View all Worklets
Windows

Windows - Security - Remote Wipe

Remotely resets Windows endpoints to original factory settings.

Worklet Details

Introduction to the PowerShell Based Windows - Security - Remote Wipe Worklet

The Windows - Security - Remote Wipe Worklet allows IT administrators the ability to  quickly and easily secure company information on Windows devices. This PowerShell-based script can be used to perform a full wipe of a compromised or lost device, ensuring sensitive data does not fall into the wrong hands. 

As this Worklet results in permanent loss of all data stored on the device, it should be used with utmost caution and only when absolutely necessary.

Why would you use the Windows - Security - Remote Wipe Worklet?

Organizations often need to remotely lock or wipe devices in cases where a device is lost, stolen, or compromised to protect private data from unauthorized access. The Windows - Security - Remote Wipe Worklet allows system administrators to remotely erase all data from a specific Windows device without requiring physical access.

By using this script in conjunction with Microsoft Account services or Active Directory infrastructure, companies can manage and secure their fleet of devices effectively. A remote wipe can help ensure that sensitive company information is not exposed if an employee loses their Windows laptop or if a system breach occurs.

Components of the Windows - Security - Remote Wipe Worklet

The core components of the Windows - Security - Remote Wipe Worklet include a PowerShell script for execution and various supporting resources such as documentation and prerequisites. These components work together to enable users to perform remote wipes on Windows devices.

How does the Windows - Security - Remote Wipe Worklet work?

This PowerShell script utilizes the doWipeMethod method from the MDM_RemoteWipe class found in Microsoft's documentation: (https://learn.microsoft.com/en-us/windows/win32/dmwmibridgeprov/mdm-remotewipe). When executed, all data on the target device will be deleted, and the device will be restored to its factory defaults. The computer will then reboot immediately and go through the "Resetting this PC" Out-Of-The-Box Experience (OOBE) process.

Due to the severe consequences of running this Worklet, it is recommended that users disable Automox Install and Reboot Notifications in the policy settings. Additionally, it is advised to create a separate group for the Worklet and manually add devices as needed to reduce inadvertent impact.

What is the expected outcome when you use the Windows - Security - Remote Wipe Worklet?

Upon successful execution of the Windows - Security - Remote Wipe Worklet, all data on the targeted device will be permanently removed. This includes user accounts, files, applications from Microsoft Store, and configurations. The device will then reboot and initiate the factory reset process.

This outcome ensures that sensitive data stored on compromised or lost devices can be securely wiped remotely, preventing unauthorized access or misuse of company information. However, given its irreversible nature and potential ramifications, system administrators should exercise extreme caution when deploying this script.

View in app

Consider Worklets your easy button

What's a Worklet?

A Worklet is an automation script, written in Bash or PowerShell, designed for seamless execution on endpoints – at scale – within the Automox platform. Worklet automation scripts perform configuration, remediation, and the installation or removal of applications and settings across Windows, macOS, and Linux.

do more with worklets