So you followed Microsoft recommendations and implemented a Mobile Application Management policy!
but now someone has left and you need to ensure the data has been erased!
so to show you I will do it to myself – what could possibly go wrong? right Right RIGHT !!!
a quick primer MDM and MAM
so I just want to make sure we are all talking the same language here, Intune is both a Mobile Device Management(MDM) platform and a Mobile Application Management (MAM) platform
so what’s the difference – well at a high level it really comes down to who owns the device – if it a corporate-owned device (CYOD) then the business will want to control the entire device (push apps, control OS upgrades etc etc) and hence an MDM solution is best – now as a user you should remember the device and everything on it (the cute photos of your kids or pets) is under the business control and then there is MAM
with MAM the company can deploy a secure container to the machine and control what can and can not happen inside that container (the corporate data) – the business is not able to control the device nor access the cute photos of your kids/pets
So onto the show
to complete this process you need to be a intune administrator
let’s be clear I backed my Ipad up before attempting this (I may be silly but I am not Stupid)
so with your admin credentials log into the Azure Portal
then launch “Intune App Protection”
(if you do not see it under Azure services just search for it in the search dialogue box above
select “App selective wipe” under the manage section on the left-hand side
next click on “+ Create wipe request”
in the Create wipe request window click on “Select user”
in the blade that slides in from the right enter the name of the user (in my case myself) and select the person in the field below (once selected press the blue select button at the bottom of the screen
the devices used by the users under a MAM policy will then appear
from here simply select the device (in my case Michael’s iPad (2)
and the bottom of the window click Create
this will take you back to the App selective wipe window
now when the users next launches the application to access the data it will be blocked
the user will see
and as an Admin you will see
Happy MAM wiping