By customer demand I was wondering if it's possible to do a full remote wipe of Windows 10 Pro unattended through Kaseya. I looked at possibility's and come up with the command line "systemreset -factoryreset" but needs manual intervention.
According to the latest MS-Intune version it should be possible to do a remote full wipe of Windows 10.
Is there any procedure, script, powershell, vb, lua, bat, program, etc who can do the job remotely?
Thanks for the reply.
With kind regards,
You want full disk encryption instead. The concept of remotely wiping a computer while booted into an operating system presents certain technical challenges that make it almost impossible to complete unless a particular set of conditions are met.
I haven't used either of these tools in ages but would "fdisk" or "diskpart" do it?
Smason and zippo, thanks for your contribution on this subject.
It seems like a full encryption could be the next best thing to apply.
To be more specific about my question is a customer with Windows 10 Dell tablets and these to be wipe in case it gets stolen or for any other reason.
zippo The problem with dispart or fdisk is that all you would do with that is to modify or erase the partition tables, which are relatively trivial to recover from. A utility like testdisk can easily determine based on the data still on the disk exactly where the extents are *supposed* to be and get the data right back. Overall I would have to agree with SMason, that full disk encryption is your best bet.
Any attempt at "erasing" the disk, in order to really make the data unrecoverable would take a multipass overwrite of all the data, which takes a lot of time and would be easy to stop from happening if someone were really intent on gaining access to the data. If you end goal is simply to inconvenience whoever has the machine and make them have to work to get the data, there are plenty of ways to accomplish that with some simple scripts, but if you are really interested in protecting the data, the full disk encryption is the way to go.
Sorry, Jonathon. The OP asked, "I was wondering if it's possible to do a full remote wipe of Windows 10 Pro unattended through Kaseya." That's all I was attempting to answer. There was no info from the OP to suggest that he needed to meet ISO 27001 and ISO 27040 with a tamper-proof audit trail. I figured the OP simply wished to do a reinstall on a "clean" machine".
The question here is what are you trying to achieve with the remote wipe?
1) Is it for security to prevent data loss and/or prevent unauthorized remote access to your internal systems via this device?
2) To refresh the install for performance or troubleshooting purposes?
3) A combination of the two, like when you replace old assets and the old assets needs to be factory reset and securely wiped before the are sold off or returned to the leasing company?
What I would suggest is;
1) Encryption and targeted wipe by securely deleting user profiles if somehow the encryption is bypassed. They key here is to make the device unusable if stolen and to make it usable if recovered.
2) Imaging and local recovery partition on the device
3) A secure wipe and re-imaging to factory defaults, this is harder to do remotely as you need to have an audit trail.
Hi, Jonathon thanks for your input. I was thinking of a full disk encryption (bitlocker) in combination with "partdisk delete disk noerr" in a script.
Correct me if i'm wrong on this.
Zippo, thats tru. First i was only wondering if it's posible. But based on a ISO standaard is in case of some clients welcome.
HardKnoX, thanks for your input. If the goal is accomplished with a full wipe, full encryption or both through scripting/kaseya. That would be most welcome.
When i came across the command line "systemreset -factoryreset" (but needs manual intervention) and the information in InTune saying it now support "You can now perform a full remote wipe of Windows 10 desktop devices that are enrolled in Intune. Selective wipe of corporate data is already available in Intune.". Must be somthing you can do outside InTune.