ÃÛèÖÊÓƵ

Microsoft 365 - Remote Data Wipe

Purpose

Microsoft offers the capability to remotely remove all data from a device that is synced to your OHIO email account in case the device is lost or stolen. However, this will only work if you use your OHIO email account in the email app that comes with the device. If you only use the Microsoft Outlook app from your device’s app store, remote wiping will only remove your OHIO account data from the app; all other personal data on the device will remain intact.

Important: Remote wiping capabilities are only available on Apple and Android tablets and phones, or Windows 10 devices that have a connection to Microsoft 365 via Exchange ActiveSync.

Scope

This standard applies to all university employees and students, as well as any individuals who are not University employees but have access to university data through Microsoft 365 email. This may include retired or emeritus staff and faculty, contractors, and volunteers. This standard applies when university data is accessed through or stored on mobile computing and storage devices, regardless of device ownership.

Standard

A Microsoft 365 account holder can initiate a Depending on the email app used, a remote wipe may erase your entire device, much like a factory reset, and require you to setup the device again. This may result in the loss of all data on the device, including photos, videos, and other personal data

Performing a self-service remote wipe using Outlook on the web:

  1. Log into your account via
  2. Click on View All Outlook settings.
  3. Click General, and then select Mobile devices.
  4. Select the mobile phone.
  5. Click or tap the Wipe All Data icon.

If you contact the IT Service Desk to perform a remote wipe, they will escalate your request to the OHIO Information Security Office. The remote wipe action must be authorized by both the account and device owner.

What happens when a remote wipe is performed?

  • iPhone or iPad: If a person who uses the built-in Mail app for their iPhone or iPad initiates a remote wipe, this will completely wipe their device. The person will lose any data on the device that is not backed up, including photos, videos, and other personal data.
  • Microsoft Outlook app for iOS or Android: If a person who uses the Microsoft Outlook app for their iPhone, iPad, or Android device initiates a remote wipe, this will remove their OHIO account and data from the Outlook app on all mobile devices which are used with the Outlook app, not just the lost or stolen device. This will only impact the OHIO account data on the app and will not wipe the entire device.
  • Windows 10 mail app: If a person who uses the Windows 10 Mail app initiates a remote wipe, this will completely wipe their device. The person will lose any data on the device that is not backed up, including photos, videos, other personal data, and installed apps.

References

Exceptions

All exceptions to this standard must be formally documented with the Information Security Office (ISO) prior to approval by the Information Security Governance Committee (ISGC).  Standard exceptions will be reviewed and renewed on a periodic basis by the ISO. 

Request an exception:

Complete the Exception Request Form.

Governance

This standard will be reviewed and approved by the university Information Security Governance Committee as deemed appropriate based on fluctuations in the technology landscape, and/or changes to established regulatory requirement mandates.   

Reviewers

The reviewers of this standard are the members of the Information Security Governance Committee representing the following University stakeholder groups: 

  • Audit, Risk, & Compliance: Josh Gonzalez, Chief Privacy Officer
  • Audit, Risk, & Compliance: Larry Wines, Director of Enterprise Risk Management & Insurance
  • Faculty: Hans Kruse, Instructor; Emeritus (Scripps College)
  • Faculty: Brian McCarthy, Professor; Senior Associate Dean (College of Arts & Sciences)
  • Faculty: Shawn Ostermann, Associate Professor (College of Engineering)
  • Faculty: Bruce Tong, Assistant Professor of Instruction (Scripps College)
  • Finance: Julie Allison, Associate Vice President, Finance
  • Human Resources: Michael Courtney, Senior Associate General Counsel/Director of Employee & Labor Relations
  • Information Technology: Ed Carter (Chair), Chief Information Security Officer and Senior Director, Information Security & Digital Accessibility
  • Regional Higher Education: Larry Tumblin, Director of Information Technology for Regional Higher Education
  • Research: Kimberly Littlefield, Associate Vice President for Research Administration

History

Draft versions of this policy were circulated for review and approved on November 20, 2020.

Draft versions of this policy were circulated for review and approved August 7, 2025.