Dmitri Stalnuhhin - Fotolia

What's the best way to remote wipe a user-owned laptop?

Tools are now available to IT for a remote wipe of user-owned laptops. But set clear BYOD security policies and inform users.

Bring your own device practices are something of a double-edged sword. On the one hand, users have the benefit of working with their own devices -- no more lugging two laptops around. At the same time, however, administrators have to be able to protect company assets, including data that might reside on an employee's personal laptop. It's a tough call when you have to wipe data from a user-owned device. Ideally, a remote wipe would affect only corporate data and leave personal data intact. That isn't easy.

Mobile device management applications such as MaaS360 have implemented selective remote wipe features for Android and Apple iOS platforms. MobileIron supports multiple operating systems, including Windows 8.1, as well as mobile application management, so you might be able to use that tool for selective remote wipes.

If you are willing to remotely wipe all data on a drive, there are a number of options. AbsoluteSoftware's LoJack can delete data on a lost or stolen device. The software is available on a subscription basis, starting at $39 per year per laptop. An added benefit with LoJack is that it can use GPS, Wi-Fi and IP geolocation to track down a stolen laptop.

If you would like to preserve data under a bring your own device (BYOD) policy but make it unusable to unauthorized users, then a system such as Exo5 might be right for you. Exo5 can lock drives and encrypt data on lost or stolen devices.

One more thing to keep in mind about wiping employee-owned devices: It's a good idea for your BYOD policy to clearly describe how you handle security incidents with employee-owned devices. Users don't want to be surprised when they find that their personal laptops have been wiped by a corporate systems admin.

Which controls you establish is a company decision, but employees who use their own devices should know what they are before opting into a BYOD program.

Next Steps

Before you use remote wipe, check mobile device management and mobile data policies

Microsoft adds mobile device management features to Windows 8.1

Enterprises shouldn't neglect mobile security strategy

Sloppy BYOD can lead to Microsoft licensing violations

Mobile cloud apps and BYOD raise licensing concerns

How to remotely wipe multiple systems at once

Dig Deeper on Unified endpoint management