Device record removal occurring after only 30 days offline despite PII deletion threshold of 3 months or longer
Article ID: 246974
Updated On:
Products
Issue/Introduction
When working with a SEP Mobile environment that has been integrated with VMWare Workspace One (WS1, aka Airwatch), and with a personally identifiable information (PII) deletion threshold configured higher than the recommended setting of 30 days, it is observed that devices are automatically removed from the Management Console (MC) after only 30 days of inactivity.
Environment
SEP Mobile MC integrated with WS1, with PII deletion set higher than the default of 30 days
Cause
This will occur if the device also does not check in with WS1 for a period of 30 days. After a device is offline in WS1 for 30 days or longer, WS1 marks the device record as stale. Our device sync will not sync a stale record, so following 30 days of inactivity in both the MC and WS1, on the next device sync the MC will identify that the device is stale in WS1, and will then remove the device record from the MC as part of device sync cleanup.
Note that the record for the user of the device can still be found in the MC, which indicates that PII deletion did not occur. The deleted device record can then be found under the user's record and inspected, to confirm it shows the health condition of "Airwatch not seen for more than a month".
Resolution
This is expected behavior. If the device checks in again with WS1, its record will be cleared of the stale status, then upon the next device sync it will be added back to the MC.
Feedback
