Microsoft has announced today that Microsoft Defender for Endpoint (MDE) is now available on Android Enterprise (AE) company-owned personally enabled (COPE) devices.
These devices allow both the enterprise and the employee to install applications, differing from other enrolment modes where the company manages every aspect of the device and control which applications are available and can be installed.
This update adds to its existing support for enrolled devices for AE bring your own device (BYOD), AE fully managed modes, legacy Device Administrator mode, and the unenrolled mobile application management (MAM) devices.
This release further strengthens MDE's offering, alongside recent updates to protect mobile devices on Wi-Fi and isolating compromised Windows devices. It gives IT teams an even more effective series of tools for mobile threat defence on Android.
The COPE architecture allows for containerization tools like work profiles to keep personal and work data separated, as well as the applications used for each, and gives admins full control within the work profile with only limited visibility into the personal profile.
This means that users of these devices get the privacy of a personal profile, while the enterprise issuing the device gets the full benefit of what MDE has to offer, as well as being able to enforce policies correctly.