security & privacy best practices & controls into the product development lifecycle Platform controls Security controls like over the horizon threat defense & global platform monitoring Data controls Define, implement & measure controls to protect data including identity and access management (IAM/IDM) User data The hardened center of our defense in-depth model focuses on protecting user data that we’re entrusted to keep safe TikTok's converged security program is led by security and privacy leaders with deep expertise spanning IT, technical engineering, vulnerability management, and incident response across the public and private sectors. In previous roles, they were responsible for safeguarding some of the world's largest multi-national corporations and organizations or spend decades of service in the military and other branches of government.
Instilling a security culture at TikTok Detecting and protecting against cyberthreats is paramount to safeguard the platform as a home for creative self-expression, entertainment, and joy. That's why we build security into our product and processes, and why we love getting creative to foster an internal culture of cybersecurity. Expanding our capabilities and reach globally We're dramatically growing our footprint in innovative hubs like Washington DC, Mountain View, Dublin, and Singapore to attract and enrich the best talent. State-of-the-art incident monitoring and investigative response Our best-in-class converged security operations help us actively detect and respond to critical incidents globally in real-time, with physical Fusion Centers opening in Washington DC, Dublin, and Singapore this year. Partnering with the world's leading cybersecurity firms and organizations We adhere to security standards like NIST, CSF, ISO 27001, SOC2, and ioXt. We partner with industry-leading security experts and researchers , like HackerOne, to test and validate our defenses to deliver best-in-class security infrastructure and capabilities. Leaning in locally and adhering to global standards At TikTok, thinking 'locally' has been engrained in our approach from the outset. We comply with global regulations and aim to set the standard for transparency, along with real-time security monitoring, detection, and response.