Which is better, a Microsoft managed work profile or Microsoft apps directly in my owner profile?

What do you want advice about?
I’m considering downloading Outlook and Teams on my phone again for work in order to stay more in touch during off hours. The Outlook web app inherently doesn’t come with notifications, which would be important, and there is no Teams mobile web app as far as I have found.

What have you considered or looked at already?
One option I’m considering is to just download them directly on my main profile and let Mullvad’s custom DNS take care of as many trackers as it can. It gives me notifications, but otherwise I’m still worried about what Microsoft may be able to get despite the mitigation I have.

The other option I’m thinking is to use Microsoft’s Company Portal app to create a work profile and keep those apps there. The benefit is that I have a work profile now to compartmentalize those apps and keep them from my main profile. The con is that it’s a Microsoft app that I’m using to manage this, so does it matter at the end of the day?

I’m using Exodus to see what the situation seems to be regarding trackers and permissions. Seems like Company Portal is at least better than Outlook and Teams. Might even consider Outlook Lite as it seems more private than regular Outlook. However, it’s all Microsoft at the end of the day.

Another consideration is that I’m already using Microsoft Authenticator on my main profile. So am I already out of luck regardless of which way I go?

Last thing: why not use Shelter? While I personally might be fine with using Shelter, I don’t want to submit my employer to a device admin that they do not know or trust. I don’t know if that’s a big deal, but I would rather keep a third party out of this for my actual work apps.

In brief, tell us about your privacy threat model?
My threat model is primarily focused on avoiding bad actors like scammers, hackers, getting caught up in data breaches, and preserving my privacy from the average person like by avoiding doxxing. Where I can go above and beyond to be private against companies I do what I can.

Using stock Android on a Google Pixel 6.

1 Like

I forward all my work e-mail from Outlook to my Proton account, I don’t want to install any Microsoft apps on my phone. It’s not a perfect solution, it allows me to see the e-mails I receive, but I need to use my work laptop to reply.

I think that would be too roundabout for me, but I’ll keep it in mind.

Another option along those lines is to simply check my work comms after hours at different times to make sure I don’t miss anything. Maybe at least once in the afternoon? I think that even urgent emails could probably wait a couple hours if you’ve emailed the person after 5:00. I could get away with this for Outlook, but not for Teams, meaning I would either have to download the app again or boot up my work machine. Then there’s the whole “I don’t want to have to check work things after hours” part, but having notifications on also kind of runs against that idea.

I typically don’t reply to customer e-mails outside office hours, but there can be some exceptions, most of the time I just want to read the e-mails. I do need to receive e-mail notification from our internal monitoring systems, in case there are issues with a server, it typically can’t wait until the next day.

The main reason I don’t reply to e-mails is that any reply to my e-mail would be sent to my personal account, and I prefer to be able to keep all my e-mails on my work account in case I need them as proof something was said.

Follow up: After all this research and finally feeling confident in how work profiles work, I find out that my company has their work profile configured in a way that makes it not something I can use… Oh well.