Microsoft Defender for Endpoint now supports Android enterprise COPE devices

Microsoft Defender for Endpoint (MDE) is now available on Android Enterprise (AE) company-owned Personal Enabled (COPE) devices. These devices allow businesses and employees to install apps, unlike other enrollment models where companies manage every aspect of the device and control which apps are available and can be installed.

This update adds existing support for registered devices for AE Bring Your Own Device (BYOD), AE Fully Managed Mode, Legacy Device Administrator Mode, and Unregistered Mobile Application Management (MAM) devices. This release further enhances MDE's offering, along with recent updates, to protect mobile devices on Wi-Fi and isolate compromised Windows devices. It provides IT teams with a range of more effective Android mobile threat defense tools.

The COPE architecture allows containerized tools such as work profiles to separate personal and work data and the applications used for each, and gives administrators full control over work profiles with limited visibility into personal profiles. This means that users of these devices can gain privacy of their personal data, while companies issuing devices can take full advantage of what MDE has to offer and be able to properly enforce policies.