If you completely wipe every machine you find where a user has simply managed to open a dodgy web page,
First, let me fix this for you: If you completely wipe every machine you find where a user has successfully managed to open a dodgy web page,
That is called "perimeter defences lacking"
Second, depends what are you working on and in what security regime. A wipe may be the right approach in some environments.
Biting the hand that feeds IT
