Dmitri Stalnuhhin - Fotolia
Bring your own device practices are something of a double-edged sword. On the one hand, users have the benefit of working with their own devices -- no more lugging two laptops around. At the same time, however, administrators have to be able to protect company assets, including data that might reside on an employee's personal laptop. It's a tough call when you have to wipe data from a user-owned device. Ideally, a remote wipe would affect only corporate data and leave personal data intact. That isn't easy.
Mobile device management applications such as MaaS360 have implemented selective remote wipe features for Android and Apple iOS platforms. MobileIron supports multiple operating systems, including Windows 8.1, as well as mobile application management, so you might be able to use that tool for selective remote wipes.
If you are willing to remotely wipe all data on a drive, there are a number of options. AbsoluteSoftware's LoJack can delete data on a lost or stolen device. The software is available on a subscription basis, starting at $39 per year per laptop. An added benefit with LoJack is that it can use GPS, Wi-Fi and IP geolocation to track down a stolen laptop.
If you would like to preserve data under a bring your own device (BYOD) policy but make it unusable to unauthorized users, then a system such as Exo5 might be right for you. Exo5 can lock drives and encrypt data on lost or stolen devices.
One more thing to keep in mind about wiping employee-owned devices: It's a good idea for your BYOD policy to clearly describe how you handle security incidents with employee-owned devices. Users don't want to be surprised when they find that their personal laptops have been wiped by a corporate systems admin.
Which controls you establish is a company decision, but employees who use their own devices should know what they are before opting into a BYOD program.
Before you use remote wipe, check mobile device management and mobile data policies
Microsoft adds mobile device management features to Windows 8.1
Enterprises shouldn't neglect mobile security strategy
Sloppy BYOD can lead to Microsoft licensing violations
Mobile cloud apps and BYOD raise licensing concerns
How to remotely wipe multiple systems at once
Dig Deeper on Unified endpoint management
Related Q&A from Dan Sullivan
Docker's recent upgrade introduced support for hardware signing and in the future, automated security analysis on Docker images. Expert Dan Sullivan ... Continue Reading
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of ... Continue Reading
Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks ... Continue Reading