Kaspersky Endpoint Security lets you use a task to remotely delete data from users' computers.
Kaspersky Endpoint Security deletes data as follows:
In silent mode;
On hard drives and removable drives;
For all user accounts on the computer.
Kaspersky Endpoint Security performs the Wipe data task no matter which licensing type is being used, even after the license has expired.
Data Wipe modes
This task enables you to delete data in the following modes:
Immediate data deletion.
In this mode, you can, for example, delete outdated data to free up disk space.
Postponed data deletion.
This mode is intended, for example, to protect data on a laptop in case it is lost or stolen. You can configure automatic data deletion if the laptop goes outside the boundaries of the corporate network and has not been synchronized with Kaspersky Security Center in a long time.
It is not possible to set a schedule for deleting data in task properties. You can only delete data immediately after starting the task manually, or configure delayed data deletion if there is no connection with Kaspersky Security Center.
Limitations
Data Wipe has the following limitations:
Only a Kaspersky Security Center administrator can manage the Wipe data task. You cannot configure or start a task in the local interface of Kaspersky Endpoint Security.
For the NTFS file system, Kaspersky Endpoint Security deletes only the names of the main data streams. Alternate data stream names cannot be deleted.
When you delete a symbolic link file, Kaspersky Endpoint Security also deletes the files whose paths are specified in the symbolic link.
Creating a Wipe data task
To delete data on users' computers:
In the main window of Web Console, select Devices → Tasks.
The list of tasks opens.
Click the Add button.
The Task Wizard starts.
Configure the task settings:
In the Application drop-down list, select Kaspersky Endpoint Security for Windows (11.7.0).
In the Task type drop-down list, select Wipe data.
In the Task name field, enter a brief description, for example, Wipe data (Anti-Theft).
In the Select devices to which the task will be assigned section, select the task scope.
Select devices according to the selected task scope option. Click the Next button.
If new computers are added to an administration group within the task scope, the immediate data deletion task is run on the new computers only if the task is completed within 5 minutes of the addition of the new computers.
Finish the wizard by clicking the Finish button.
A new task will be displayed in the list of tasks.
Click the Wipe data task of Kaspersky Endpoint Security.
The task properties window opens.
Select the Application settings tab.
Select the data deletion method:
Delete by means of the operating system. Kaspersky Endpoint Security uses the operating system resources to delete files without sending them to the recycle bin.
Delete completely, no recovery possible. Kaspersky Endpoint Security overwrites files with random data. It is practically impossible to restore data after it is deleted.
If you want to postpone data deletion, select the Automatically wipe data when there is no connection to Kaspersky Security Center for more thanN days check box. Define the number of days.
The postponed data deletion task will be performed each time that a connection with Kaspersky Security Center is absent for the defined period of time.
When configuring postponed data deletion, bear in mind that employees may turn off their computer before going on vacation. In this case, the absent connection term may be exceeded and data will be deleted. Also consider the work schedule of offline users. For more details about working with offline computers and out-of-office users, refer to the Kaspersky Security Center Help.
If the check box is cleared, the task will be performed immediately after synchronization with Kaspersky Security Center.
Create a list of objects to delete:
Folders. Kaspersky Endpoint Security deletes all files in the folder, and its subfolders. Kaspersky Endpoint Security does not support masks and environment variables for entering a folder path.
Files by extension. Kaspersky Endpoint Security searches for files with the specified extensions on all computer drives, including removable drives. Use the ";" or "," characters to specify multiple extensions.
Predefined folders. Kaspersky Endpoint Security will delete files from the following areas:
Documents. Files in the standard Documents folder of the operating system, and its subfolders.
Cookies. Files in which the browser saves data from the websites visited by the user (such as user authorization data).
Desktop. Files in the standard Desktop folder of the operating system, and its subfolders.
Temporary Internet Explorer files. Temporary files related to the operation of Internet Explorer, such as copies of web pages, images, and media files.
Temporary files. Temporary files related to the operation of applications installed on the computer. For example, Microsoft Office applications create temporary files containing backup copies of documents.
Outlook files. Files related to the operation of the Outlook mail client: data files (PST), offline data files (OST), offline address book files (OAB), and personal address book files (PAB).
User profile. Set of files and folders that store operating system settings for the local user account.
You can create a list of objects to delete on each tab. Kaspersky Endpoint Security will create a consolidated list and delete files from this list when a task is complete.
You cannot delete files that are required for operation of Kaspersky Endpoint Security.
Click the Save button.
Select the check box next to the task.
Click the Run button.
As a result, data on users' computers will be deleted according to the selected mode: immediate or when a connection is absent. If Kaspersky Endpoint Security cannot delete a file, such as when a user is currently using a file, the application does not attempt to delete it again. To complete data deletion, run the task again.