Appendix C — JumpCloud MDM Device Unenrollment & Wipe

Appendix C: JumpCloud MDM Device Unenrollment & Wipe #

This appendix documents the procedure for unenrolling a departed employee’s device from JumpCloud MDM and performing a remote wipe.

C.1 Pre-Wipe Verification #

Before initiating a remote wipe, IT must verify that data archival is complete and the device has been confirmed as returned (or is being remotely wiped due to non-return).

  1. Confirm that the device return has been logged or that the device is being wiped due to non-return escalation.
  2. Verify that no business data on the device requires separate backup (all Drive data should be cloud-synced; local-only files are the employee’s responsibility per the personal data removal notice).
  3. Document the device serial number, OS version, and last check-in time from the JumpCloud console.

C.2 Unenrollment & Wipe Procedure #

  1. Log into the JumpCloud Admin Portal.
  2. Navigate to Device Management → Devices.
  3. Locate the departed employee’s device by name or serial number.
  4. Remove all user associations from the device.
  5. Remove the device from all Device Groups.
  6. If the device is online and checking in: initiate a remote wipe command from the device actions menu.
  7. If the device is returned and in hand: perform a local wipe/reimage using the standard OS installation media.
  8. After wipe is confirmed, remove the device record from JumpCloud (or retain for reassignment).
  9. Update the asset inventory to reflect the device status (available, decommissioned, or pending reimage).
**BYOD / Contractor Devices:** For devices enrolled under the BYOD/contractor model (personal devices with selective wipe), only the managed profile and OASIS data are removed. The device itself is **not** wiped. Confirm the enrollment type before initiating any wipe command.

C.3 Non-Return Escalation #

If a device has not been returned within 10 business days of the employee’s last day:

  1. IT Director escalates to the Executive Director with device details and departure date.
  2. A second written notice is sent to the former employee requesting immediate return.
  3. If the device remains unreturned after the second notice, IT initiates a remote wipe (if the device is online) and the matter is referred to the Executive Director for further action.
  4. The asset inventory is updated to reflect the device as lost/unreturned.