This blog post will show you how to Block TikTok Microsoft Intune on iOS and Android. This strategy can be used for any app.
TikTok was recently caught accessing user clipboard data when running in the background, potentially exposing passwords or other sensitive data. The behaviour was revealed because of a new feature in iOS 14, and it’s unclear how long it had been present in the app. TikTok has since removed the feature, but the privacy scare underscored long-standing privacy concerns over the app, which is owned by China-based ByteDance.
The NY Times also reported that TikTok has been under scrutiny as a potential national security threat. Amazon has also asked its employee to remove TikTok from their corporate phone to keep email access.
So, with all this information, it’s possible that your company asks you to block TikTok from your corporate devices. This post will show you how to bloc TikTok using Microsoft Intune device compliance policy and Conditional Access.
Can we block the TikTok app in an enterprise environment? You can’t block users from installing it and using it, but you can block their company access if they are.
If you’re starting with Intune, you may be tempted to use a device configuration profile and use an Application Restriction policy. This look like exactly done for that… but after trying it ourselves for hours, we never got it to work. The documentation is poorly made and the troubleshooting tools and reports are just bad. Impossible to know what’s wrong with our policy.
So we didn’t stop there and we decide to go with a good old Device Compliance policy. In short, the policy checks for our app (TikTok) and mark the device as “Non-Compliant”. After, we’ll set up a Conditional Access policy to block all devices that is not compliant to company resources.
We will start by show how to block Tiktok on iOS.
Bundle IDs for native iOS and iPadOS apps are all well documented but third party app is more tricky to find. The easiest way is to use the method documented in this blog post. In our case, we found the Tik Tok App BundleID: com.zhiliaoapp.musically
At the end of this post, we gather some popular BundleID for you to use if you want to block more app than just Tiktok.
Now that we have the BundleID, we’ll create our Device Compliance Policy.
The Android version is pretty similar to a single change at the start. Follow all iOS steps except when creating your policy, select Android
Now that we have a Device Compliance Policy, we must create a Conditional Access Policy to decide what to do with our non-compliance devices.
If you’re not familiar with Conditional Access Policy, read the Microsoft documentation as you can lock the user out your company resources.
We will now test our configuration. Wait a couple of minutes for the Policy to synchronise.
We hope this blog post helped achieve your security policy. Let us know what are you blocking
Here are some of the most common asked app to be blocked in a corporate environment
Please fill out the form, and one of our representatives will contact you in Less Than 24 Hours. We are open from Monday to Friday.
Thank you for subscribing to our newsletter or requesting a quote. You will receive our next month's newsletter. If you have requested a quote, we will get in touch with you as soon as possible.
Something went wrong!
Thank for your reply!