You can protect yourself against excessive device wipes and enterprise wipes by setting a wipe threshold in Workspace ONE UEM powered by AirWatch.
Remotely wiping a device of privileged corporate content, called an Enterprise Wipe, is one of the steps considered when a device becomes lost or stolen. It is meant as a safeguard against the threat of corporate content coming into contact with competitors. A Device Wipe is potentially more destructive, removing all content until the device returns to its factory state.
However, there are circumstances when scheduled processes such as the Compliance Engine and other automated directives wipe multiple devices. In addition to the automated wipes, an accidental wipe initiated by an administrator can be problematic. As an administrator, you might want to be informed when such actions are initiated and be given the chance to intervene.
Configure wipe protection settings by defining a wipe threshold, which is a minimum number of devices wiped within a certain amount of time. For example, if more than 10 devices are wiped within 20 minutes, you can place future wipes on hold automatically until after you validate the wipe commands.
You can review wipe logs to see when devices were wiped and for what reason. After reviewing the information, you can accept or reject the on-hold wipe commands and unlock the system to reset the wipe threshold counter.