1. Home
  2. Blog
  3. 3 things you should know about remote wipe
May 5, 2021

3 things you should know about remote wipe

Joel Snyder

“Remote wipe” is a term you’ll hear a lot when it comes to managing smartphones and tablets, especially regarding security, loss and theft. If a device is lost or stolen, someone can send a command to completely remove stored data, which can protect the company’s valuable assets and reduce the risk of breach or compromise.

Since a data breach costs an enterprise $3.9 million on average, aggressively wiping a lost phone is pretty good business sense. With this in mind, it's worth taking a few minutes to understand remote wipe and its implications for your employees' smartphones.

A remote wipe policy is used by IT managers to help manage the risks presented by easily lost or stolen mobile devices. As an end user, understanding what remote wipe is capable of is beneficial if you find your technology compromised.

 

1. Remote wipe requires power and a network connection

Since “wipe” is a command that’s sent to a device, it has to be turned on, connected to the network and able to receive the protocol. If a device is lost at an airport, it may be easy to wipe. On the other hand, if someone wants to keep the device from being wiped, it’s easy to power it off, shield it or pop out the SIM card.

This means that when a device goes missing, it’s important to let your IT department know about it as soon as possible, as the window for wiping can be very brief. When a device is stolen, it can be a matter of seconds before data is compromised.

 

2. Remote wipe is not monolithic

Today’s mobile devices and management systems have a wide variety of options for remote erasure. In certain cases, it can be used to send the device back to factory reset status. In others, it can be subtler. For example, some setups have “enterprise wipe,” which only deletes the applications and data installed by the company, leaving personal data untouched. Phones that have a container setup, such as an Android Enterprise work profile, may only have the work profile wiped, since your organization is more concerned with those assets.

In a Bring Your Own Device (BYOD) setting, enterprise wipe can be used when someone leaves the company without properly deregistering their own smartphone. In that case, they may still be storing personal data, so just deleting the enterprise data makes more sense.

Another variation of erasure is often called “KeepAlive.” With KeepAlive, the device must check in with the company’s MDM/EMM tools over the network every so often. If the device goes missing for too long, then it will automatically take action, such as a complete device reset. The idea behind KeepAlive is that if your phone is stolen and then disconnected from the network, data will still remain protected.

KeepAlive isn’t universally used and can have some false positives if the MDM/EMM system is disconnected for too long. However, it’s another tool for your IT manager, and if they’re using it, you should be aware of it.

 

3. Employees should be forewarned

Remote wiping is generally included with all MDM/EMM tools, so no matter which one your company is using, there is probably some level of erasure capability on employee smartphones. For corporate-owned devices, employees may naturally expect that they can be wiped at any time.

However, in the case of BYOD policies, IT admins may still have the ability to remotely wipe devices if employees are required to install an EMM/MDM agent or antimalware tools on their phone or tablet. Organizations should spell this out clearly in their BYOD policy, which employees sign before gaining access to corporate systems on their personal devices.

For organizations that do not have an MDM/EMM solution in place, remote wiping may be handled on a per-app basis, which can mean blocking access to an app and removing associated data when a user’s device is believed to be compromised. When users enroll in those services, a screen often pops up telling them that this is part of the terms and conditions.

Employees may not like the idea that IT has the ability to remotely wipe data from their personal device, but generally, there is no other way to both provide full access to your company’s systems and maintain data security. From the business’ point of view, it’s an important measure to protect valuable informational assets.

Remotely locate, lock, and wipe Samsung devices with Knox Manage, included with Knox Suite along with Knox Platform for Enterprise, Knox Mobile Enrollment, and Knox E-FOTA.

You may also like:
GO TO BLOG →
News
Knox Release Highlights - October 2023
We are excited to share the past month's release highlights, upcoming releases and features, and content highlights of October 2023.
November 8, 2023
Product Updates
UAT environment to test Knox cloud services 23.12 updates and features
We are excited to announce a dedicated User Acceptance Testing environment, providing you with early access to Knox cloud services 23.12.
November 23, 2023
News
Samsung Knox Admin Portal receives the 2023 Red Dot Design Award
Users of the Knox Admin Portal can now say they use award-winning software. Read on to learn about our interface design recognition.
October 27, 2023
[Icon] close

Get the right solution for your business

Join 25,000+ organizations around the world.

[Icon] suitcase
Are you a reseller or solution partner?

Get access to the Knox Partner Program for helpful partner tools, such as the Knox Deployment Program portal, Knox MSP portal, partner SDKs, and more.

[Icon] info
Unified Endpoint Management
Knox Suite
Rebranding and customization
Knox Configure
Fraud and theft protection
Knox Guard
Device protection plan
Samsung Care + for Business
Other products & services

Get started with

[Image] Knox Suite

All-in-one solution bundle for enterprise mobility.

[Icon] Check mark

Join us and get a 90-day free trial for Knox Suite and other Knox products. *Approval required

[Icon] Check mark

A complete set of tools to secure, deploy, manage, and analyze your enterprise's corporate mobile devices.

[Icon] Check mark

Try powerful features bundled with Knox Suite, such as Knox Remote Support.

Knox Suite include:

[Icon] Knox Platform for Enterprise Knox Platform for Enterprise
[Icon] Knox E-FOTA Knox E-FOTA
[Icon] Knox Mobile Enrollment Knox Mobile Enrollment
[Icon] Knox Asset Intelligence Knox Asset Intelligence
[Icon] knox manage Knox Manage
[Icon] knox capture Knox Capture

Get started with

[Image] Knox Configure Logo

Remotely configure Samsung devices in bulk and tailor them to specific needs, right out of the box.

[Icon] Check mark

After approval, you can try both the:

  • Setup edition — designed for a one-time deployment
  • Dynamic edition — deploy and update policies as many times without a factory reset.
[Icon] Check mark

Try either the Setup edition or Dynamic edition of Knox Configure on up to 30 devices.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Icon] Knox Guard Logo

Remotely control Samsung devices to reduce financial risks and protect assets.

[Icon] Check mark

After you get approved, generate your free trial license for 90 days.

check-mark

Try all the features of Knox Guard on up to 30 devices, including SIM control and device locking.

[Icon] Check mark

Get a free Knox Suite trial upon approval to try our UEM.

Get started with

[Image] Samsung Care Plus For Business Logo

Protect your business devices against accidental damage and mechanical breakdowns.

[Icon] Check mark

Are you already a Samsung Care+ for Business customer? Create an account and access the Samsung Care+ for Business console.

[Icon] Check mark

Contact the Samsung sales team and get peace of mind for your devices.

Other products & services

[Image] Others logo
[Icon] Check mark

Samsung offers additional solutions to serve the unique needs of your business. Talk to a Samsung expert today.

CONTACT SALES
Back to top