Enrolled devices have two “modes” in Intune: personal and corporate. What is the difference in managing these two device types?
Let’s consider some basic definitions first. Personal devices are considered user owned. If a user owns their own device, and wants to access corporate data, then that is a “personal” device and can be managed differently. Corporate devices are considered company owned. These are devices that are owned by the company, and are generally expected to have more access to internal data, but also more restrictions.
Different MDM solutions handle these device types differently. For Microsoft Intune, devices are considered personal by default. Here are some ways for a device to become identified as corporate:
- The device serial number is stored in Intune prior to enrollment. When the device is enrolled, Intune will find the match and automatically categorize the device as a corporate device.
- The device is enrolled by a DEP partner.
- The device type is change manually by an Intune administrator.
Personal and corporate devices can be managed the same way, or completely differently. You can configure specific configuration profiles and apps to only be available to corporate devices, or personal devices. The Intune administrator is free to decide how these two device types are configured.
The only thing that Intune administrators can’t configure is how data is collected on the device. By policy, Intune will collect a little bit more information about corporate devices. Intune will collect the phone number and app inventory of company owned devices for reporting and monitoring purposes, but will not do so for personal devices. When an Intune administrator manually changes this for a device, they will see a warning informing them about this change.