Wipe Protection

By configuring Wipe Protection settings, you can exert more control over how and when devices can be wiped to avoid mass wiping devices. A wipe threshold is when a certain number of devices are automatically wiped or wiped as a result of an enterprise wipe or device wipe command, within a defined period of time.


Configuring Wipe Protection Settings

Note: You can only configure these settings at the Global or Customer level organization group.

Set a wipe threshold limit and amount of time in minutes by performing the following steps: 

1. Navigate to Devices > Lifecycle > Settings > Wipe Protection.

2. Configure the following settings: 

    • Wiped Devices – Enter the number of Wiped Devices that will act as your threshold for triggering wipe protection.

    • Within (minutes) – Enter the value for Within (minutes) which is the set amount of time the wipes must occur in to trigger wipe protection.

    • Email – Select a message template to email to administrators. Create a message template for wipe protection by navigating to Devices & Users > General > Message Templates, adding a new template and selecting Device Lifecycle as the Category and Wipe Protection Notification as the Type. You can use the following lookup values as part of your message template:
      {EnterpriseWipeInterval} – The value of Within (minutes) on the settings page.
      {WipeLogConsolePage} – A link to the Wipe Log page.

    • To – Enter the email addresses of administrators who should receive this notification message. You should only notify administrators who have access to the Wipe Log page.

3. Select Save.


Viewing Wipe Logs

You can view the Wipe Log page to see when devices were wiped and for what reason. After reviewing the information, you can accept or reject any on-hold wipe commands and unlock the system to reset the wipe threshold counter, or the time after which the number of devices wiped (device or enterprise) has exceeded a previously-defined number of devices and/or amount of time. 


Note: If the system is locked then you will see a banner at the top of the page indicating this status. 


Navigate to Devices > Lifecycle > Wipe Log. Access to this page is managed by the Report Device Wipe Log resource and is available by default for system admins, SaaS admins, and AirWatch admins. You can add it to any custom admin role using the Roles page. 

You may optionally Filter the Wipe Log by the following parameters:

  • Date Range
  • Wipe Type
  • Status
  • Source
  • Ownership

View the list of devices and determine whether these are valid wipes. Devices pending action will have a status of On Hold. If they are, then select each device and then select Approve wipe(s) from the command list. The status will change to Approved. If they are not, then select each device and then select Reject wipe(s) from the command list. The status will change to Rejected

Note: Devices wiped before the threshold limit was reached will display as Processed


After you have taken action on each device, you must unlock the system to reset the device threshold counter to zero and allow wipe commands to go through until the threshold limit is exceeded. Select Unlock System on the top of the page. You can only perform this action at a Global or Customer level organization group. 


Have more questions? Submit a request


Article is closed for comments.