question

1. There are no personal applications on corporate-owned fully managed device -- everything is managed. That's the entire point of this enrollment/management method. For work profile, kind of the same answer, no they cannot be managed as once again that's the entire point of this enrollment/management method: to separate work from personal.
   

2. What's your definition of work application? Intune doesn't magically know what a work app is. With a fully managed device, you can limit what is approved and installed from the Managed Google Play store. You can do this for a work profile device as well but it only impacts the work profile. Once again, that's the entire point of the work profile.
   

3. What does "turning off" an application mean? Uninstall? If so, with a fully managed device, yes, managed apps cannot be uninstalled by the end-user.

4. Covered above and also covered in their names.
   

5. That's up to you to determine although this also covered at https://docs.microsoft.com/en-us/mem/intune/enrollment/android-enroll

Answer 1&2. On a fully managed device, Intune provides a locked down approach to apps. By preventing the sideloading of apps on the device, the device maintains its security posture. Organizations do not have to enable installing apps from untrusted sources, which is a concern with the previous device administrator management mode. To ensure that only apps from approved sources are installed on the device, organizations can leverage the Managed Google Play store to distribute corporate apps to managed devices.

An organization may deploy additional policies to allow users to install other apps from the public Play store on the device, if they wish to, allowing users to personalize their work device. By default, access to the public Play store is blocked on a fully managed device.

Reference: https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/microsoft-intune-support-for-android-enterprise-fully-managed/ba-p/862232

Answer 3. Android Enterprise fully managed devices are corporate-owned devices associated with a single user and used exclusively for work and not personal use. Admins can manage the entire device and enforce policy controls unavailable to work profiles, such as:
• Allow app installation only from Managed Google Play.
• Block uninstallation of managed apps.
• Prevent users from factory resetting devices, and so on.

Reference: https://techcommunity.microsoft.com/t5/intune-customer-success/archive-intune-announces-preview-of-support-for-android/ba-p/314747

Answer 4. Compared with fully managed device above, end users can keep their work and personal data separate and are guaranteed that their personal data and applications will remain private. Admins can control some settings and features for the entire device, including:
• Setting requirements for the device password
• Controlling Bluetooth and data roaming
• Configuring factory reset protection
Android fully managed is one of the “device owner” management scenarios in the Android Enterprise solution set that enables productivity scenarios for users while allowing IT admins to manage the entire device and enforce an extended range of policy controls, beyond that which is possible with work profiles on personal devices. Fully managed devices are company-owned general-purpose Android devices that are associated with a single user.

Reference: https://techcommunity.microsoft.com/t5/intune-customer-success/intune-announcing-public-preview-for-android-enterprise/ba-p/1524325

Answer 5. Corporate-owned devices with a work profile is one of the corporate management scenarios in the Android Enterprise solution set. This corporate-owned, personally-enabled (COPE) scenario offers separation between work and personal profiles, similar to that offered for personally-owned work profile devices, while giving admins more device-level control. IT admins can see, control, and configure the work accounts, applications, and data in the work profile, while end users are guaranteed that admins will have no visibility into the data and applications in the personal profile. This scenario is targeted at organizations that wish to enable personal use on corporate-owned single-user devices that they have provided for work. This management scenario is available for Android 8+ (Oreo and higher) devices.

Hi all,

That what I mean that is split into two part on my Android phone. One is work and another is personal.

Thanks.