Skip to main content

081: Review enrolled vs unenrolled for BYOD/Corporate

Overview

In Microsoft Intune, there are several enrollment options for Android devices, catering to both Bring Your Own Device (BYOD) and Corporate-owned scenarios. Here’s a detailed overview of the available options:

Enrollment Options for Android Devices

1. Android Enterprise Personally Owned Devices with a Work Profile (BYOD)

  • Description: This option allows users to enroll their personal devices while keeping corporate data separate from personal data. It creates a work profile on the device.
  • Use Cases:
    • Ideal for employees who want to use their personal devices for work.
    • Supports both new and existing devices.
  • Features:
    • Users can access corporate apps and data without compromising personal privacy.
    • Administrators can enforce policies on the work profile only.

2. Android Enterprise Corporate Owned Fully Managed Devices (COBO)

  • Description: These devices are fully managed by the organization and are used exclusively for work purposes.
  • Use Cases:
    • Suitable for devices issued to employees that are not intended for personal use.
  • Features:
    • Full control over the device, allowing for strict security policies and configurations.
    • Ideal for environments requiring high security, such as healthcare or finance.

3. Android Enterprise Corporate Owned Dedicated Devices (COSU)

  • Description: These devices are dedicated to a specific purpose, such as kiosks or point-of-sale systems.
  • Use Cases:
    • Commonly used in retail, logistics, or any scenario where the device serves a single function.
  • Features:
    • Devices are not associated with a specific user and can be locked down to a single app or set of apps.

4. Android Enterprise Corporate Owned Work Profile (COPE)

  • Description: This option allows organizations to manage both personal and corporate data on a single device while keeping them separate.
  • Use Cases:
    • Suitable for employees who need to use their devices for both personal and work-related tasks.
  • Features:
    • Provides a balance between user privacy and corporate control.

5. Android Open Source Project (AOSP)

  • Description: This option is for devices that run a version of Android without Google Mobile Services (GMS).
  • Use Cases:
    • Typically used in specialized environments where GMS is not available or desired.
  • Features:
    • Offers flexibility for custom Android implementations.

6. Android Device Administrator (DA)

  • Description: A legacy enrollment method that allows for basic management of Android devices.
  • Use Cases:
    • Suitable for organizations that have not transitioned to Android Enterprise.
  • Features:
    • Limited management capabilities compared to Android Enterprise options.

Key Differences Between BYOD and Corporate Enrollment

  • Data Management:

    • BYOD: Focuses on managing corporate data while preserving user privacy. Only the work profile is managed.
    • Corporate Enrollment: Provides full management capabilities, allowing IT to enforce policies on the entire device.

  • User Experience:

    • BYOD: Users maintain control over their personal data and can choose to enroll only for corporate access.
    • Corporate Enrollment: Users may have limited control over device settings, as IT manages the entire device.

  • Enrollment Process:

    • BYOD: Typically involves user-initiated enrollment through the Company Portal app or web-based methods.
    • Corporate Enrollment: Often involves automated processes through Android Enterprise features like Zero Touch Enrollment or bulk enrollment methods.