Microsoft Intune Reviews

I would describe my use cases for Microsoft Intune as centralized management of endpoints. I use it for centralized security, mobile device management, mobile application management, and compliance purposes. My primary focus is on general security posture, mobile device management, mobile device policies, endpoint policies, and compliance policies.

I use Microsoft Intune to manage my Windows and Linux servers, and to push applications to users' devices, whether Windows, iOS, Android, or other platforms.

Regarding securing hybrid work and protecting data on company devices, Microsoft Intune does a good job. We have options for mobile device management and mobile application management (MAM). With MAM, you can target applications themselves. For example, if a staff member brings their own device, you can target policies towards Outlook, Excel, Teams, and other company applications only. You can prevent copying and pasting, disable screenshots, and control other functions.

You can also manage the device, but you will get pushback from people with personal devices who do not want to be monitored, tracked, or have their devices managed. In those cases, they opt in for MAM. Microsoft Intune does a good job with BYOD (bring your own device) scenarios.

What I appreciate most about Microsoft Intune is that I prefer it because it is cloud-based. The alternative was SCCM, and Microsoft is gradually transitioning from SCCM to Microsoft Intune. The product was previously named Endpoint Manager, but they changed it back to Microsoft Intune.

What I value most about Microsoft Intune is that it is a cloud-native tool and is embedded into Premium at a reasonable cost. Because it is cloud-native and readily available to users, I prefer it. There are other fantastic features, but what stands out to me is that it is a SaaS solution that manages physical devices.

I have been using Microsoft Intune for eight years throughout my career.

Regarding what I dislike about Microsoft Intune and its downsides, I would say that more Mac controls are needed because we have limited Mac and Linux control. When comparing controls and policies between Windows, Mac, and Linux, Windows has almost everything you can think of, while Mac and Linux have limited types of control. You cannot implement certain things on Mac and Linux that you can on Windows. The limited controls are a major issue.

Additionally, if Microsoft could find a way to embed servers into Microsoft Intune, that would be beneficial. Microsoft Intune is not really designed for servers or Windows servers. It is more tailored towards Windows 11 and Windows 10 operating systems. Windows servers are not fully supported. Enterprise organizations usually have both servers and endpoints, which are users' workstations.

For servers, most people look for other solutions such as SCCM, which is Configuration Manager. However, SCCM is what Microsoft Intune is trying to replace. Both SCCM and Microsoft Intune belong to Microsoft. Microsoft is trying to transition organizations into Microsoft Intune, the native cloud solution. However, because this update is still in process, servers are not fully compatible with Microsoft Intune and cannot be managed by it.

The current policy that has emerged from issues with clients is what they call co-management, which is relatively new, and I do not know if adoption is significant. Many legacy or older customers who have been using these products for decades still have SCCM. When it is time for them to manage their Windows devices, they use what is called cloud attach. Cloud attach is a term whereby your SCCM is connected to your Microsoft Intune. Most people do not know about it, but I have deployed it for several organizations. Cloud attach and co-management work together so that your device is in SCCM, but some policies are pushed from Microsoft Intune. It is like two different solutions working hand in hand. That is what they call co-management.

Microsoft Intune does not bring all of your endpoint and security management tools into one place, which is the goal and how it should be. However, as I mentioned, servers are not included. If we talk about end users, Microsoft Intune does bring all your devices together. In a typical enterprise environment, you have end users with workstations, laptops, company-issued phones, and bring your own devices. You can create policies for all of these. However, for the backend, your servers do not have much coverage. Servers are not really covered by Microsoft Intune in that way.

I have been using Microsoft Intune for eight years.

Regarding the stability of Microsoft Intune, I have not really seen any significant lagging, crashing, or downtime. Lagging sometimes occurs, which might be a result of your own system, such as your computer that you are using to connect. The lag might not be from Microsoft's end, but I have seen instances where it lags and takes some time to load. However, this is a one-off occurrence. It can be your system or your laptop itself, and perhaps your laptop needs a restart. Sometimes it might actually be Microsoft Intune. The cause varies. I have also seen lagging with clients, but I would say it is one-off and not every time. It is normal because there are different factors that make things like that happen.

Regarding scalability, Microsoft Intune is very scalable. You can scale it, and Microsoft keeps releasing new policies, new solutions, and new features. You simply need to apply policies to security groups and deploy at scale to bulk devices, such as a thousand devices. Microsoft Intune is pretty much scalable.

I have contacted the technical support or customer support of Microsoft Intune, but not recently. One thing about Microsoft is that their solutions are always evolving, and they keep changing and updating things. In the past, I contacted them a couple of times, not recently, due to issues such as stale devices not deleting properly. I contacted them in the past, but now it is more stable and they keep releasing new updates. The last time I contacted Microsoft Intune support was five or six years ago.

I have tried using alternatives to Microsoft Intune in the past. I tried Jamf, which is for iOS, but I did not really prefer it. The good thing is that Microsoft Intune can collaborate or co-manage with other applications. I have also tried ManageEngine in the past. It has been a long time, and I cannot really remember what I did with it. However, I prefer Microsoft Intune because most organizations at the beginner to standard levels of enterprises use either Microsoft 365 Standard license or Premium. When a user uses Premium, Microsoft Intune comes with the whole package as a suite. Microsoft Intune can also be bought as an add-on, and there are different Microsoft Intune licenses. I prefer Microsoft Intune over most other mobile device management solutions.

The initial deployment with Microsoft Intune is easy because there are always guides and learn more resources. In each section, if you are new to something, you can click learn more and read about it. The Microsoft Learn documentation helps a lot. I have deployed what they call Cloud PKI, which is authentication with cloud certificates. Rather than using your password, this is what they call passwordless authentication, and it is also phishing-proof and phishing-resistant. It is a strong form of authentication. Cloud PKI replaces the on-premise infrastructure itself. Although it is kind of complex, the steps and guides within Microsoft Intune made it possible for me to deploy it for different clients. Cloud PKI issues certificates to devices and users, and you log in with just your certificate. Once you attempt to log in, it prompts your certificate, and you select the certificate to log in. I learned a lot from the learn more resources, the guides, and the information with circles where you can learn more and read additional details. The deployment process is fine and nice.

Regarding the pricing for Microsoft Intune, I would say it varies and depends on company budget. The pricing is okay. I would say it could be fantastic, but it is okay. Microsoft 365 Business Premium is the best option for most customers. If you have E5 or E3 Microsoft licenses, Microsoft Business Premium, you get Microsoft Intune. Microsoft Intune itself is also a security stack because it has a lot of features. Additionally, Microsoft offers Microsoft Intune as a standalone license. Microsoft has broken down Microsoft Intune licensing into different types. The Microsoft Intune that comes with Microsoft Business Premium is the full version, but Microsoft now offers Microsoft Intune standalone licenses. You have several types available, such as Microsoft Intune for device and Microsoft Intune as a suite. The pricing is okay.

Regarding examples of how I use Microsoft Copilot in Microsoft Intune, I can say that Copilot is integrated into the platform. In Microsoft Intune, there is what they call Microsoft Security Copilot. I have deployed it to my own organization and to different clients as well, and I have trained individuals on Security Copilot.

There are what they call the embedded experience and what they call the standalone experience for Security Copilot. In the embedded experience, when you go to Microsoft Intune and click on a device, you can see the Copilot icon, which is Security Copilot. This is an embedded experience. You can use it to filter for conflicting policies and non-compliance issues. It is good for getting a summary and report. You can use it to get reports by filtering. There is what they call guided response and normal response. Guided response is the one where it is preset or predefined questions. When you select an instance, such as a device, it gives you a summary and then tells you about follow-up questions. You can compare policies and check if a device policy is missing something. You can use it for summary, use it to compare, and use it to find information faster.

It is very good when you have a lot of devices because most of the information you get from Security Copilot is already available for you to see, but it might take a lot of manual process to figure out. With Security Copilot, you can interact with a standalone page. With Microsoft Intune's embedded experience, if you have a thousand devices, instead of manually checking each device for policies, conflicts, or non-compliance, you can tell Copilot to compare two devices because if device A has 50 policies and device B, you are suspecting it has 40 policies instead of 50, you can tell Security Copilot to compare them for you. Rather than doing a manual process where you put them side by side and start looking for each policy, you can tell Copilot to compare the two devices for you and tell you what is missing and what policy is conflicting. You can do a lot of investigation. There are many features with Security Copilot, including summary, comparing device policies, investigating, and finding out what is wrong with a device.

I have experience with Check Point, Azure, AWS, Google Cloud, Microsoft, Fortinet, FortiGate, IBM, IBM AlienVault, and Arcsight. I have experience with many security solutions and vendors across many sectors. My review rating for Microsoft Intune is nine out of ten.

Microsoft Intune serves as the main platform for device management and security compliance for remote and hybrid users. Most of our employees are using company laptops and mobile devices from different locations, so we need a centralized way to manage everything without physically touching the device. One practical example is during onboarding. Earlier, the IT team had to manually configure laptops, install applications, and apply security settings, which used to take a lot of time. With Microsoft Intune and Autopilot, we automate most of the process. Once the employees log in with their company credentials, the required apps, VPN settings, compliance policy, and security configuration are published automatically. At the same time, there are still some real-world challenges. For example, policy sync delays sometimes happen on slower internet connections, and managing personal BYOD devices is a bit tricky because users are concerned about privacy.

Microsoft Intune is really helpful in application deployment and compliance monitoring. We use it to push security updates, Microsoft 365 apps, and a few internal business applications remotely. It reduces a lot of manual effort for the IT team, especially after hybrid work becomes common. Another useful scenario is conditional access integration with Microsoft Entra ID. We can restrict access to company resources if a device is not compliant, for example, if BitLocker is disabled or the OS version is outdated. From a security perspective, that helps quite a lot.

One of the best features of Microsoft Intune for me is definitely Windows Autopilot integrated with Microsoft Intune. It saves a huge amount of time during device onboarding. Instead of manually configuring laptops, we can ship devices directly to users, and most settings, applications, and security policies are applied automatically after login. For companies with remote or hybrid employees, that is a big advantage. Another feature I find really valuable is compliance policy and conditional access. It helps improve security without fully depending on users to follow policies manually. For example, if a device is outdated, non-compliant, or missing encryption, access to company apps can be restricted automatically. That becomes especially important with work-from-home environments and BYOD scenarios.

Microsoft Intune has a pretty positive impact overall, especially in terms of device management efficiency and supporting remote work. Before Microsoft Intune, many tasks including device setup, software installation, and policy updates were handled manually by the IT team, which took a lot of time and coordination. After implementation, a big part of that became automated. One noticeable improvement is onboarding time for new employees. With Autopilot and pre-configured policies, device setup became much faster. What earlier could take a few hours of manual configuration is reduced to a mostly automated setup, so users can start working much quicker. Compliance monitoring improves significantly. We have better visibility into device health, encryption status, antivirus compliance, and operating system updates from a centralized dashboard. Conditional access policy also helps reduce risk by blocking non-compliant devices from accessing company resources.

One thing I feel Microsoft Intune could improve is troubleshooting visibility. In many cases, when a policy or application deployment fails, the error messages are a bit generic. So, admins still spend time checking logs manually or testing on devices one by one. Compared to the simplicity of deployment, troubleshooting sometimes feels less mature. I also think reporting and real-time monitoring could be stronger. The dashboard gives useful information, but in large environments, many teams still depend on additional tools or scripts for deeper reporting and analytics.

If I had to focus on one area first, I would probably choose troubleshooting and reporting. Deployment through Microsoft Intune is generally straightforward, but when something fails, identifying the exact root cause can still take more time than expected. Error messages are sometimes too generic, and admins often have to dig through logs, sync status, or multiple portals to understand what actually happened.

I think user experience and policy management could also improve further. Microsoft Intune has become much better over the years, but sometimes the admin portal still feels fragmented because certain configurations open in different sections or redirect to older interfaces. For new admins, especially, it can take time to understand where everything is located. Another thing is policy conflict handling. In larger organizations, multiple device policies, compliance rules, and configuration profiles can overlap. When conflicts happen, the visibility is not always very clear, so admins spend time figuring out which policy actually won or caused the issue.

I have been working for the last six years in my current field.

Regarding stability, I would say Microsoft Intune is generally stable for day-to-day operations, especially for standard Windows management scenarios. Once policies and configurations are properly tested, it handles large-scale device management reasonably well. Industry reviews also rate it positively overall. But in real-world environments, there are definitely some inconsistencies. For example, policy sync delays, delayed app deployment, or reporting mismatches do happen occasionally. One common industry complaint is that changes are not always reflected immediately, especially in a cloud-managed environment.

In terms of scalability, I would say Microsoft Intune scales quite well, especially for organizations moving toward a cloud-first or hybrid environment. One of its biggest strengths is that you can manage a growing number of devices and users without needing to expand on-premise infrastructure significantly. As the organization grows, adding new users, remote devices, and security policies becomes much easier compared to traditional management methods. The automation capabilities also help with scalability. However, as environments become larger or more complex, some challenges become more visible. Reporting delays, policy conflicts, and troubleshooting across thousands of devices can still be time-consuming. Many admins also mention that sync speeds and real-time device actions can sometimes feel inconsistent at scale.

Regarding customer support, my experience is mixed. There are times when support engineers are knowledgeable and genuinely helpful, especially for standard configuration issues. But for more complex or environment-specific problems, resolution can take longer than expected. One thing that stands out is that the support quality sometimes depends heavily on the engineer handling the case. In some situations, we have to repeat troubleshooting steps multiple times or provide the same logs again after an escalation.

I would rate the customer support around seven out of ten overall for Microsoft Intune. The reason I would rate it lower is mainly because the experience can be inconsistent depending on the complexity of the issue and the support engineer assigned to the case. For basic configuration or licensing issues, support is usually decent and responsive. But for deeper troubleshooting including policy conflicts, sync inconsistencies, or complex hybrid environment issues, resolution sometimes takes longer than expected.

Before moving more toward Microsoft Intune, the environment relied more on traditional on-premise management tools and manual processes. In many areas, tools including on-premise Active Directory policies and older endpoint management approaches were being used, which worked fine when most employees were working from the office. The main reason for switching is the shift toward remote and hybrid work. Managing devices through VPN-dependent or office network-based infrastructure becomes difficult once users start working from different locations. Microsoft Intune gives a more centralized, cloud-based approach where devices can be managed, secured, and monitored over the internet without depending heavily on on-premise connectivity.

My main advice would be to plan the implementation properly instead of treating Microsoft Intune as just a tool that can be enabled overnight. Technically, deployment is straightforward, but the bigger challenge is designing policies, security rules, application deployment strategies, and user experience in a way that does not create operational issues later. I would also recommend starting with a pilot group before rolling policies out company-wide. In a real environment, even small configuration mistakes can impact many users quickly, especially with compliance policies or conditional access. Testing with a smaller group helps identify policy conflicts, legacy application issues, or user impact scenarios early.

The organization's relationship with Microsoft is mainly as a customer and technology user. We are using Microsoft products and services as a part of the company's infrastructure but are not operating as a reseller or an implementation partner.

Overall, we do see a positive return on investment with Microsoft Intune, mainly through time-saving, reduced manual work, and better remote management capabilities. I do not have exact finance-level ROI reports, but from an operational perspective, onboarding effort is reduced quite a bit. Device provisioning that earlier required hands-on IT setup is reduced by roughly fifty to sixty percent after implementing Autopilot and automated policy deployment. That saves a lot of technician hours during employee onboarding and device refresh cycles.

We also notice fewer repetitive support tickets related to software installation, VPN setup, compliance checks, and password or device access issues. Roughly speaking, endpoint management-related tickets reduce around twenty-five to thirty percent over time because devices become more standardized and centrally managed. Microsoft also highlights reduced support tickets and operational efficiency as one of the platform's benefits. Another ROI area is remote support. Earlier, resolving issues from remote employees often required long remote sessions or even shipping devices back to IT. With Microsoft Intune, many updates, app deployments, and compliance fixes can be handled centrally, which reduces downtime and improves response time for users.

My experience with pricing and licensing for Microsoft Intune is mixed. If a company is already heavily invested in the Microsoft ecosystem with Microsoft 365 E3 or E5 licenses, then Microsoft Intune feels cost-effective because a lot of the core functionality is already included in those bundles. But the complexity starts when organizations need advanced features or add-ons. Features including remote help, endpoint privilege management, or advanced analytics often require extra licensing. So the overall cost can increase faster than expected in a larger environment. From a setup cost perspective, the cloud deployment itself is not very expensive compared to maintaining traditional on-prem infrastructure.

The bigger investment is actually time and the planning. Things including policy design, testing, migration from legacy tools, user communication, and handling hybrid environments are crucial. Many companies underestimate that part initially. Licensing is probably one of the more confusing areas. Microsoft has multiple plans including Microsoft Intune Plan 1, Plan 2, Enterprise Mobility and Security, Microsoft 365 bundles, device-only licenses, and the Microsoft Intune Suite. So understanding exactly what is included for different users or devices can take time. One practical challenge I notice in the industry is that organizations sometimes buy higher-tier licenses without fully utilizing all the included features, while others try to minimize licensing costs and later realize they are missing important security or management capabilities.

Before finalizing on Microsoft Intune, we do evaluate a few other endpoint management solutions, mainly VMware Workspace ONE and ManageEngine Endpoint Central. In some discussions, SCCM or MECM is also considered because many organizations are already familiar with it for traditional device management. The reason Microsoft Intune is preferred is mainly because of its integration with the Microsoft ecosystem. Since we are already using Microsoft 365, Entra ID, Teams, and other Microsoft security tools, Microsoft Intune fits more naturally into the environment.

Another important thing is to keep the environment as clean and standardized as possible. Organizations with too many old applications, unmanaged devices, or mixed management methods usually face a more difficult migration experience. Microsoft Intune works best when there is a clear modernization strategy behind it. Overall, I would recommend Microsoft Intune, especially for hybrid and remote work environments, but success depends a lot on planning, testing, and governance rather than just the product itself. My overall review rating for Microsoft Intune is eight out of ten.

My main use case for Microsoft Intune is managing and securing devices across the organization, especially for Windows laptops and mobile devices. I typically use it for device enrollment, applying security policies, managing applications, and ensuring compliance. For example, I use Microsoft Intune to automatically enroll new laptops using Autopilot and apply security baselines such as BitLocker and antivirus policies, while pushing required applications such as Office. This helps ensure every device is secure and ready for use from day one without manual setup.

Apart from the core device management, I also use Microsoft Intune for monitoring device compliance and generating reports to track security postures. On a day-to-day basis, I handle patch management through update rings, troubleshoot device sync or policy issues, and manage access using conditional access policies integrated with Azure AD. I also use it to remotely wipe or reset a device if they are lost or not compliant.

Microsoft Intune has had a very positive impact on our organization, especially in terms of security and efficiency. It has streamlined device provisioning with Autopilot, so new devices are ready to use much faster without manual setup. We have also seen better compliance and security posture because policies such as encryption, antivirus, and access controls are enforced consistently. Another key improvement is remote management, as we can manage, troubleshoot, or wipe devices from anywhere, which is very useful for a remote or hybrid workforce. Overall, it has reduced manual effort for the IT team and improved the end-user experience.

One of the best features of Microsoft Intune is its centralized device management. I can manage Windows, iOS, and Android devices all from a single console, which makes operation much easier and more efficient. Another standout feature is policy automation. Once I configure security or compliance policies, they get automatically applied to devices, which saves a lot of manual effort and ensures consistency across the environment. I also value the integration with Azure AD and conditional access. It allows me to control access based on a device's compliance, which adds a strong security layer without affecting user productivity. Features such as app deployment and remote actions such as wipes or resets are very useful in day-to-day work, helping me quickly manage apps and secure devices if something goes wrong, especially in lost or non-compliant device scenarios.

One underrated feature of Microsoft Intune is its reporting and troubleshooting capability. The built-in reports and endpoint analytics really help in identifying device health issues and user experience problems, which is useful for proactive support. Another aspect I find valuable is the flexibility with configuration profiles and custom policies. I can fine-tune settings based on different user groups or device types, which makes it very stable across different environments. The integration with Microsoft Defender is something I think more people should use, as it adds an extra layer of security and visibility directly from the same ecosystem.

One area where Microsoft Intune can improve is the user interface. Sometimes the portal feels a bit complex and not very intuitive, especially for new users, and it can take time to find specific settings. Another point is troubleshooting. While logs are available, the diagnostic policies and sync issues can still be time-consuming and not very straightforward. I also feel that reporting could be more detailed and customizable. The built-in reports are helpful, but for deeper insights, I often need to rely on additional tools. Overall, it is a strong solution, but improving usability and troubleshooting experience would make it even better.

While Microsoft Intune works very well within the Microsoft ecosystem, the integration of some third-party tools could be smoother and require less customization. Support is another area that could improve, as sometimes response times can be slow, and resolving complex issues may take longer than expected. In terms of features, I think more advanced automation and built-in remediation options would be helpful since common issues can be fixed automatically without manual intervention.

I have been using Microsoft Intune for around two to three years in my day-to-day device management and endpoint security tasks.

Microsoft Intune is generally stable and reliable for day-to-day operations. It handles device management, policy deployment, and security enforcement quite consistently at scale. The industry gives it a user rating of around 4.2 out of 5, which reflects a good level of stability and user satisfaction. Since it is a cloud-based solution, there can sometimes be delays in policy applications or device syncs, especially compared to on-premises solutions. However, it is stable enough for enterprise use and continues to improve over time.

Microsoft Intune scales very well in our experience. Since it is a cloud-based solution built on Microsoft infrastructure, it can handle a growing number of devices and users without requiring additional setup from our side. We have been able to add more users and devices without any major performance issues. Microsoft designs Microsoft Intune to manage and secure endpoints at scale across different platforms and environments, which supports growth easily. In real-world scenarios, organizations are managing tens of thousands of devices using Microsoft Intune, and it still performs efficiently due to automation and centralized management. In our case, as the organization grew, we did not need to increase infrastructure or significantly expand the IT team. Microsoft Intune handles growth smoothly, especially with the automated policies and cloud-based provisioning. Overall, scalability is one of its strong points, as it handles growth very efficiently.

My experience with Microsoft Intune support has been mixed overall. When I receive support from the right support engineer, they are knowledgeable and can help resolve issues efficiently. The support portal is well-integrated, and I can raise a ticket directly from the admin center with options for phone or email support. However, in practice, response times and quality can vary. Initial responses are sometimes quick, but resolving complex issues can take time and require multiple follow-ups, which is something many users also mention. Support is helpful in some cases, but inconsistent in speed and expertise. For critical issues, escalation or higher support plans work better, but for normal tickets, it can be a bit slow. Overall, the support is decent, but not always consistent, and there is definitely room for improvement in response time and first-level troubleshooting.

Earlier, we were using a mix of on-premises tools such as traditional Active Directory and basic device management solutions. We switched to Microsoft Intune mainly to move toward a cloud-based approach. Microsoft Intune gave us better flexibility for managing remote and hybrid users along with centralized control from a single platform. It also improved security with the built-in compliance policies and better integration with Azure AD, which made overall management more efficient.

From a pricing perspective, the baseline plan is reasonably priced at around $665 per user per month for Plan One, and it covers most core device management needs.

We have seen a clear return on investment with Microsoft Intune, both in terms of time saved and operational efficiency. For example, device provisioning and setup time has reduced significantly, which directly saves IT effort. Due to automation and centralized management, we have seen roughly around 10% or more time saving for the IT admins on routine tasks. We have also reduced our dependency on multiple tools, which helps in lowering overall cost and simplifying management. In some real-world cases, organizations have even reported over 180% ROI after adopting Microsoft Intune due to cost savings and productivity improvements. From our side, one practical impact is that we are able to manage more devices without increasing team size, and there has been a noticeable drop in some support tickets related to device setup and compliance. Overall, it has helped us reduce operational costs and improve team productivity without needing additional resources.

Since it is a cloud-based solution, there was no major infrastructure investment. The main effort was in planning, configuration, and policy setup.

We did evaluate a few other options before choosing Microsoft Intune, mainly traditional on-premises solutions such as SCCM and some third-party MDM tools, but we decided to go with Microsoft Intune because of its cloud capability and strong integration with the Microsoft ecosystem.

My advice would be to first clearly understand your requirements and how Microsoft Intune fits into your overall environment, especially if you are already using Microsoft 365. Start with a proper planning phase, define your device enrollment strategy, compliance policies, and security baselines before rolling it out. It really helps to begin with a pilot group to test configurations and avoid issues at scale. Take time to understand licensing models, as it can get confusing with different plans and add-ons. Make full use of automation features such as Autopilot and policy assignment, as if implemented properly, Microsoft Intune can significantly reduce manual work and improve security and user experience. I would rate this solution an 8 out of 10 overall.

I introduce myself as Abhishek, a Cloud Engineer, and I work in a company named Infowan Technical Solutions Private Limited.

One specific example of how I use Microsoft Intune for device management in my day-to-day work is when I had to ensure all laptops had BitLocker enabled before they could access company emails and SharePoint. I created a compliance policy in Microsoft Intune that checks for BitLocker encryption and then tied that to a Conditional Access policy in Azure AD. If a device came back non-compliant, it automatically got blocked from accessing those resources until the issue was fixed. There were a few devices that kept showing non-compliant even after BitLocker was on. It turned out the encryption status just was not reporting correctly. I had to dig into the device logs and force a sync to get it to reflect properly. On the app deployment side, we needed to push Microsoft Teams to a batch of new joiners. I set it up as a required app in Microsoft Intune, targeted to a specific Azure AD group, so the moment their device enrolled, it automatically started installing without anyone having to do it manually. Those are the types of things I am dealing with fairly regularly.

I have a couple of additional things to add about my main use case with Microsoft Intune that really made life easier. One aspect is using Microsoft Intune to push security baselines instead of manually configuring settings on each machine. We just applied a baseline policy, and it rolled out consistently across all devices. This approach saved a lot of time and reduced human error.

Now everything is in one place, and I can see the status of every device clearly. Compliance-wise, it made a noticeable difference; once we had the policies in place and tied them to Conditional Access, the number of non-compliant devices dropped quite a bit. People could not ignore updates or security requirements anymore because it directly affects their access. Onboarding also got a lot smoother as new joiners receive their devices with apps already pushing through automatically. No one has to sit and manually install everything, which saved our team a fair amount of time, especially during busy hiring periods. Overall, it brought more structure and accountability to how we manage devices, resulting in steady, consistent improvements that add up over time.

From my experience, the best features Microsoft Intune offers include the compliance policy combination with Conditional Access. This combination is really powerful. I can basically say that if a device does not meet these requirements, it does not get in. It takes a lot of manual gatekeeping off my plate. Remote wipe is another big feature, especially for lost or stolen devices. Knowing I can wipe a machine remotely gives me and the business a lot of peace of mind. We use it, and it works pretty seamlessly. App deployment and management are also really solid. Being able to push required apps silently to the device without user involvement saves so much time, especially when I am onboarding a batch of new users.

I would like to add a couple of things regarding Microsoft Intune's features. The integration with Azure AD and the rest of the Microsoft ecosystem is really seamless. Everything just connects together, which makes managing things a lot simpler. The reporting is decent; it gives a good overview of device compliance and app status. Although it may not be the most detailed, it is good enough for day-to-day monitoring.

However, one thing I wish was better is the troubleshooting side. Sometimes when a policy is not applying or a device is showing non-compliant, the error messages are not very clear. I end up spending more time than I would prefer figuring out what actually went wrong. But overall, Microsoft Intune does the job well for what we need it for.

There are a few ways Microsoft Intune can be improved. The most significant issue I encounter is troubleshooting when a policy is not applying or a device is showing non-compliant. The error messages can be pretty vague, which makes it necessary for me to dig around and piece things together myself. Clearer error messages would make a big difference. Reporting is decent, but it could go deeper. Sometimes I want more granular details or may want to build a custom report, and the built-in options feel a bit limited. This often requires exporting data or using external tools to get what I need. The interface can also feel a bit overwhelming, especially when I am newer to it; there is a lot going on, and things are not always where I expect them to be. A cleaner, more intuitive layout would help. Additionally, sometimes policy changes take a while to reflect on devices, causing delays after updates are made. For urgent changes, that delay can be a bit frustrating. But these are more friction points than deal-breakers; the core functionality is strong, and it is still a tool I would recommend without hesitation.

I introduce myself as Abhishek, a Cloud Engineer, and I work in a company named Infowan Technical Solutions Private Limited.

The initial setup and onboarding process for Microsoft Intune was honestly a bit of a learning curve. It was not super difficult, but it definitely was not plug-and-play either, especially if I am doing it fresh. The Azure AD integration side is fairly straightforward since we already had that in place. Connecting Microsoft Intune to it and getting the basic enrollment working does not take too long. However, once I start into compliance policies, Conditional Access rules, and configuration profiles, that is where it gets more layered, and I must really understand how everything ties together. Device enrollment becomes the first real challenge; getting different device types—Windows laptops, Android, and iOS phones—all enrolling correctly can take some back and forth. Each platform has its own quirks, leading to a few head-scratching moments early on. Thankfully, Microsoft provides good documentation, so there is ample help available. Overall, it is not the easiest process, but it is a pretty good onboarding experience from my point of view.

The performance and reliability of Microsoft Intune have been really solid in my experience. Day-to-day activities such as policy application, app deployment, and compliance checks happen in the background without major issues. Being a cloud-based service, the uptime has been consistently good, and I have not experienced significant downtime that impacted my work to date.

Microsoft Intune's scalability is honestly one of its strongest points. Being fully cloud-based means I do not have to worry about infrastructure as the organization grows. There is no need to purchase extra servers or fret about capacity; it naturally scales with me. Adding new devices and users is straightforward; I simply add them to the appropriate Azure AD groups, and everything—policies, apps, compliance rules—automatically applies to them. No major reconfiguration is needed as numbers grow. During hiring periods, I have added devices in batches without issues. The experience for fifty devices is the same as for five, which is precisely what I want. For larger organizations, Microsoft has built-in role-based access control, enabling me to delegate management across different teams or regions without causing any mess. This structure scales really well as organizations become more complex. Overall, Microsoft Intune is genuinely built for growth, catering well to both small teams and large enterprises with the same foundation and scaling smoothly without requiring a significant overhaul. That gives me a big confidence boost when I consider long-term planning.

The initial setup and onboarding process for Microsoft Intune was honestly a bit of a learning curve. It was not super difficult, but it definitely was not plug-and-play either, especially if I am doing it fresh. The Azure AD integration side is fairly straightforward since we already had that in place. Connecting Microsoft Intune to it and getting the basic enrollment working does not take too long. However, once I start into compliance policies, Conditional Access rules, and configuration profiles, that is where it gets more layered, and I must really understand how everything ties together. Device enrollment becomes the first real challenge; getting different device types—Windows laptops, Android, and iOS phones—all enrolling correctly can take some back and forth. Each platform has its own quirks, leading to a few head-scratching moments early on. Thankfully, Microsoft provides good documentation, so there is ample help available. Overall, it is not the easiest process, but it is a pretty good onboarding experience from my point of view.

I have observed a clear return on investment with Microsoft Intune, even without doing a formal calculation. The most significant savings have come from the time spent. The amount of manual work that has been removed—whether it is app deployment, device setup for new joiners, or chasing people to fix compliance issues—adds up. My IT team is spending much less time on repetitive tasks now and can focus more on the things that truly matter. From a business confidence perspective, the improvements have been tangible.

In terms of pricing, setup cost, and licensing, Microsoft Intune is positioned for most organizations already within the Microsoft ecosystem. It comes bundled with Microsoft 365 Business Premium or enterprise plans, meaning I am not paying extra for it separately. This makes it a great value considering everything it offers. Regarding setup costs, since it is fully cloud-based, there is no hardware or infrastructure investment needed upfront. I am not purchasing servers or additional software; I simply activate it through my existing Microsoft tenant, and I am good to go. This keeps the initial costs very manageable.

Regarding the drop in non-compliant devices with Microsoft Intune, I honestly do not have exact numbers off the top of my head. We were not tracking it super formally at the start, but from what I could see in the Microsoft Intune dashboard before and after we rolled out the compliance policies properly, there was a noticeable drop. I would say roughly around thirty to forty percent fewer non-compliant devices showed up within the first couple of months. A lot of it was because people had no choice once Conditional Access was tied in; they had to sort their device out to get back in. On the onboarding side, it is hard to put an exact number on it, but before Microsoft Intune, our IT guy was spending a good chunk of time manually setting up each machine, installing applications, and configuring settings. After we got automated deployment in place, that time got cut down significantly; what used to take maybe a couple of hours per device was closer to just setting it up and letting it run on its own. The difference was noticeable enough that people on the team were commenting on it, which is usually a good sign.

With BYOD, Microsoft Intune works really in my organization. The key strategy we utilize is app protection policies, which enable us to wrap company applications like Outlook and Teams with protective policies without fully enrolling personal devices. This approach keeps company data secure while respecting the user's personal content on the device, making users much more comfortable and reducing resistance compared to full enrollment. My best practice is to maintain an app-based method instead of full device enrollment for personal devices, which has worked well. It strikes the right balance between security and user privacy. Overall, Microsoft Intune makes managing BYOD scenarios manageable without overcomplicating the process.

Managing user access and identity with Microsoft Intune integrates seamlessly with Azure AD. User identities, groups, and device assignments all flow together through Azure AD, keeping everything in sync without any extra effort. My approach is pretty straightforward; Azure AD groups drive everything in Microsoft Intune, from targeting compliance policies to pushing applications or setting up configuration profiles. When I add someone to a group, everything assigned to that group automatically applies to them, making managing access really clean and organized. The Conditional Access feature is where Microsoft Intune and Azure AD really shine together; I can set rules at the Azure AD level that specify a user can only access company resources if their device is compliant in Microsoft Intune. This combination provides strong security without a lot of manual intervention. Single sign-on works smoothly, allowing a user to authenticate once and log in across their applications and resources, simplifying the end-user experience. Overall, the Azure AD and Microsoft Intune integration is genuinely one of the strongest parts of the setup, as it feels they are built to work together—because they are. For identity and access management, it covers everything we need comfortably.

The documentation and community support for Microsoft Intune are genuinely impressive. Microsoft's official documents are quite comprehensive; most of the time, if I search for something, there is usually a detailed article or a step-by-step guide covering exactly what I need. The Microsoft Tech Community is active, and whenever I encounter a specific issue or have questions, there is almost always someone who has dealt with the same thing and shared their resolution. The community aspect is genuinely helpful, especially during specific scenarios I have faced. Platforms like Reddit and YouTube are also very useful, with a lot of Microsoft Intune content from practitioners sharing real-world experiences, which sometimes fills the gaps that official documents do not practically cover.

In terms of updates and patch management with Microsoft Intune, I find it to be pretty straightforward. For Windows devices, we use Windows Update for Business rings, setting up deployment rings so updates roll out in stages. Test groups receive the updates first, and then it is gradually pushed out to everyone else, giving me good control without much manual effort. For applications, the automatic update feature works well too. I can ensure applications remain current without relying on users to do it themselves. The process mostly runs in the background once everything is set up, which is the best part. Devices stay updated, and I am not chasing people to install patches manually. Overall, it is one of the things that works quietly in the background while ensuring my environment stays current and secure.

Microsoft Intune handles device diversity really well in my environment, honestly. The fact that it supports Windows, Mac, Android, and iOS all from one console is a big deal, as I am not jumping between different tools for different platforms, which keeps everything clean and manageable. Windows support is naturally the strongest since it is a Microsoft product. The level of control and policy management I get on Windows devices is really comprehensive. Features like BitLocker, security baselines, and configuration policies all work seamlessly. For iOS and Android, the experience has been really solid, especially for app management and app protection policies; BYOD scenarios work well on mobile, allowing me to protect company data without affecting the user's personal information, and users appreciate that. Mac support has improved significantly. Microsoft has clearly invested in enhancing it. For our use case, it covers what we need comfortably. Overall, the experience across platforms is consistent enough that managing a mixed environment does not feel complicated; everything exists in the same dashboard, with the same policies and reporting, making life a lot simpler when dealing with different devices across the organization.

I would rate Microsoft Intune as a perfect ten on a scale of one to ten.

It is not restricted to a single purpose. It involves a combination of taking control of systems and handling the configuration for clients. We have multiple projects for enhancing Microsoft 365 security for clients with multiple use cases. 

We are a consultancy. We take projects from clients and get them ready for business use.

Within a single MDM solution, Microsoft Intune provides everything. It is time-efficient and cost-effective because with a single license, we are getting multiple options.

The best feature is that it's a Microsoft product, so if anything goes wrong, we get quick support for anything required. 

Remote system functionality allows us to sit anywhere and take control of any device via remote management. We can enhance security for clients' laptops with built-in Microsoft Defender, which is available with the Microsoft Intune license.

We use it for reporting purposes through endpoint analytics. When pushing scripting, there are two types available: remediation script and reservation script. Through endpoint analytics, you can push defender policies to clients. It helps with reporting, inventory updates, and monitoring tenant status health.

There are areas for improvement. When pushing anything from Microsoft Intune, the sync timing is 48 hours. While sometimes it takes 5 to 10 minutes, the official period given by Microsoft is within 48 hours, which can be time-consuming for policies, applications, or patches.

Another issue occurs when deploying large applications of 10GB or 15GB - they sometimes crash due to network issues. Additionally, there are some security-related issues that need improvement. Microsoft will likely address these areas as product development continues.

I have been using Microsoft Intune for three years.

I would rate it an eight out of ten for stability. 

The scalability of Microsoft Intune is increasing because organizations are testing it. As a Microsoft product, it is the best-rated solution for device management globally. Organizations continue to expand their use cases of Microsoft Intune day by day.

We manage approximately 60,000 Windows devices, 10,000 Android devices, and 5,000 to 6,000 iOS devices, totaling around 80,000 to 90,000 devices.

I would rate them a ten out of ten. When we need assistance and raise a ticket, we always get good support for our issues. When anything goes wrong, we get in touch with Microsoft engineers to resolve the issues.

Positive

In the current market, there are several Mobile Device Management (MDM) solutions available. I also work with Jamf, which is particularly effective for managing Apple devices. Microsoft Intune provides excellent management capabilities for Windows and Android devices as well. The user experience is generally smooth, and users typically encounter very few issues. Overall, it's a strong solution in the market.

Microsoft Intune is unique in providing management for all operating systems, including macOS, Linux, Android, and iOS. Jamf only handles Apple ecosystems. Jamf excels in Apple ecosystem management with sync periods of one to two minutes for policies and applications, and their security and algorithms are very fast. However, for overall management of all operating systems, Microsoft Intune is the best solution, allowing management of four operating systems with a single license.

Microsoft Intune definitely saves time because we don't need to look for managing Android devices with other MDM solutions or Apple devices with Jamf.

It depends on the environment. Cloud deployment is easier because everything is hosted on the cloud. On-premises environments can be more difficult as each organization has its own setup.

In terms of maintenance, it requires patching. We do the updates before pushing them to the clients. We test on our test devices. Once we find it is okay, after one or two weeks, we deploy in phases.

Compared to other MDMs, it is cost-effective because it is included in the O365 or Microsoft 365 license. It is cheaper compared to others.

It is a partner purchase. We have a relationship with OEM.

We have the Copilot license with a Microsoft 365 E3 or E5 license, though we are not using it directly through Microsoft Intune. Everything is manual for us currently. 

Based on my experience, I would rate Microsoft Intune a nine out of ten, leaving room for improvement. We recommend it because it's the only solution for managing all operating systems. It's also user-friendly for both IT systems and users with licenses.

The main use cases are that we are using Microsoft Intune in a co-management environment. We do have SCCM also in place, but currently we are managing limited workloads shifted to Microsoft Intune, such as configuration policies, and all devices are enrolled in Microsoft Intune. The patching is still going on from the SCCM end, but we are planning to migrate the patching workload to Microsoft Intune in the near future. Application deployment is currently under plan and I'm testing some use cases. There are many add-ons Microsoft has added in the Microsoft Intune suite so that we can have multiple third-party patches. We can package applications in a quicker time as part of the plan.

Advanced endpoint analytics provides granular information about devices in Microsoft Intune, facilitating easier troubleshooting at system and application levels. 

It is a SaaS solution. Firstly, as an internal administrator, I appreciate that we don’t have to manage the entire infrastructure, which is a significant advantage. Moreover, since this is a Microsoft product, it is designed with seamless integration in mind. While it supports various platforms like macOS, Android, and even Linux, the primary users are typically on Windows systems. The brand recognition of Microsoft adds value, and because both the operating system and the solution come from Microsoft, we face fewer challenges compared to using third-party products. With third-party solutions, integration issues may arise, requiring multiple discussions with vendors or Microsoft. Having everything from Microsoft leads to a more convenient, built-in solution. Additionally, there are numerous advantages related to patch management and setting maintenance windows.

Another noteworthy point is that Microsoft frequently introduces new features. It’s impressive that updates and service releases occur almost every month, providing useful enhancements for both the company and the overall Intune administration experience. This consistent flow of new features ultimately benefits our organization.

The introduction of Copilot is one of the latest enhancements, although it has been in public preview for quite some time. Another noteworthy advancement is the Autopilot device preparation policy. The latest version of this policy has reduced many burdens since the management is now cloud-based, eliminating the need for hardware hashes. Devices no longer need to be registered for Autopilot or have their hardware hashes uploaded in this new environment.

Additionally, there have been numerous improvements in Windows 365, including advancements in cloud PCs and provisioning policies. Microsoft has also introduced automatic device preparation policies for Windows 365. Furthermore, Intune continues to receive many enhancements. For instance, TPM support has been added, which aligns with approved concepts. Though the Copilot integration is not functioning as expected at the moment, Microsoft is still actively working on its development, as communicated to me. Lastly, I also wanted to mention the Local Administrator Password Solution (LAPS) as an important capability that is being improved.

The user experience of Microsoft Intune is excellent because it's a SaaS solution altogether. There is no need to take a burden of the infrastructure part because everything is Microsoft controlled and it's a good solution for endpoints. It's performing exceptionally at present.

Configuration profiles or policies function very well. We can accomplish a lot with the configuration profile itself, instead of opting for other packaging methods or on-prem GPO group policies. Everything can be managed through the background, but it’s all accessible within the settings catalog. The settings catalog in the configuration profile is a much better alternative than going for the administrative template and creating everything from scratch. The settings catalog is doing an excellent job in this regard.

I have been closely observing these products and regularly testing their functionality in my test environment. I provide feedback to Microsoft based on my observations. Additionally, I write blogs and conduct training sessions for my colleagues and other candidates. If I were to pinpoint an area for improvement, I would highlight reporting issues. Back in 2020, there were significant problems with report accuracy, particularly regarding web patching. However, Microsoft has made substantial improvements in the reporting for Windows Update for Business and has added various advantages.

We hope for greater flexibility and advancement. We appreciate the introduction of functionalities like Copilot, the Intune enterprise app catalog, and analytics features such as remote help, but there are concepts like hot patching that we believe could enhance the overall experience.

I have been using Microsoft Intune for over seven years, starting with SCCM and then moving to the SaaS solution.

There have not been any significant stability and reliability issues with Microsoft Intune.

Microsoft Intune definitely scales up when it comes to integration and development requirements. It is reliable with the features currently available. 

Looking forward to the next 10 years, there should be substantial development available in the portal or the Microsoft Intune admin center to be more helpful for organizations. With additions such as Copilot and based on feedback from users, MVPs, and tech enthusiasts, the product continues to develop in ways that make it more useful for companies, users, and admins.

I would rate the technical support of Microsoft a nine out of ten. While I haven't faced many issues in the enterprise environment, the overall support I received for cases raised in my personal tenant has been satisfactory. They responded and provided the expected feedback, even though it was free of cost.

Positive

We have also been using SCCM. We do have functionalities, such as the Cloud Management Gateway (CMG) in SCCM, but as technology continues to evolve, we need to gradually shift towards Intune. I believe this will be more feasible for future requirements. If we don’t make this move now, in one to two years, or perhaps within five years, it will be essential to transition at least your endpoint devices to Intune.

We did not have any challenges because we already had SCCM in place, which is functioning effectively in our environment. It is like a parallel migration. Currently, all devices are co-managed, and since they are in a common space, we haven't encountered many complications. However, it would be beneficial if Microsoft could introduce more flexibility in this area, such as enabling the bulk enrollment of all devices at once. That would be great.

The deployment process is streamlined, requiring only a few clicks for installation, with most settings pre-configured. If an application isn't available in the enterprise app catalog, requests can be made to Microsoft for pre-packaging.

From an Intune perspective, I haven't faced much difficulty with enrollment or onboarding devices. Given that we already have a management tool in place and it’s working as expected, there’s been no disruption to business operations. Overall, I would say the process has been quite smooth.

Regarding cost effectiveness from the Microsoft Intune product, there is definite value. With an enterprise license for Windows 10 or 11, we have the capability to incorporate those features into Microsoft Intune without requiring an additional license for management. This represents a significant benefit.

While Microsoft products can be expensive, they offer valuable functionality. With Microsoft Intune Suite license or standalone license for enterprise app catalog, there are predefined third-party apps available that are pre-packaged. The enterprise app catalog, though license-based, provides numerous third-party applications with auto-update options. Ivanti brings significant capabilities in third-party application updates and patching.

Comparing Microsoft Intune with products such as Jamf and Ivanti solutions, there are distinct differences. For third-party patching, Ivanti is particularly helpful. 

Copilot recently moved to general availability and Microsoft is expecting substantial user feedback. While it requires an additional security Copilot license which can be expensive for enterprise environments, it offers capabilities such as compliance checking and application installation on multiple devices with simplified query creation.

Regarding enterprise application management, the enterprise app catalog environment includes both Microsoft-owned and pre-packaged third-party applications. 

It’s a feasible solution. If you already have many endpoint devices, this solution is particularly suited and is not dedicated solely to servers. If you have servers, you can leverage the existing SCCM solution and any other solutions already in place. The biggest advantage is that you can still manage your workload with co- management. You can start with the co-management scenario. Gradually, you can move your workloads and do enrollment. First, enroll the devices into Intune, and then slowly transition your workload based on the specific scenarios or test cases you've evaluated.

Since the pandemic in 2020, many devices are now mobile, and most companies are operating in a hybrid environment, with some even functioning entirely remotely. In these cases, it's challenging to bring devices, like laptops—which are essentially mobile devices—into the organization's office to connect to the internet and receive the necessary policies.

Based on my experience, I would rate Microsoft Intune a nine out of ten because many of the latest add-ons are being incorporated. However, I'm not giving it a perfect ten because there are still areas that need improvement. We are also expecting some additional features. While the current capabilities in Intune are good, we hope for greater flexibility and advancement. If these improvements and features are implemented, it could become a completely reliable solution—something close to a perfect ten—for both end users and organizations.

The usual use cases for Microsoft Intune are basically mobile device management, which is the tool that was basically made for this purpose. This includes conditional access policies, compliance policies to be configured, and different kinds of configuration settings to be configured. I consider Microsoft Intune to be the replacement for GPO or Group Policy Objects which are primarily available on on-premises Active Directory solutions. Microsoft Intune is like a cloud GPO where any organizations nowadays using Azure AD as their primary Active Directory can benefit.

I am mostly an end user of Microsoft Intune. I am basically a SOC engineer or SOC analyst who works with an MSSP. We provide security services to other organizations where we configure and administer those tools and even as an analyst we monitor them.

The feature that we can deploy policies and configuration settings and it will be applied to every user who is connected to it around the world just with an internet connection is very good. Secondly, a feature I am very fond of is the Autopilot feature, which is basically zero-touch deployment for any new devices. You just onboard a hash and you deploy a device and you can give it to the end user. Once they log in, Autopilot will do its thing and automatically push all the policies that are needed to be pushed.

User experience for Microsoft Intune is quite good for administrators and security readers. It is a bit complex for navigating, but if you understand it properly, it is a very powerful tool. This covers multiple types of devices. I have covered devices that are on-premises or physical devices that people use, whether they are servers or laptops. I have deployed Microsoft Intune on cloud servers, but this is an MDM solution which is more useful towards end users rather than end servers. All the employees who are using a company device, whether it is a phone or a Windows laptop or a Mac laptop, I have configured policies for it and it is working well.

I use Microsoft Intune's Enterprise Application Management features. I have deployed a few applications which need data from Microsoft Azure AD.

Enterprise Application Management has made my life easier where I need to push updates to the applications. I have used it in a very large enterprise where I cannot trust the internet to download and get any random applications. I also want to make my users' lives easier and not ask for admin privilege every time they want to install something or update something. Enterprise Application Management has made my life easier to just upload and manage the approved software list. I use app discovery from Microsoft to discover whatever applications are in the organization as a baseline. I make a list of whitelisting and blacklisting of applications and then I can deploy it. This will result in me managing those updates and those applications easily in my environment and knowing that my environment is safe because I am the one who has uploaded and updated those applications from external downloading factors.

I have used advanced endpoint analytics in Microsoft Intune Suite once but not more, so I am not the right one to give a good review on it.

The feature that we can deploy policies and configuration settings and it will be applied to every user who is connected to it around the world just with an internet connection is very good. Secondly, a feature I am very fond of is the Autopilot feature, which is basically zero-touch deployment for any new devices. You just onboard a hash and you deploy a device and you can give it to the end user. Once they log in, Autopilot will do its thing and automatically push all the policies that are needed to be pushed.

User experience for Microsoft Intune is quite good for administrators and security readers. It is a bit complex for navigating, but if you understand it properly, it is a very powerful tool.

I would say that compatibility with macOS and iOS devices in Microsoft Intune can be improved. I do not think this is a fault of Microsoft, but I would say it is more of an Apple thing where they do not easily provide controls over the things. If they can improve, the best example of a solution where macOS or things would be Jamf. They can do something like Jamf and it could be better. Generally, people in an organization would not have to buy two different softwares or two separate MDMs, one just for Mac and one for Windows and Android devices. It would be easier to have it all in a single platform.

Stability of Microsoft Intune is good. Reliability is something that I feel there is a tad bit of concern. The only point is that we need to sync multiple times to get something pushed through. There might be something conflicting, but it has happened to me every time that if I want to push something like a policy, I need to either wait for the device to restart or sync multiple times. Otherwise, I need to manually click on sync multiple times and wait until it syncs.

Sometimes it takes me more time. It is not always the case. It is just when after an initial deployment, when I am changing something or a simple configuration, it might take a while to get deployed and pushed. However, when it is pushed, it is pushed to every device in the organization.

I have been working with Microsoft Intune for several years. In my past opportunity, I was working with Microsoft Intune and now in this particular company I'm working with Microsoft Intune. I am currently working on a project since the last five days to implement it from the ground up for a client. I regularly use Microsoft Intune.

Stability of Microsoft Intune is good. Reliability is something that I feel there is a tad bit of concern. The only point is that we need to sync multiple times to get something pushed through. There might be something conflicting, but it has happened to me every time that if I want to push something like a policy, I need to either wait for the device to restart or sync multiple times. Otherwise, I need to manually click on sync multiple times and wait until it syncs.

It is pretty scalable. I would rate it a ten because if you have Windows devices and things, it is pretty scalable. It is a cloud-based solution, it is just a website that you can use and everything is running through it.

I have taken support from Microsoft Intune and they have been very cooperative with it. They quickly come on a call and resolve the issues that we have. They might do a back and forth on emails, but once they see that an issue cannot be understood through emails, they quickly jump on a call, help us out and everything is resolved promptly.

Positive

Previously, we did not have any technology to manage the devices in that way. Microsoft Intune MDM makes it easier for us to control because almost everyone is using Microsoft for its ecosystem, whether it is Azure Active Directory or Microsoft Office or Teams or anything else. The basic thing here is that because it is a Microsoft product, the Microsoft Intune ecosystem has integrated very seamlessly with them and we can control a very vast amount of things. For example, restricting USB blocks or restricting data copying from one place to another. It fits very well into Microsoft applications. There was no other application that I was using before it, but this is where it is excelling and this is the reason that I used Microsoft Intune.

I did participate in the initial setup and deployment of Microsoft Intune in my company.

I am currently working on a deployment project of Microsoft Intune where I am actively deploying Microsoft Intune as a solution. It is quite intuitive and once you get the understanding of it, once you get in a flow, it is quite easy. When you start learning it, there is a bit of a learning curve on how to navigate through things. However, once it is done, it is quite easy and quite good. Overall, I would rate the deployment experience as nine out of ten. The one point deduction is just for a bit of a learning curve, nothing else.

I was directly sent to implement Microsoft Intune even in my previous roles where I learned how to implement it. I was not the one to assess multiple tools and give a suggestion.

I am not aware of the exact details regarding the pricing and licensing of Microsoft Intune. All I know is Microsoft provides Microsoft Intune basically from Microsoft Business Premium and then it goes up to E3 and E5 licenses. I am not sure if it also provides in other licenses. However, I have generally worked with E5 license and Business Premium license.

As a tech enthusiast, I have used multiple tools, whether it is Google MDM or Jamf as I mentioned. I find Microsoft Intune better for at least Windows and Android devices, even rather than Google. Google has some edge over Microsoft Intune because Android is a Google product. It is always going to be like that. However, if I had to choose one for a vast used organization, I would choose Microsoft Intune if the organization is Windows user heavy.

For MDM solutions specifically on Windows, the only one I have ever used is Microsoft Intune. For Macs, I have used Jamf while also using Microsoft Intune, so I can say that.

I am not using Microsoft Intune's Cloud PKI. I am not using Microsoft Copilot in Microsoft Intune. My overall rating for this product is nine out of ten.

I use Microsoft Intune for endpoint provisioning, configuration, and security within our MSP environment at Coubari. Key use cases include Windows Autopilot for zero-touch deployments, application deployment, device configuration profiles such as Wi-Fi and security policies, compliance and Conditional Access, and MDM for mobile and shared devices. Intune provides a consistent, secure, and scalable way to manage devices across multiple client environments.

Microsoft Intune has improved our organisation by enabling zero-touch device deployment with Autopilot, reducing build time and ensuring consistent device configurations. It has strengthened security through compliance policies and Conditional Access, and provides centralised management of devices, apps, and settings. This has improved efficiency, supported remote working, and allowed us to scale device management across multiple client environments more effectively.

The best features of Microsoft Intune are Windows Autopilot, configuration profiles, application deployment, and its integration with compliance policies and Conditional Access. Autopilot enables zero-touch deployment, while configuration profiles standardise settings such as Wi-Fi and security. Together, these features provide a consistent, secure, and scalable way to deploy and manage devices across multiple environments.

The interface is good. From a customer perspective, sometimes it can be difficult because of the name changing from Entra and changing the names to Identity, which can sometimes confuse the customers. When you start referring to certain features, they are confused, and then you have to explain that it used to be called something different. The naming changes from an IT perspective when talking to the customers can be problematic, but the interface is very good. From the user perspective, they do not really use the interface, but from my perspective, I would say the naming conventions and trying to explain that to the customers is probably the hard part.

It depends on the industry. In construction, they have multiple small software applications where you have to do some scripting and testing to get it right and complete the install. Some of them are not compatible with Microsoft Intune. Realistically, no matter if it is for a big or small company, we give ourselves six months to configure from start to finish. That is considerable testing. For example, per department, we have the finance team test it, a site administrator test another configuration, and a director, because we have different device models. A lot of our clients have directors with Microsoft Surfaces, which are excellent. Some of the team, the engineers, have a high-specification laptop, so they have more drivers and more software. Then there is the standard configuration. Getting those standards and configurations right takes time. Over time, since my last role when I deployed Autopilot, we have probably saved hundreds of hours of IT time setting up laptops.

Different sectors have different demands. It is trying to convince the customers to spend the money. Once we have it right, the process becomes much more streamlined. There could be more features added. For me, as I mentioned, one area is the reporting. If the reporting became better, I think you would not need to use more RMMs. That is probably from an MSP perspective. From an end-user perspective, yes.

I would give it a rating of seven. As I mentioned, it is more the reporting and the challenges with the sync delays. If the sync delays could be improved and policy conflicts, which can cause some issues, were addressed, the rating would be higher.

I have been working with Microsoft Intune for approximately six years. While adoption was more limited in the early stages, it has since become a core part of modern endpoint management.

Across my roles within MSP environments, including my current position at Coubari, I have used Intune extensively for device deployment, configuration, security, and ongoing management. Over the last six years, it has been a key platform in my day-to-day work supporting multiple client environments and delivering standardised, secure device management at scale.

In my experience at Coubari, Microsoft Intune is a stable and reliable platform for day-to-day device management.

There have occasionally been wider Microsoft 365 service incidents (for example with Exchange Online or Microsoft Teams), but these have not directly impacted Intune’s core functionality. From an endpoint management perspective, Intune has remained consistent and dependable.

Day-to-day operations such as device enrolment, policy deployment, application delivery, and compliance management run reliably, and we have not experienced any major outages specific to Intune itself.

Overall, Intune has proven to be a stable platform suitable for managing devices at scale, particularly when used as part of the wider Microsoft 365 ecosystem.

.In my experience at Coubari, Microsoft Intune is highly scalable and well suited to both growing organisations and large, multi-site environments. I have personally managed Intune deployments across customers with hundreds of users and have not encountered any scalability issues.
Because Intune is cloud-based, it allows us to onboard large numbers of devices and users without needing additional on-premise infrastructure. Features such as Windows Autopilot, dynamic groups, and automated policy assignment make it easy to deploy and manage devices at scale while maintaining consistent standards.
As environments grow, Intune continues to perform reliably, allowing us to manage multiple device types, locations, and user roles from a single platform. It also supports remote and hybrid working seamlessly, which is essential for modern organisations.
Overall, Intune scales very well, from smaller deployments through to large enterprise environments, and has proven to be a reliable platform for managing growth without added complexity.

In our MSP environment at Coubari, we have had limited need to engage directly with Microsoft customer support for Intune, as the platform has been stable and well-documented.

Instead, we rely heavily on Microsoft Secure Score and built-in recommendations to guide security best practice and configuration improvements across client environments. As all of our clients are Cyber Essentials Plus certified, we maintain a strong security baseline, and Intune integrates well with Microsoft’s guidance to help us meet those standards.

On the occasions where guidance is needed, the Microsoft documentation, community resources, and Secure Score recommendations provide sufficient direction without needing to raise support tickets.

Overall, while we have not relied heavily on direct support, the self-service guidance, documentation, and security recommendations provided by Microsoft are strong and effective for managing Intune environments.

Positive

I have not used other solutions.

The initial setup of Microsoft Intune can be straightforward when approached with a clear project plan, but it does require careful design and testing to get right.

In my experience at Coubari, we structure Intune rollouts as a formal project, defining device standards, security baselines, Autopilot profiles, application packages, and user groupings in advance. With this approach, deployment becomes much more controlled and predictable.

In previous roles, I have delivered Autopilot deployments for recruitment-based organisations, including environments using Azure Virtual Desktop (AVD). We used Intune policies to enforce security controls, such as restricting copy and paste between local devices and remote desktop sessions, which was a key requirement for protecting sensitive data.

While the initial configuration phase requires time and testing across different user roles and device types, once established, Intune provides a very efficient and repeatable deployment model. Overall, with the right planning and structure, the setup is manageable and delivers strong long-term benefits.

We did not use an external integrator, reseller, or consultant for our Microsoft Intune deployments. All implementations were delivered in-house at Coubari.

As the Lead Technical Engineer, I have been responsible for designing and leading the deployments, drawing on my previous experience as a third-line engineer in earlier MSP roles. Our MSP teams are relatively small, so we do not have a dedicated Intune project team; however, we typically involve 2–3 engineers to support planning, testing, and rollout.

Delivering Intune in-house has worked well for us, as it allows us to tailor each deployment to the client’s requirements, maintain full control of the design, and build internal expertise. The key is to ensure proper planning and resource allocation to avoid overloading a single engineer during larger projects.

Overall, our experience with in-house deployment has been positive and effective, allowing us to deliver consistent, high-quality Intune implementations across our customer base.

From my experience at Coubari, Microsoft Intune pricing is generally competitive and good value, particularly for organisations already invested in Microsoft 365.

In many cases, Intune is included within Microsoft 365 licences such as Business Premium or E3/E5, which makes adoption easier and more cost-effective for larger organisations. As a standalone licence, Intune Plan 1 is typically around £6–£7 per user per month, with additional features available as add-ons if required �.

microsoft.com +1

For mid-sized and enterprise customers, pricing is rarely an issue because it fits within existing IT budgets and delivers strong value through security, device management, and integration with Microsoft 365.

For smaller organisations, licensing can be more of a challenge to justify, especially if they do not already have Microsoft 365 plans that include Intune. In those cases, cost can be a barrier compared to lighter RMM-style tools.

In terms of setup cost, the main investment is time rather than licensing. A proper Intune rollout requires planning, testing, and building configurations (Autopilot profiles, policies, applications, and security baselines). In MSP environments, we typically allow several months to fully design and test deployments across different user roles and device types.

Overall, licensing is straightforward and scalable, but the key investment is in initial design and implementation effort to ensure a stable and standardised environment.

In our MSP environment at Coubari, we have worked with and evaluated a range of endpoint management solutions, primarily traditional RMM platforms such as Atera and Halo, alongside more legacy on-premise approaches using Group Policy.

The main difference with Microsoft Intune is that it is a cloud-native, identity-driven platform that integrates directly with Microsoft 365, Entra ID, and Conditional Access. This makes it particularly strong for modern device management, security, and remote working, especially when combined with Autopilot for zero-touch deployment.

Strengths of Microsoft Intune:

Cloud-based and scalable for multi-site and remote users

Strong integration with Microsoft 365 and identity/security controls

Autopilot for automated, standardised device deployment

Built-in compliance, MDM, and security policy management

Strengths of RMM platforms (e.g. Atera/Halo):

Stronger real-time control (remote access, scripting, instant changes)

More mature patch management and reporting capabilities

Better multi-tenant visibility across multiple customers

In practice, we use a hybrid approach, with Intune handling provisioning, configuration, and security, and RMM tools used for patching, scripting, and centralised reporting.

From a commercial perspective, cost can be a barrier for smaller organisations. Larger engineering clients typically have the budget and benefit from the full Microsoft 365 ecosystem, but smaller businesses can find the licensing harder to justify. A lighter or entry-level Intune tier with core features would help increase adoption in the SME market.

I would rate Microsoft Intune 7 out of 10 overall.

It is a strong platform for modern endpoint management, particularly for organisations already invested in Microsoft 365. In our MSP environment at Coubari, it works especially well for Windows-based clients with 200+ users, where Autopilot, compliance policies, Conditional Access, and centralised configuration provide consistent and secure device management at scale.

Alongside Intune, we also use tools such as Microsoft Copilot and Teams transcripts/meeting notes to support environment analysis, reporting, and project delivery (for example, SharePoint migrations and client communications), which complements the overall Microsoft ecosystem.

Advice for organisations considering Intune:

Plan your design carefully from the start (policies, apps, security baselines)

Allow time for testing across departments and device types

Use Autopilot to maximise deployment efficiency

Consider how Intune will integrate with your wider tooling (e.g. RMM/reporting)

Ensure licensing aligns with your organisation size and needs

Overall, Intune delivers strong value in terms of security, standardisation, and scalability, particularly when implemented as part of the wider Microsoft 365 platform.

My main use for Microsoft Intune is for endpoint management, primarily for Windows laptops, policy enforcement, and basic troubleshooting of enrolled devices to apply security policies, manage updates, and ensure compliance for user systems.

Recently, I had a case where a user's laptop was not following company security policy. I decided to check the device in Microsoft Intune, and I saw that it was marked as non-compliant. I reviewed the compliance policies and found that the device was missing required updates and antivirus definitions. I also use Microsoft Intune to push policies such as password requirements and screen lock settings across multiple devices.

On a day-to-day basis, I am using Microsoft Intune for monitoring device compliance, checking device status, assisting users with enrollment issues, and pushing updates and basic security policies across all devices. Microsoft Intune helps me significantly in remote support because I can manage and troubleshoot a device without physically accessing it.

Microsoft Intune has had a significant positive impact on our organization in two main areas. The first is enhanced security and compliance, and the second is improved troubleshooting and support efficiency. We can remotely wipe, lock, or reconfigure a device to resolve issues, making device management easier.

The number of support tickets has reduced because device policy issues are enforced automatically through Microsoft Intune. Compliance issues are identified before users face access problems, which gives us faster resolution time.

The main features Microsoft Intune offers me are centralized device management where I can manage all devices from one location. I also appreciate the compliance policies and security configuration, which help me ensure all devices follow company standards. Another useful feature is remote actions such as sync, reset, or wipe the data, which is very helpful in troubleshooting and handling lost or compromised devices. The integration with Microsoft 365 and Azure AD is a significant advantage.

One more important feature of Microsoft Intune is conditional access with Microsoft Entra.

One key area for improvement is faster and real-time policies and app deployment. Another area is simpler and more centralized troubleshooting tools. Additionally, Microsoft Intune needs to improve reporting and analytics. Finally, there is a need for better visibility of end-user self-services.

I have been using Microsoft Intune for the past year.

Microsoft Intune is stable. In our experience, I would rate the overall stability at around eight to ten for reliability. Microsoft Intune is generally stable in our environment, and we rarely face service outages. Most issues we see are minor, such as sync delays or reporting lag, rather than actual downtime. Overall, Microsoft Intune is stable enough for production use and reliable for daily endpoint management.

Microsoft Intune is highly scalable for our organization because it is cloud-based. We can easily onboard new users and devices by assigning licenses and enrolling them without any infrastructure changes. It scales across multiple locations and hybrid users, and policies can be managed centrally without performance issues.

I consider Microsoft Intune's customer support decent but not always fast or consistent, especially compared to expectations in an enterprise environment. For complex cases, response time can be slow, and troubleshooting may involve multiple escalations. In our environment, we mostly rely on internal troubleshooting and use Microsoft support for critical or complex issues.

Before Microsoft Intune, we were using traditional on-premises endpoint management approaches. We were using on-premises Active Directory with group policies and manual device management. We switched to Microsoft Intune because it provides cloud-based centralized management, better support for remote users, faster policy deployment, and stronger security with conditional access and compliance policies.

There is no separate setup cost for Microsoft Intune itself because it is a cloud SaaS service. We only had initial effort costs internally for device enrollment setup, policy creation, testing, and rollout. No hardware or infrastructure cost was required since everything is cloud-based. Regarding licensing cost, we use Microsoft Intune through a Microsoft 365 license, Business Premium E3/EMS. Rather than buying Microsoft Intune separately, it is included in Microsoft 365.

In our organization, we are only using Microsoft Intune as part of our Microsoft 365 licensing subscription model, and we do not act as a Microsoft partner, reseller, or implementation consultant.

We have seen a clear return on investment after implementing Microsoft Intune, mainly in terms of reduced operational effort and improved security efficiencies. These benefits include reduction in support effort, faster issue resolution, reduced downtime for users, lower infrastructure and maintenance costs, and security ROI, which is indirect but very important.

There is no separate setup cost for Microsoft Intune itself because it is a cloud SaaS service. We only had initial effort costs internally for device enrollment setup, policy creation, testing, and rollout. No hardware or infrastructure cost was required since everything is cloud-based. Regarding licensing cost, we use Microsoft Intune through a Microsoft 365 license, Business Premium E3/EMS. Rather than buying Microsoft Intune separately, it is included in Microsoft 365.

We evaluated tools such as VMware Workspace ONE and IBM MaaS360, along with our existing on-premises SCCM setup before choosing Microsoft Intune. We chose Microsoft Intune because it offered better integration with Microsoft 365, is fully cloud-based, easier to manage, and more suitable for hybrid and remote work environments.

I would rate Microsoft Intune an eight out of ten because it is a very strong endpoint management solution, especially for modern hybrid and remote environments. The reason it is not perfect is occasional delays in policies, and the reporting and analytics still need improvement.

I would advise others considering Microsoft Intune to plan the deployment and start with a pilot before a full rollout.

Microsoft Intune is a very strong and modern endpoint management solution, especially for organizations moving towards cloud and hybrid environments. It has significantly simplified device management, improved security enforcement, and reduced manual effort for IT teams. At the same time, Microsoft Intune is not a set and forget tool. It requires good planning, proper policy design, and continuous monitoring to get the best results. Overall, Microsoft Intune is a reliable and scalable platform that fits well in a modern IT environment and continues to improve with regular Microsoft updates.

I generally use Microsoft Intune for Autopilot. There is a technology in Microsoft Intune called Autopilot. You register your devices in the devices section in Microsoft Intune, import the hardware hashes from the devices, and import them in the Intune portal specifically for Windows devices. It is then further used for device provisioning for different client machines running Windows 11. Nowadays, different versions of Windows 11 are running. The other use case is for feature and quality updates. I deploy feature and quality updates using ring strategies in Microsoft Intune. Patching and device provisioning are major applications. Additionally, I use Microsoft Intune for endpoint management to manage different endpoints. These are the major tasks I perform in Microsoft Intune.

My user experience with Microsoft Intune is quite good. I would rate it nine out of ten. Whatever task I am performing, I see the progress bar in the top right corner. If I import any hardware hash or perform any other action, I see any merging in process. I basically see monitoring and charts. The support ticket opening process is also great. Overall, this rating is based on the user experience.

Endpoint management from Microsoft Intune side is quite good. Since it is merged with SCCM, I can perform UDI deployment to make devices secure and reliable. I can mitigate different vulnerabilities. These are quite impressive features from the end-user or client machine perspective that I appreciate the most.

I do use endpoint analytics in Microsoft Intune. I have different tools to detect vulnerabilities. For example, Qualys data performs a scan and gives me the number of vulnerabilities on specific devices. In the same way, I use endpoint analytics, which is a feature in Microsoft Intune. If there is any issue with slow startup of devices or if I am deploying any application and it is crashing, I can see this in endpoint analytics in Microsoft Intune. If I talk about startup performance, if few devices are slow to boot, I can analyze the different GPUs or settings for that particular performance. In the same way, if any app is crashing or it is not installing, I use Microsoft Intune analytics to improve the endpoint experience itself.

I have heard about Cloud PKI, but I have not recently gotten any use case for that.

Regarding deployment, as I mentioned, I use ring strategy and Autopilot for the client machine. The only drawback or challenge is that it does not support server deployment. It only supports client machines. That is the major drawback.

First, there should be a feature for server deployment in Microsoft Intune Autopilot so that I can also provision server devices. Most features, for example Active Directory or different features, cannot be accessed directly from the client machine. They have to be accessed from the server. Majorly, server deployment should be included.

A patching monitoring tab should be included in Microsoft Intune. When I am deploying ring strategy, I deploy multiple devices using that ring strategy. If there could be an option for monitoring that shows where the exact patch status is, it would be easier for the Microsoft Intune administrator to know the status.

BigFix is pretty good with respect to monitoring, mass deployment, and bulk deployment. Microsoft Intune is lacking in these areas, and I would say the speed is not as good as what I can see in BigFix. That is the first pro and con. Another thing is that I have to merge Microsoft Intune with on-premise technology. If someone is having a hybrid model with both on-premise and cloud in their infrastructure, I have to merge Microsoft Intune with some on-premise technology, for example SCCM, so that I can migrate the devices using the Intune connector from on-premise to cloud. There has to be some other way to make these migrations faster. That is a con from my side.

The licensing cost is also quite high, specifically for E3 and E5 licenses. Microsoft Intune uses the per-user model. If it can be reduced, then different small or medium enterprise companies can also use Microsoft Intune.

I have been working with Microsoft Intune for the last four to five years.

A couple of times, maybe once in a week, I do experience slowness or backend issues from Microsoft Intune. Majorly, I have seen these issues during EST hours, where one day in a week, I experience degradation.

On a scale of one to ten, where ten is the best, I would rate the stability of Microsoft Intune an eight.

Scalability is quite good. I would rate it nine.

Technical support is at its best in Microsoft Intune. I just go to the tenant admin and open the support case. I would rate it nine out of ten.

Positive

I am using other solutions.

Microsoft Intune is a good solution and it is purely based on Azure cloud. I can use all the benefits of Azure cloud in Microsoft Intune and several good features in Microsoft Intune to manage devices. Microsoft Intune should be used by medium to large enterprises. If there is any security organization, such as any banking or healthcare organization where security is the utmost priority, those kinds of organizations should use Microsoft Intune. My overall rating for this product is 8.5 out of 10.