State employee cell phones.

It's just one little word and makes all the difference.

Does anyone other than boomers actually use company phones for personal reasons like tiktok and stuff though?

I mean as a zoomer this seems like it should be obvious. All social media should be banned from state and government cell phones. There’s no reason to have any social site on there

[removed]

I’m not sure about that. There is absolutely no reason for TikTok or any personal social media but the state uses other social media as a way to disseminate information.

There are some legitimate uses for work related social media on a state device. The Department of Labor posts closings and careers on Facebook. AOT links to road conditions, Fish and Wildlife posts information as well. I’m not sure any of them use TokTok though.

Seriously this, so many people like to forget that government services use social media to inform people. I honestly would love to hear there solution to what would replace town social media accounts.

The gray area is when companies or governments say to the employees, “Use your personal phone for work and we will simply reimburse you $XX per month”. Can those people have TikTok and other social media apps on their phones? If the answer is no then a lot of employees will likely say they want a work-specific phone (along with their separate personal phone). Then employers are going to have to purchase a lot of new phones which is more expensive and more work for people who purchase, disseminate, inventory, and repair/replace all of those phones. So, banning TikTok and social media from employee phones is a significant decision.

I've seen several government bans of TikTok, but I don't understand what they're trying to accomplish. I see TikTok trackers all over the web. Are they banning just the TikTok app? Are they also banning any app that loads TikTok trackers? Are they going to blacklist every website that loads a TikTok tracker?

For example, Ally bank had a TikTok tracker on its website's account page and presumably its app for months if not years, though it seems to be gone now. Would the Ally Bank app have been banned too? How are users to know if their app has a TikTok tracker? Is the state going to provide a whitelist of apps and websites that they've audited where there is no TikTok tracker?

Maybe this is a bad way to build the web.

> TikTok and social media from employee phones is a significant decision.

Honestly - it's not a bad decision.

There are quite a few discussions on r/sysadmin about using OTP apps on personal devices. While I think that's a non-issue, I am starting to think we should all have a separate device for work.

[deleted]

It’s just the hassle factor of having two phones

So you could have a policy that says no social media apps on the phone unless necessary for job duties. Simple enough?

Forget the inherent risk of data collection, I don't want ANY personal social media on state funded cell phones.

the other factor is having an IT admin struggling to apply company policy over MDM to BYOD devices and users freaking out that even if the policy is not enabled to wipe their device that it still gives warnings that it could.

Nobody is talking about axing existing social media accounts used in an official capacity. This is about state employees using their state issued mobile phone to install TikTok for personal use.

Simple and makes sense. This guarantees it will not be implemented in State Government.

how is it not already banned on state employee cell phones.

Nobody Except the person above and a lot of other people when this subject of banning apps is brought up. Dude literally says "All social media should be banned from state and government cell phones. There’s no reason to have any social site on there."

I also agree that you shouldn't use personal social media on your work phone, but the above sentiment is beyond dumb.

official accounts like VT trans and their twitter updates sure, but not every employee.

division of church and state, I have both an ATT personal and a Work VZ, it keeps them separated, ones is a 12 pro other is a iphone 8

Yeh, my sister goes that route too. It’s just annoying to have to manage multiple phones.

pretty sure it is for the data, tracking, send back to the bytedance parent company, think like Meta has data from FB and insta and created a profile they can package and sell to the highest bidders for those users, and geo locations

I guess I should've said that I know what they're trying to accomplish, but I don't understand why they think this will accomplish it.

Yeah, my general thought is this will end up as a knee jerk reaction which end up in bad policy because people don't think through an issue before they react.

Good. tiktok needs to go away

right but your already managing 2 emails accounts, passwords, ID badges, vehicles, etc,. it's nice to have a back up phone that works but you never look at on the weekends

Why the hell does a bank need a TikTok traker?!

Are there people uploading sexy or funny posts about their account?

Unfortunately, it has nothing to do with the content of either. It's purely a deal to create a more complete user profile to sell to data brokers for advertising data. Businesses view it as an "additional revenue stream" when they build an app. If you google "how to monetize app engagement," you'll find a million articles like this one https://www.forbes.com/sites/peggyannesalz/2019/01/14/3-ways-to-make-money-from-app-engagement/?sh=d50442dadc7b

>App companies that have the inside track on data around user activity in and with their apps are sitting on a goldmine. This is because they are the sole owners of valuable first-party data, data that is owned, unique, accurate and—above all—current. Easy to understand why first-party data that is becoming what Maribel Adams, Head of Digital at MediaMax, over in her blog at Street Fight calls “the core ingredient to driving customer acquisition and retention.”

This is a completely normal practice. I don't even mean to call out Ally Bank in particular. This is just how the web works. I recently wrote a whole blog post titled Any App That Could Just Be A Website Only Exists To Track You on just this phenomenon, and it's part of a series I'm writing on the "attention economy." The first part talks about TikTok, too.

> Any App That Could Just Be A Website Only Exists To Track You

This is why I don't have a cell phone anymore. My SO uses a flip phone that cant run apps and doesn't even have gps. Monetizing my data points and trashing my privacy is a real fucked up thing to do to me as a customer and I do everything I can to make it a pain in the ass to do to me while also giving them the smallest number of data points possible. But on a supposedly secure banking app?! What the actual fuck?!!!

That's pretty awesome. I consider giving up my phone every now and then, but I am too weak. Props to you for actually doing it.

>But on a supposedly secure banking app?! What the actual fuck?!!!

Yeah, it's a pretty normal practice, unfortunately. There's trackers on all sorts of shit you'd think is private. I even found one on a major pharmacy brand's COVID test appointment scheduling and results page a while back that was leaking patient data and made national news. It's just depressingly normalized.

Right? What's to consider? Just do it

I'm not sure why the downvotes. It is a huge hassle. Making sure 2 phones are charged at all times. It's nearly impossible to keep them in the same pocket so you have to get a belt holster.

[deleted]

Imo, that would be worse than dealing with an authentication app. Hell, I'd even delete Tiktok from my phone before I had to give up my phone reimbursement.

I'm surprised you can even download apps. I can't install anything on my work laptop, so shouldn't state-owned phones be the same?

well /r/sysadmin get's pretty spicy when you ask users to install an authenticator app on their phones. Like I get it - it's your device, but to me it's no different than putting a key on your keychain.

I have a work and personal cell. No company business on the personal, no personal on the company. It’s a pain in the ass but also much better then not having a work life separation.

I'm a millennial and was briefly a VT state employee. It never occurred to me to download any apps to my work phone that were not tied in with my work. Which basically meant to apps. That's not the intended purpose. I never even used my work laptop to log into social media accounts because it's a state device. Truly baffling to me that any state employee could go through all the required training and then download apps onto state devices for personal purposes.

Do it

the ban is on only those cell phones which are owned/managed by the state, right?

or is the ban on all cell phones state employees operate?

edit: attempting to be clearer

yep

well i would wager a guess that there is a process involved for banning an app

the alternative would be to only allow a whitelist of approved apps

pretty simple concept. i like it.

the grey would remain in the “necessary for job duties”

i’ve found ig to not be usable on a computer

ive observed that

the employees who are older are much better at listening, following directions accurately, asking necessarily follow-up questions, and keeping common sense in play when making decisions.

that would be a major impedement to some core job duties and an impediment to perhaps a surprisingly high number of operations which employees of the state are expected to complete

no, different organizations have different norms and rules

my understanding is that TikTok specifically is an emergent critical security concern

A CCP controlled indoctrination app that actively harvests user data?

An app that shows Chinese users lessons of math, science, technology, etc but shows US users people who eat laundry detergent and stack milk crates!?

Naahhhhh. Let it ride. No issue here. In fact, lets make it a law we all have to use Huawei phones!

This is incorrect. Instagram stories and reels (the only Instagram features that actually reach anyone now with their current algorithm) cannot be created and posted from desktop.

Also, when you know 99% or your end users will be on mobile, you should always check what your work looks like on mobile, even when you can post from desktop.

That's interesting because at my workplace, employees over 40ish tend to use their work issued cell phone as their only phone. including all their personal contacts, email, photos, social media, etc.

And almost all employees under 40 have 2 separate devices, one personal and one work.

I don't work for the state though.

As someone who manages socials for corpos I have to completely disagree with you. Some platforms absolutely force you to use the app either by making you finish setting up your account in one, or by making their web app so broken/annoying you have to use the app for your own sanity. Also, like others have mentioned, you want to see what your users are seeing.

I am one of two people in my company that has access to our social media accounts. The other person is in marketing and uses the platforms for ad management. Our company pays for our personal cell phones because of this.

We also want to be on every platform, and we always want to test out new platforms, because we want as many people to see our messaging as possible. The same goes for whatever the state is trying to communicate.

This all being said, the state can absolutely provide secure phones that allow socials to the folks who might need to be able to access them. And only allow it for those specific folks. They can also provide them a second phone for all other work related needs.

That's just completely unrealistic and incredibly short sighted. Lots of towns, state departments, transportation depts, etc, use socials for messaging. There is no better way to reach that many people.

[removed]

I’ve asked employee to do this. I have also has them say no. Not much you can do. It is not really a key as a key is a physical device and I know exactly what it does, an authentication app comes with a TOS written by a lawyer in 3 point font that may or may not commit you to giving away your 7th child. Nobody knows because nobody has ever read one all the way through

Mobile device security is much different than your standards domain security to implement.