VMware AirWatch can be installed on corporate and personal devices to access company resources such as email, documents and productivity apps. When a company tells employees to install AirWatch on their phones to access company email, they might ask, “What can my manager see? Will my company know which apps I have on my phone? Can my company see my pictures or my browsing history?”
Our user experience (UX) team set out to address the issue of how end users perceive tools like AirWatch being installed on their devices, particularly personal devices. We realized much of the stigma associated with installing AirWatch came from a lack of knowledge about what AirWatch actually does.
Our goals were simple. The first one was to maintain transparency at all levels, since AirWatch forms a conduit between employers and employees. Our second goal was to educate both employers and employees on best practices to maintain employee privacy.
We realized much of the stigma associated with installing AirWatch came from a lack of knowledge about what AirWatch actually does.
- Be easy to read and understand.
- Be interactive and engaging for end users.
- Answer common questions before they were asked.
- Be customizable to the user reading it, since every company and every device type could have different data collected or monitored based on their configurations.
Here’s what we asked end users and what we found out about privacy.
How Do Users Feel About Device Management?
We started by asking how people felt about installing AirWatch on their phone. We received answers such as “To get what? Email and data and content? I would love that!” The high benefit of installing AirWatch to access company resources was never questioned.
However, we also heard things such as, “I would be anxious. I would also be paranoid about what data is being collected.” We also heard, “How does it affect my device…confidential and personal things sent to me being put out there. Who gets to see it? I think AirWatch is geared to look out for the company, not me.”
We also found that most users are only interested in the “Big Four”: browsing history, text messages, pictures and personal email.
Next, we conducted design reviews with AirWatch employees. We found that it was better to chunk information together. What AirWatch collects depends on a company’s policies and admininstrator, so some companies may collect information such as GPS but others may not. We found that if a company does not collect this information, it was better not to show it at all.
We also found that most users are only interested in the “Big Four”: browsing histroy, text messages, pictures and personal email. It was very important to inform users that AirWatch could not monitor any of these.
Keeping these considerations in mind, we created some high-fidelity prototypes. During this phase we also worked on the visual language to keep the tone and feel as friendly, open and approachable as possible.
Once we completed our prototype, we conducted some A/B tests with AirWatch employees to evaluate two variations. The major finding from this test was that notifying users that AirWatch does not collect the Big Four was imperative.
Although we explicitly showed users what data is collected, doubts about whether pictures or personal messages are collected were not assuaged. We decided to go with version B where we included a “What we cannot see” section.
We then went out in the field to conduct tests with people in cafes with the aim of determining when users would like to see this information in the overall enrollment process. Participants went through the entire process with us, from being informed that they need to install AirWatch on their phones through an email from their company to installing the AirWatch agent. We noted their questions and concerns at each stage, and we found that concerns usually arose right at the beginning of the process.