We are testing Intune MDM and MAM.
First target is Android device.
We want to limit mobile device to access O365 resources with Intune enrolled device and approved apps by conditional access.
For privacy, we allow BYOD android device with work profile.
As Intune can push apps as managed apps, but user can also install apps.
My question is what is the difference between using the managed apps and user installed apps?
If there is any advantage on using managed apps over user installed apps, how to restrict users to access O365 resources by Managed apps only?
Thanks.