How to Control Google Accounts in Work Profile and What it can backup

Steel Contributor

We currently block the use of google accounts completely in the work profiles (all 3 Android Enrollment types).  We do setup google accounts in chrome using the user's O365 email addresses (so if the Employee leaves, we can change the google password by sending a forgot password to the email).


The issue we have is some Google Apps and Services require a Google Account and would be nice to sync the Chrome favourites and passwords to the mobile devices.


  1. If we do allow google accounts, can we prevent them from adding any personal google accounts ie only allowing our email addresses?
  2. Can we prevent the backups to just things we approve of in InTune (for eample, only backup SMS and Phone Log but nothing else)?
  3. Is there a better way to do this?  Is there a way to control or "integrate" google business accounts (which we don't have setup or use) with Azure/InTune so if an Employee leaves, we can disable their google account?
  4. We have the same issue with Samsung devices where we can block the additional of Google Accounts completely but they can still create and add a personal Samsung Account thus locking us out of the phone and letting them backup data from the device.
1 Reply
Hi @luvsql,

I'm very interested in this use case. Did you ever manage to implement it?