Hey everyone,
We're in need of a straightforward solution for wiping a Windows laptop after an employee leaves the company, as we plan to reassign it to a new employee. The goal is to erase all the previous user's data while keeping the company data intact.
We discovered that Microsoft Intune has a remote wipe feature, but we're curious if this method meets ISO compliance standards. Any thoughts or recommendations? Thanks!
5 Answers
You could opt for a 'fresh start' and reset the BitLocker key. This way, the new user won't have any access to old data, effectively erasing it beyond retrieval.
This essentially leverages the built-in Windows reset feature, which does the job without too much hassle.
A common approach is to reimage the computer before passing it on to a new user. Also, remember that 'ISO compliant' isn't a one-size-fits-all; it needs to align with the specific ISO standard you follow, which usually requires some documentation of your process.
Using the wipe command in Intune is a solid choice. After that, just redeploy it for the new user so they can go through the out-of-box setup like it's a brand new laptop.
You might want to consider selectively wiping only the user data and then reinstalling the necessary company data. Just think about how you'd differentiate the company data from the user's, aside from just wiping their profile. Good luck with that!
Exactly! It’s best to completely wipe both user and company data. Then, when you boot the laptop up again, you can set it up as if it's brand new and the new user will have their own profile.