How to Wipe Corporate Data From a Device?
When an employee leaves an organization or if the device is lost or stolen, an organization needs to remove all the corporate data and files residing on that device. Executing a complete device wipe command will remove all the device data and restore it to its factory defaults. It includes deletion of all the corporate and personal data and files on the device.
However, an organization may not want to remove the personal data on the device, especially if it is a personally-owned device. In such a case, it can perform a corporate data wipe to remove the corporate files, apps, or configurations that are deployed via Hexnode without wiping any personal data of the user.
To perform a corporate data wipe, you should either
- Delete/remove the policy that associates the Wi-Fi, VPN and other settings with the device.
- Disenroll the device
Disenrolling a device will remove all data associated with the device from your Hexnode MDM portal, and you won’t be able to access it again. On the device, all the applied policies and configurations will get removed, and the device will regain its unmanaged state.
Deleting a policy
Hexnode allows you to archive a policy from the Hexnode MDM console.
To Archive a Policy
- Log in to your Hexnode Portal.
- Go to Policies.
- Select the policy.
- Click on Manage > Move to Archive.
Removing a policy from the device
There are multiple methods to remove a policy from a device:
Method 1: From Policies tab
- Head on to Policies.
- Select an existing policy from the list.
- Go to Policy Targets.
- Click on remove corresponding to the devices which you want to remove.
Method 2: From Device Details
- Go to the Manage tab.
- Click on a device name.
- Head on to the Policies sub-tab.
- Click on the trash icon corresponding to the policy name.
Enterprises can make use of the ‘Mandatory Apps’ feature to automatically remove corporate apps from Android and iOS devices if they get lost, stolen, or even if the employee leaves the organization. Here, any apps pushed via MDM will be removed automatically on deleting the policy, or disassociating the policy from the device or when the mandatory app is removed from the policy. The option “Remove apps from the device on policy removal” must be enabled under Policies > iOS/Android > App Management > Mandatory Apps for this feature to work.
While configuring an iOS in-house (enterprise) app on the Hexnode UEM, you can specify whether the app needs to be removed from the device on disenrollment.
To remove an iOS enterprise app on disenrolling,
- Log in to your Hexnode MDM portal and select the Apps tab.
- From + Add Apps and select Enterprise App.
- Choose the Platform as iOS.
- Check the option Remove on disenroll. Enable ‘Prevent app backup’ to prevent the user from backing up the app data, thus securing the corporate data in the app (if any).
- Click on Add.