(imported topic written by PJSisk)
Hey all. Here is an interesting one. We have a disinvestment coming on a few 100 PC’s in which the purchasing company of the group has purchased the PC’s of the business unit. To satisfy our security requirements, we need to wipe the disks prior to the sale.
All devices currently use TEM and the end state is to have the machines have no data on the disk whatsoever, hence a remote wipe.
Is it possible for TEM to do this?
Thganks,
Paul
(imported comment written by jgstew)
BigFix/TEM/IEM does not really have this capability itself.
I think there are 2 option
I’m not certain how possible the 2nd option is, but it is not possible to wipe a hard drive completely from within a booted OS on that hard drive itself. Also, I would still recommend verifying that the wipe was successful.
BigFix/TEM/IEM could be used to help set this up.
(imported comment written by Tim.Rice)
One option might be to remotely install something like TrueCrypt and encrypt all the drives, and don’t give them the keys. It’s as good as encryption, and they’ll have to use something like DBAN to get the drive back to a usable state and install a new OS.
(imported comment written by martinc)
I wonder if this could somehow be done with the TPMfOSD component as it has the capability of various types of disk wipe. Basically, you would need to be able to boot to the WinPE, make a call to rbagent with the wipe parameters. I have not done this within IEM, but I have used TPMfOSD to wipe a disk.
A good idea might be to open an RFE (
http://www.ibm.com/developerworks/rfe/?BRAND_ID=90
) to perform this function. I would be a good addition to the provisioning component to do this.
If I had some more time, I could try to look at this, but right now is not a good time 
Martin