Earlier this week, we announced VMware AirWatch 8.3, packed with enterprise mobility management (EMM) updates and new functionality. Today, I want to focus on the AirWatch 8.3 features dedicated to end-user privacy—a controversial topic that continues to raise eyebrows and even spark new legislation all over the world.
There are three key things you need to know about the AirWatch Privacy First program, an initiative we integrated into our EMM solution last year to bring transparency and education to both IT administrators and end users.
[Fun Fact: IAAP awarded the AirWatch Privacy First initiative “Most Innovative Privacy Technology.”]
1. What AirWatch Can & Cannot Collect
One of the biggest misconceptions that I want to clear up is that AirWatch does not have the ability to collect information from the personal messages users send or receive from their devices. This includes personal emails, SMS, MMS, phone calls, voice messages or FaceTime messages. AirWatch cannot collect metadata on these messages, either.
Apple has taken a much more aggressive approach to user privacy over the past few iOS releases. This started with removing API’s to allow developers to collect the unique identifier associated to each iOS device in 2011. iOS 9 now gives end users much greater control over location-based services. Per Apple: “An app can use your data only if you have given it your permission.”
When AirWatch is installed on the device and if IT wants to collect privacy-related data, users will be prompted with a pop-up window that looks similar to this:
When users receive this notice—either on first installation of AirWatch or after—they will have ultimate control to enable the privacy settings which may send data to the AirWatch servers managed by the IT department.
One of the most common privacy settings that employees are most concerned about is the ability to track the location of the mobile device. As a consumer, the ability to find a lost or misplaced device is revolutionary and, every once in a while, very useful. There are many different reasons why IT may need to track the device. The device could be used to help a field service technician or be used as a self-service resource that provides assistance to customers in a retail environment. In both instances, the location of the device may be very important to the enterprise. It may be important to wipe the device if it leaves the store or provide location information if a service technician leaves it at a worksite. By default, AirWatch does not track GPS data.
Situations may change that might require the enablement of some privacy settings. If users notice one of these privacy pop-ups during the course of work, they should work with IT department to understand why they are asking for the information.
2. Encouraging Mobile Transparency: A New Tool for End Users
Employees need improved transparency, access and choice when it comes to enrolling their mobile devices. With AirWatch 8.3, we give the end user a visual privacy app that lets you see what your IT department is collecting from your smartphone and/or tablet.
When you open the app, users will be able to see in what IT can see on the device. Mobile workers can check this anytime to get an accurate picture of what information IT is collecting—user details, work apps, etc.—as well as what IT cannot see—text messages, personal email, phone activity, GPS data, personal apps, etc. Finally, the app also points out some options on how the device is protected with AirWatch installed.
Along with the new whatisairwatch.com website, users can now understand just how personal information is separated from work data in a bring-your-own (BYO) environment and how IT uses AirWatch to protect both the business and the user from data loss.
3. Introducing the Privacy Officer
Finally, I would like to let you know about a new administrative role that is being introduced with this latest release. We have created a “Privacy Officer” role.
IT can now assign an individual or small group the exclusive privilege to manage the privacy settings. This role is important, as it allows for an additional layer of segregation on the administrative side. Separating the privacy settings by policy within IT allows for better checks and balances and helps provide an additional layer of end-user protection.
Protecting privacy should be the focus of every mobile experience. After all, user adoption is key to any successful business mobility initiative, and earning user trust is the foundation of successful user adoption.
That’s why the AirWatch platform delivers what we call “privacy by design.”
Still have questions? Please leave your questions about the AirWatch privacy program and technology in the comments, and read our new whitepaper to learn more about Demystifying End-user Privacy for Enterprise Mobility.