Hi All,

I’m looking for advice on how to efficiently manage a single device for both work and personal use, without compromising security. My goal is to have a work environment on a secured, TPM-encrypted, and Intune-managed device, while also having a separate personal space for gaming and other activities that won’t interfere with the work environment.
Here’s what I’m considering:
Dual Boot Setup: My idea is to dual boot the device, with one drive/partition dedicated to a work Windows instance and another for personal use. This would allow me to reboot and switch to a personal Windows instance where I have local admin rights and can install games, etc.
However, I’m unsure how well this setup would work with Intune/Autopilot. My main concern is whether dual booting would undermine the security measures in place for the work environment. In theory, even if both instances share the same hardware and TPM, the personal instance shouldn’t have access to the work data, correct?
I’m not a fan of the BYOD (Bring Your Own Device) approach and prefer the control of a fully corporate-owned device. But I want to ensure that dual booting won’t compromise the security protocols.
Does anyone have experience with this setup or suggestions for a better solution? Any insights would be greatly appreciated!
    Replied by Dallan Reilly

    Use AVD or Cloud PC for work setup and the existing physical device you have for personal stuff and the device you can use to access either of the above for work stuff, possibly a bit overkill but gets you what you want.

    Replied by Kasper Sven Mozart Johansen

    Dallan Reilly …or the other way around, with a Shadow tech cloud gamer machine

