Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Remote Actions
  3. Admin actions

Category filter

How to wipe corporate data from a device?

Jump To

Corporate Data Wipe is a remote management action used to remove enterprise-specific files, applications, and configurations from a device while leaving the user’s personal data untouched.

Corporate Wipe vs. Complete Device Wipe

Choosing the correct wipe method depends on device ownership and the necessity of data retention.

Feature Complete Device Wipe Corporate Data Wipe
Data Impact Deletes all data (Personal + Corporate). Deletes only MDM-deployed data.
Device State Restores to factory defaults. Device remains in an unmanaged/personal state.
Use Case Lost/Stolen corporate-owned devices. Employee offboarding for BYOD (Personally-owned).

Methods to Perform a Corporate Data Wipe

Organizations can trigger a corporate wipe by either disenrolling the device or removing associated management policies.

1. Disenrolling the Device

Disenrollment is the most direct way to execute a corporate wipe. This action:

  • Removes the device from the Hexnode UEM portal.
  • Strips all applied policies, configurations (Wi-Fi, VPN), and managed apps from the device.
  • Reverts the device to an unmanaged state.

2. Archiving or Deleting Policies

If you wish to remove specific corporate configurations without full disenrollment, you can manage the policies directly.

To Archive a Policy:

  1. Log in to the Hexnode portal.
  2. Navigate to Policies.
  3. Select the target policy.
  4. Click Manage > Move to Archive.
Note:


Restoring an archived policy via Archived Policies > Manage > Restore will not retain previous policy targets.

Removing Policies from Specific Devices

To remove a policy and its associated corporate data from an endpoint without archiving the policy entirely, use one of these two methods:

Method 1: From the Policies Tab

  1. Navigate to Policies.
  2. Select the existing policy.
  3. Go to the Policy Targets sub-tab.
  4. Click remove next to the specific devices.

Method 2: From Device Details

  1. Go to the Manage tab.
  2. Click on the specific Device Name.
  3. Navigate to the Policies sub-tab.
  4. Click the Trash Icon next to the policy name.

Automated Corporate App Removal

Hexnode allows for the automatic deletion of corporate applications when a policy is removed or a device is disenrolled.

For Android and iOS (Mandatory Apps)

To ensure apps are removed when a policy is disassociated, enable the following setting:

  • Path: Policies > iOS/Android > App Management > Mandatory Apps.
  • Setting: Enable “Remove apps from the device on policy removal”.

For iOS Enterprise (In-House) Apps

  1. Select the Apps tab in the Hexnode portal.
  2. Click + Add Apps > Enterprise App.
  3. Choose iOS as the platform.
  4. Check Remove on disenroll.
  5. (Optional) Enable Prevent app backup to ensure corporate data cannot be restored via personal backups.
  6. Click Add.

Troubleshooting Guides

Problem Resolution
Corporate apps remain after policy removal Ensure the option “Remove apps from the device on policy removal” was enabled in the Mandatory Apps settings before the policy was removed.
Wi-Fi/VPN settings persist after wipe Verify that the device is Online. Remote wipe commands require an active internet connection to reach the device and pull configurations.
Cannot find restored policy targets Policy targets are intentionally not retained during a restore from the Archive. You must manually re-assign the policy to the intended devices/groups.
In-house iOS app data backed up to iCloud This occurs if “Prevent app backup” was not checked during the initial app upload. Re-configure the app settings in the Apps tab.

Frequently Asked Questions (FAQs)

What happens to personal photos and contacts during a corporate wipe?

Personal data, including photos, personal messages, and contacts, remain completely untouched. Only the data, apps, and settings deployed via Hexnode UEM are removed.

Can a device be tracked after performing a corporate wipe?

No. Once a corporate wipe is completed via disenrollment, the device is no longer managed by Hexnode. All communication between the portal and the device is terminated.

Does a corporate wipe require user interaction?

No. As long as the device is connected to the internet, the removal of policies and configurations happens silently in the background.

What is the difference between archiving a policy and deleting a target?

Archiving a policy removes it from active use for all devices. Deleting a target removes the policy’s effect only from a specific device or group while keeping the policy active for others.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Remote Actions