Kaspersky Security Center

Deletion of objects

July 8, 2024

ID 171696

This section provides information about deleting objects and viewing information about objects after they are deleted.

You can delete objects, including the following:

  • Policies
  • Tasks
  • Installation packages
  • Virtual Administration Servers
  • Users
  • Security groups
  • Administration groups

When you delete an object, information about it remains in the database. The storage term for information about the deleted objects is the same as the storage term for object revisions (the recommended term is 90 days). You can change the storage term only if you have the Modify permission in the Deleted objects area of rights.

About deletion of client devices

When you delete a managed device from an administration group, the application moves the device to the Unassigned devices group. After device deletion, the installed Kaspersky applications—Network Agent and any security application, for example Kaspersky Endpoint Security—remain on the device.

Kaspersky Security Center handles the devices in the Unassigned devices group according to the following rules:

  • If you have configured device moving rules and a device meets the criteria of a moving rule, the device is automatically moved to an administration group according to the rule.
  • The device is stored in the Unassigned devices group and automatically removed from the group according to the device retention rules.

    The device retention rules do not affect the devices that have one or more drives encrypted with full disk encryption. Such devices are not deleted automatically—you can only delete them manually. If you need to delete a device with an encrypted drive, first decrypt the drive, and then delete the device.

    When you delete a device with encrypted drive, the data required to decrypt the drive is also deleted. If you select the I understand the risk and want to delete the selected device(s) check box in the confirmation window that opens when you delete such devices (either from the Unassigned devices or the Managed Devices group), it means that you are aware of the subsequent data deletion.

    To decrypt the drive, the following conditions must be met:

    • The device is reconnected to Administration Server to restore the data required to decrypt the drive.
    • The device user remembers the decryption password.
    • The security application that was used to encrypt the drive, for example Kaspersky Endpoint Security for Windows, is still installed on the device.

    If the drive was encrypted by Kaspersky Disk Encryption technology, you can also try recovering data by using the FDERT Restore Utility.

When you delete a device from the Unassigned devices group manually, the application removes the device from the list. After device deletion, the installed Kaspersky applications (if any) remain on the device. Then, if the device is still visible to Administration Server and you have configured regular network polling, Kaspersky Security Center discovers the device during the network polling and adds it back to the Unassigned devices group. Therefore, it is reasonable to delete a device manually only if the device is invisible to Administration Server.

In this section

Deleting an object

Viewing information about deleted objects

Deleting objects permanently from the list of deleted objects

See also:

Deleting an object

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.