My company just started requiring Microsoft Intune Company Portal app to use Teams and Outlook. From a friend in IT infosec at another company said the app can push apps, require certain settings, password requirements, or OSs, and can see a lot of stuff on your phone. I don’t think this level of intrusion into my personal phone is warranted or ethical. Be warned. I’m just going to uninstall and suffer the internal political consequences.
We disabled the microsoft store on our public machines. The reason is simple. The microsoft store install programs that require local admin. Microsoft sales div bypasses security for money and after a while it was easier to get rid of them.