Microsoft Defender for Android ending support for enrolled personal profiles

Originally posted by Microsoft Jan 26, 2026 Uncategorized 0 Comments

Microsoft Defender for Android will end support for protecting personal profiles on enrolled devices by March 2026, focusing solely on securing corporate work profiles. This change enhances enterprise security and user privacy, requires no admin action, and does not affect work profiles or unenrolled devices.

Introduction

By the end of March 2026, Microsoft Defender for Android will no longer support protection of personal profiles on enrolled devices. This change aligns with our enterprise-first security strategy, ensuring resources are focused on protecting corporate data while maintaining user privacy.

When will this happen

Rollout will begin in mid-March 2026 and complete by late March 2026.

How this affects your organization

Who is affected: Organizations using Microsoft Defender for Endpoint (MDE) on Android in personal profiles on enrolled devices that are managed through mobile device management (MDM) configuration policies.

    What’s changing:

    We’re ending support, monitoring, and feature development for protecting personal profiles on enrolled devices (personal profiles managed via MDM configuration policy). Our main objective is to safeguard corporate assets, with emphasis on identity and data contained within the work profile in enrolled environments. We rely on Android’s platform-level separation to ensure robust isolation. Current research indicates that the likelihood of cross-profile attacks compromising enterprise data remains minimal at present.

    Current State:

    Defender can be enrolled in the personal profile and managed through MDM configuration policies along with controlling work profile configuration (App Configuration policies targeted to managed devices).

    Reference link: Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune

    New State:

    Benefits of the Change:

    What you can do to prepare

    Compliance considerations:

    Deploying and managing Defender in personal profile on enrolled devices via MDM policies will be retired by the end of March 2026. Defender in work profile on enrolled devices and unenrolled mobile application management (MAM)-enabled devices remains unchanged. 

    Reference link: Configure Microsoft Defender for Endpoint on Android risk signals using App Protection Policies (MAM)

    This update enhances our enterprise-focused strategy by providing more efficient and dependable protection for corporate data. It safeguards user privacy and ensures that Defender exclusively protects corporate assets, maintaining the integrity of personal information in accordance with privacy regulations and platform separation requirements.  

    • No action is required from admins or users.
    • These changes will be applied automatically in the back end and will not impact your work profile or unenrolled experience.

    No compliance considerations identified, review as appropriate for your organization.

    Message ID: MC1221927

    Comments are closed.

    Joao Ferreira

    I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

    Trending Posts

    %d bloggers like this: