Either it’s repair, repurpose or decomission – secure wipe of your device should allways be a part of your device management lifecycle. Handing in or repurpose you Surface devices might cause your organization to face a security challenge as the SSD is (next to) none-replaceable.

In any case of (serivce) replacement or repurpose of your Surface Pro 2 or Pro 3, there is a Surface Data Eraser tool that enables you to send a command to the SSD to change the bits to random sequences and effectively erase all data on the disk, however, there is two things that might give you some unexpected errors.


In order for the Surface Data Eraser to work, you need to suspend Bitlocker protection if BitLocker is enabled on your device. After this is set and done, you have to ensure that you either set UEFI settings to boot from USB prior to your SSD – or to interrupt the boot sequence and force the Surface to boot from your USB device by using the power + volume up while boot combo.


Suspend BitLocker

Remove the MicroSD

Now, if you have done everything as guided so far you should be set for the eraser tool to boot – except – if you have a mounted MicroSD card in the slot, you will get one of two error messges telling you that the boot configuration is not properly configured, or that BitLocker key wasn’t loaded correctly. Just remove the MicroSD card and reboot the device. Ensure that it boot


Ensure to remove MicroSD card

Follow the steps

After the application (a WinPE boot) is loaded, you simply follow the three-step guide to make the application send the command to the SSD.
The process of deleting the SSD will then proceed and only take a couple of seconds.

Type Accept

Type S

Type Y


  • Alex


1 2 3 7
February 29th, 2020

My slides from Microsoft Ignite The Tour: The grand tour of data protection with Microsoft 365

As promised during the event in Copenhagen, I’m sharing both my slides and my demonstration videos from my breakout session […]

February 28th, 2020

My slides from Microsoft Ignite The Tour: Do and don’t – on-boarding and end-user adoption of Microsoft 365

Thank you all for attending my session on Do and don’t – on-boarding and end-user adoption of Microsoft 365. As […]

February 13th, 2020

My slides from NIC 2020: Malware protection on Windows 10 using Hyper-V and OneDrive for Business

Thank you all for joining my session at the Nordic Infrastructure Conference (NIC) in Oslo. As promised (and always), here […]

November 8th, 2019

My slides from THR2037 – Microsoft Ignite 2019

It’s Friday and last day of Microsoft Ignite 2019 – still – a stronghold of geeks attended my last theater […]

November 8th, 2019

My slides from THR3032 – Microsoft Ignite 2019

First of all – a big thank you to all who attended my session on Thursday. As promised, I’m uploading […]

August 21st, 2019

Blocking specific hardware manufacturers from corporate resources

Microsofts Senior Program Manager, Matt Shadbolt, recently confirmed that the company is working to more granular separate what devices and […]

August 2nd, 2019

Updates to AAD and O365 Naming policy

Although it’s been available through PowerShell for quite some time, the option for adding and editing naming policies in Azure AD

May 22nd, 2019

Get my slides from VeeamON Miami

Thank you all!

March 14th, 2019

Get my slides from ExpertsLive Cafe Bergen

It’s amazing to see how many attended the local ExpertsLive Café event in Bergen the 14th of march 2019. As […]

January 1st, 2019

Congratulations 2019 Windows Insider MVP!

In addition to my fifth year as a Microsoft MVP, I’m truly honored to receive the award for Windows Insider […]