DME supports the use of Android policies for corporate devices. If the device is marked as a Corporate device in its device settings, then the DME administrator is entitled to perform any operations on it, as it is corporate property. In the settings for the device, the administrator can choose to specify details about the device password, timeout lock, storage encryption, and camera use. See Android security settings.
If the device is the employee's personal device (Bring Your Own Device - BYOD), the employee has control over personal items on the device.
If the device is a personal device, and the administrator sends a Delete command to the device, only DME data will be destroyed - the entire DME container, AppBox apps, etc. Otherwise, data will be removed as specified. See also Delete device data.