Microsoft Intune Reviews

I'm an IT manager contracting with a European company. We had to onboard Windows machines to the Azure AD, but they did not have an on-prem AD. I prepped the Azure AD on the cloud, and I started to migrate the laptops to Azure AD. 

Once that is done, we need to apply policies, but group policies will not run from Azure AD because there's no on-prem AD to derive the policy from. Intune comes in handy there. It has multiple capabilities. You can create your configuration profiles in Intune that apply to Windows and Mac. You can create security profiles and configuration profiles, and you can apply browser settings to some extent. It isn't a small tool in terms of size or breadth of capabilities. It's very capable. Anybody who has used SCCM will see a lot of similarities.

Intune has many components that replace third-party products. For example, Intune creates an inventory of each machine. Otherwise, I'd need a third-party asset management tool. Intune can also tell me which users are accessing a given machine because it's integrated with Azure AD.

It's easy to deploy a configuration or policy to a system, especially when you don't have Azure AD. Now we are talking to all these small and medium-sized customers who don't necessarily have an on-premise Windows Active Directory. If they have invested in Office 365 Premium, this functionality becomes available to them.

That's considerable savings because you get Intune with Office, and you're getting slightly more advanced Azure AD capabilities. They also get MS Defender, which is there on the Windows client. This March, Microsoft introduced Defender for Business. They activated the business subscription with the Office 365 Business Premium subscription. If a customer is looking for an antivirus solution with a centralized capability, the product is already there. 

Intune allows you to control the policy if you want to control hard drive encryption. We have third-party tools in the market that we used to invest in. Today, we have Windows-native BitLocker, and I can use Intune to manage that BitLocker encryption.

Intune can set policies on each machine. I can create rules and apply them to individual machines. It's much easier than using the Azure AD system.

Reporting in Microsoft solutions is pathetic. With Intune, I'm getting a free inventory tool, but I don't get a reporting tool. When I go to Intune, I can see one machine's entire data in terms of the hardware and the software running on it, but I cannot generate a report for all the machines in the organization. The reporting is the only feature holding back the functionality that is already there. 

All the other third-party tools are doing the same thing, whether Atlassian, ManageEngine, or Ivanti. They all install an agent on your system. Intune also has an agent on your system collecting inventory details and sending them across the central console, but Microsoft doesn't have the reporting capability there. That is the only drawback I see.

I started using Intune last year.

Intune is perfectly stable. We've had zero downtime.

Intune will scale because it's a cloud system. We are not installing anything. It's a Microsoft service. I have it running on around 200 machines.

I rate Microsoft support nine out of 10. In the past year, I've made 20 or 30 support requests on the Intune platform. Each time, it has been smooth. Usually, they sort the problem out on the first try. Once, the ticket was open for about two weeks because they had to do some backend testing on their side. 

Positive

I have used ManageEngine from a company called Zoho Corporation to do inventories and patching. Microsoft Intune lacks capabilities to patch Windows, Office 365, Acrobat Reader, etc. There is no way for me to apply and manage patches. I can create a patch configuration, but I cannot control when it has to be deployed and on which machines. If Intune adds patching, I don't need to invest in another patching tool.

Setting up Intune is pretty straightforward. There may be a few bumps in the road, but you shouldn't have much trouble if you're a system administrator or a pure IT guy. I did it by myself, and it took about two hours. You have to do the basic configuration. 

For that, you need a bit of reading to understand how your configuration is working within your overall setup. Once you do the necessary tweaking, Intune is up and running. After that, you create policies and do a test run on one or two machines. Once you verify that everything is working fine, you deploy it all. 

If you're not a techie, I could guide you step by step. It's as simple as that. After deployment, Intune doesn't require maintenance because it's a cloud product. 

We've seen a significant return on the investment. Otherwise, I would have to invest in a regular Windows Active Directory. If I were running Office Standard, which lacks this feature, I would have to buy something like Intune and pay for it annually.

Plus, I have to manage another product on the desktop. For example, if you're using a VPN client, the VPN client has to be installed and requires maintenance if something goes wrong. I don't have that maintenance cost because it's part of the Windows operating system.

We don't pay for Intune because it is bundled with the premium subscription to Office 365. It includes Intune and Defender. I don't have to buy two extra products to manage my enterprise.

I rate Microsoft Intune eight out of 10. Some functionality needs to be improved, but I believe Microsoft is working on it. They're developing the tool, and those features will be added, but I will give it an eight today.

If you're thinking about implementing Intune, you should look at what you already have in place. For example, if I wanted to bring my laptops onto Azure AD, Azure AD will do the job for me, so I don't need to invest in a regular Active Directory server.

Either I buy the server and run it on the cloud or I upgrade Office and Business Premium gives me all of the features. Business Premium is the top license. You have Business Basic, Standard, and Premium. The Enterprise equivalent is E3 and E5. 

The Business Premium is equivalent to E3. There is a limit on the number of machines. Per Microsoft's licensing model, you can do up to 300 machines on Business Premium. At 301, you have to switch to an Enterprise agreement.

With Intune, managing devices is a breeze. I use it to enforce security policies and seamlessly deploy applications to handle Windows 11 upgrades. It is like my one-stop shop for device management – no more manual headaches, just simple templates making my life easier. Plus, with Windows 10 support ending soon, Intune ensures a smooth transition to the latest and greatest without much hassle.

Overall, Intune has been a game-changer for our organization. It offers enhanced visibility, helping me identify and fix issues swiftly. Since implementing it, our security score has seen a noticeable improvement.

Intune gives me full visibility and control across all devices. For instance, if a device is slowing down, Intune alerts me, and I can proactively upgrade the hardware, like moving from HDD to SSD or M.2, ensuring optimal performance. It is like having eyes and control over the entire device landscape.

Intune has significantly reduced the risk of security breaches. With its robust security features and compliance monitoring, I can track and manage everything from emails to miscellaneous activities, ensuring a proactive stance against potential security threats.

The user experience of Intune is a perfect ten for me. It provides an incredibly helpful and seamless interface.

Intune has saved costs by preventing potential security threats. Restrictions on accessing miscellaneous websites have been invaluable in avoiding virus downloads and data loss. 

The reporting and analytics features in Microsoft Intune have been a lifesaver. In the report section, I can quickly identify device issues, compliance problems, or deployment failures. It provides a clear overview, allowing me to take immediate action, whether it's redeployment or manual adjustments, keeping everything in check and running smoothly.

While Intune works perfectly well, the only potential downside is that the deployment could be a bit complex for some users.

I have been using Microsoft Intune for three years.

The stability of Intune is impecable.

I would rate the scalability of Intune as a ten out of ten. I have not had any issues with it.

Technical support from Microsoft for Intune is top-notch, a solid ten. Whenever I have had issues and opened a ticket, they have been quick to respond within half an hour to two hours. The solutions provided are effective with detailed instructions and additional information.

Positive

My deployment model for Intune is gradual and cautious. It is like navigating through a vast ocean, where I test on a few devices first, slowly deploying one thing at a time. I learned the hard way that rushing impacts users, so it is a step-by-step process, taking a month or two, testing, deploying, and making adjustments as needed. Patience is the key to Intune deployment.
Deploying Intune wasn't a walk in the park, but it wasn't overly complex either. I would say it is moderate—needing time, experience, and knowledge. Testing is crucial.

Microsoft takes care of updates and maintenance. I just need to stay on top of deploying new patches that come from vendors, ensuring our machines are up-to-date and secure.

The return on investment with Intune has been excellent. The increased productivity and control over machines justify the cost, giving a full value-for-money experience.

We use Microsoft Intune to ensure security compliance mainly through our DLP project. It is our go-to for deploying new features and staying on top of security patches. Intune keeps us informed about vulnerabilities, making it easier for me to download and deploy updates across our infrastructure, ensuring a robust and secure system.

The standout features of Microsoft Intune for managing and securing our workforce are endpoint protection, streamlined deployment of applications, and easy handling of feature updates. Creating Intune policies is a breeze; for instance, deploying applications is just a matter of selecting them and letting Intune take care of the rest. It is a time-saving and efficient way to keep our systems secure and up-to-date.

The real game-changer in Microsoft Intune for our data security is the ability to create and enforce specific policies. I have set up two types: one within Intune and the other through GPO. The combination of both has been pivotal in ensuring robust security measures for our organization.

Having all endpoint and security tools in one place with Intune is quite valuable. It allows me to track device usage, block systems, and, if necessary, wipe company data for security purposes. The integration with OneDrive ensures seamless syncing and backup of user data, providing an added layer of protection. It is like having a control center that empowers me to respond swiftly to any security concerns.

For securing hybrid work and data protection, I set up Intune to handle encryption using tools like BitLocker. It provides an added layer of security, allowing me to manage BitLocker keys and make necessary changes for better control. This way, even in a hybrid work environment, I have visibility and control over data protection measures.

Intune's integration with Microsoft security has significantly bolstered our organization's security. From prompt security patches to timely machine restarts and access control, it covers a multitude of aspects, ensuring a robust and proactive security stance.

Using the Endpoint Privilege Management feature in Intune has been a productivity boost.

After deploying Intune, there was a shift in user freedom, but it was a positive change. I could restrict access, control network usage, and block certain applications, enhancing overall security. While some users may find it limiting, it aligns well with the organization's focus on security.

Intune must integrate with Microsoft 365 and Security. The synergy is powerful. For instance, in security, I identify vulnerabilities and know precisely what patches to deploy using Intune. It is like a seamless collaboration that streamlines the process.

Microsoft Intune's integration with other Microsoft tools has revolutionized my device management strategy. It is like a helping hand that makes everything easy and seamless. Over the past five to six years, it has become an essential and efficient part of my device management toolkit.

Microsoft Intune's integration with other Microsoft tools has revolutionized my device management strategy. It's like a helping hand that makes everything easy and seamless.

For new users, my advice is to take advantage of Microsoft's virtual training sessions and certifications. Sometimes, they offer free certifications, which can be beneficial for users, considering the investment companies make. The biggest lesson I have learned is the incredible control and flexibility Intune provides. From deploying and removing applications to blocking and deploying the OS, it gives complete control over the infrastructure, making it invaluable for users in the field.

Overall, I would rate Intune as a ten out of ten.

We use Intune to manage mobile devices and applications. I'm not solely using Intune for the agents installed on each machine. I use the Microsoft Endpoint Manager solution primarily for device configuration, device compliance, and mobile application management.

I have 80 different clients, and their environments vary. We have people that work in offices across multiple foreign countries and domestically. Most have a strictly cloud-based deployment, but a few have a private cloud that we host ourselves. Some have their own data centers. I've got a couple of clients with hybrid environments. None of them are entirely on-prem. Everybody is using a hybrid cloud or completely on the cloud.

Intune helps us from a compliance standpoint by making it easier for system admins to configure devices and ensure they conform to business policies. It gives us more visibility into where the devices are and their postures.

I try to use conditional access policies for every client I can. It's essential for a zero-trust security posture. Conditional access policies make it possible. This dramatically reduces the risk of unpatched devices connecting to our corporate network.

The conditional access policies, compliance, and updates affect employees positively. Once the value is explained to them, they don't complain much about MFA.

You can use Endpoint Manager to see whether or not a device is compliant and apply conditional access policies in Entra to only allow connections to your environment from compliant devices. That significantly reduces your risk from unpatched software because that device cannot connect to your machine or environment. Using those two features together definitely helps protect us.

It saves some time. Either way, you will have to manage an Active Directory environment, but Intune allows you to manage devices over the internet. You don't need to worry if the machines are connected to a VPN or on-site.

The most valuable feature is probably mobile device management. Small businesses are coming under greater scrutiny and requirements for compliance as time goes on. We don't have to worry about a VPN because we can manage these devices, control company data, and lock users out. If needed, we can remotely wipe devices and switch them. 

It's a big deal to be able to assure an insurance company or auditor that our endpoint devices are effectively managed. Intune is a solid solution if you use Microsoft and Microsoft 365 products.

Intune's third-party patch management could be better. It should be easier for an average system admin to keep non-Microsoft applications updated. 

I have used Intune for about six years now.

Intune is highly stable. 

Intune is highly scalable. Thus far, I haven't had to expand it to a thousand users, but the scalability appears to be readily available.

I rate Microsoft support a nine out of ten. I enjoy working with them, and I'm often surprised at how good they are. 

Positive

I've used Rocky MDM and Google MDM. Microsoft is the primary platform on which we do business. Intune works better with the Windows operating system, desktop applications, and SharePoint. It also reduces vendor complexity. I don't require multiple vendors, which reduces my costs because many features are baked into it. 

I log into fewer systems daily. Microsoft's virtual monopoly on productivity applications in your average small business makes them the right choice in most situations.

Deploying Intune is pretty straightforward. It doesn't matter whether you use autopilot or manual deployment. Each machine is enrolled in Intune automatically if it's connected to Azure AD with the correct user licensing. It's a relatively painless enrollment process.

Intune involves some maintenance, like any solution. You must ensure it's still working correctly and helping you achieve your business goals for compliance and configuration of your endpoints.

Meraki and Google are relatively common in small businesses. Many small businesses use Meraki for wireless and networking solutions, so that is one MDM option. Also, small businesses often start with Google and transfer to Microsoft 365 once they mature. Google is already in the environment. I don't sell anything as an IT guy, so I don't care what solution my clients use. I choose what's best for them in that particular instance.

I have tried Okta, but I haven't used it seriously as an MDM solution. I've only used Okta as an SSO provider. I didn't realize they did MDM solutions. I don't understand the point of Okta. If you have Azure AD and Entra, I can't fathom why you would bother with Okta. It seems redundant to me.

I rate Microsoft Intune a nine out of ten. Don't underestimate the solution, and spend time learning about it. Intune has some powerful capabilities. Often, small businesses acquire systems but never fully utilize them because nobody has the time to dive deeply into them. It's a big solution with a lot of features. 

We are mainly using Microsoft Intune for the security of people who are working from home. It is being used for BYOD.

We enforce and push policies and enforce security requirements through Microsoft Intune. We also use it for deploying applications and monitoring the devices remotely.

Microsoft Intune has simplified our mobile application management a lot. Managing devices that are in users' homes is very tough without Microsoft Intune. Remote management is very easy because of Microsoft Intune.

For maintaining our device security, the best feature is that it works with Azure Active Directory Premium One license. There is conditional access, which is something very unique, so if a machine is compliant and Microsoft Intune is installed on it, only then users can access our Office 365 data. It is not just a feature of Microsoft Intune but also of AD P1.

Microsoft Intune brings all of our endpoint and security management tools into one place. It has made our IT and security operations easy. With a single console, we can manage our devices.

Microsoft Intune provides full endpoint visibility and IT control across device platforms.

Microsoft Intune is simple, and it does not interfere at all with users. Users do not even know that Microsoft Intune is installed on the machine.

Application deployment through Microsoft Intune has affected the IT productivity in our organization. Previously, our IT department used to take remote control of the machine using some software. They used to manually do the installation, whereas now, they can simultaneously push an application on all the machines through Microsoft Intune. That saves us a lot of time and manpower.

Microsoft Intune has been helpful for securing hybrid work and protecting data on company and BYO devices. We have deployed BitLocker policies through Microsoft Intune to ensure that the data is encrypted on those devices. We have also disabled USB pen drives and other things on remote machines.

Microsoft Intune has improved our IT productivity a lot because we have remote users. If our users were local, it would not help much, but because we have remote users across the country, it helps a lot.

The improvement in IT productivity has also saved us costs. Previously, we needed more people to do the installations, remote monitoring, and all that, whereas now, with the single console of Microsoft Intune, all these tasks are much easier. A single person can manage hundreds of computers. We need three people less now.

Microsoft Intune has helped to reduce the risk of security breaches in our organization.

Microsoft Intune has helped us to consolidate vendors. With Microsoft Intune, security management is there and mobile device management is also there. Both these things could have been from a different vendor.

Microsoft Intune integrates well with other Microsoft products. It works well with other Microsoft products. There is a seamless integration.

Being able to manage the devices remotely is most valuable. We can push security requirements through Microsoft Intune. We previously used to do this through group policy for Active Directory, and now, we use Microsoft Intune for managing devices. This is the best thing about Microsoft Intune.

Apart from Microsoft Windows, we can do remote device management of Android and iOS devices. We can enforce security policies for Android and iOS devices.

The user interface of Microsoft Intune is good. It is easy to use.

Cost is the biggest factor for us right now. Microsoft Intune and AD P1 together in a bundle is a good thing to have, but it is very costly compared to other products in the market. Otherwise, Microsoft Intune is the best.

Their support can also be better.

I have been using Microsoft Intune for the last two years.

It is very stable. I have not had any issues. I would rate it a 9 out of 10 for stability.

It is definitely scalable. I would rate it a 9 out of 10 for scalability.

Their response time is poor, and the resolution capability is not good. Even after having a call with their customer care, there is a 50/50 chance of them solving the problem.

I would rate their support a 6 out of 10.

Neutral

We did not buy any similar solution previously.

For some customers, it is a hybrid deployment, and for some customers, it is a pure cloud deployment. Our customers are medium and large enterprises. They are not small businesses.

Its deployment is of medium complexity. If it is a hybrid environment, it is fairly complex. If it is a pure cloud environment, it is easy.

The deployment duration depends on the number of users we have or the number of computers we have. For a setup with 100 users or 100 computers, it takes about two weeks. It may require some troubleshooting and tweaking.

One person is required for its deployment.

It does not require much maintenance from our side. It is normally always up to date. Once it is set, we do not need to touch it.

I recently got to know that the AD P1 license is compulsory to use Intune Autopilot, which was surprising for me. Earlier, this was not the case. It is the wrong thing to do. We now need to purchase AD P1 licenses for us and for our customers. I would rate it a 7 out of 10 for pricing.

We evaluated a few solutions.

I would recommend Microsoft Intune to others. If somebody has a Microsoft environment, Microsoft Intune is definitely the best solution for managing people who are working from home or remotely. 

It is improving day by day. New features are coming up.

I would rate Microsoft Intune a 7 out of 10.

One prominent use case for Microsoft Intune revolves around the Active Directory, particularly focusing on user and device management, as well as mobile device enrollment. The primary objective in this scenario is to establish effective governance. This involves tasks such as pushing passwords and implementing policies seamlessly.

The most significant benefit lies in the ability to seamlessly handle personal devices, such as iPads, ensuring automatic compliance with comprehensive policies. The convenience of having robust support makes it easy for staff to manage device configurations independently, eliminating the need for external intervention.

It consolidates all endpoint and security management tools in a single location, significantly enhancing the employee experience. This is especially beneficial for executives or high-profile individuals who frequently change devices. The process is simplified – whether configuring a new iPad or downloading required applications, it's all streamlined. Executives and end-users can manage device enrollment independently without relying on support staff for tasks like setting up Outlook or other tools. The system allows for immediate enrollment and device tracking.

It offers comprehensive endpoint visibility and IT control across various device platforms. This proves highly beneficial for IT operation teams, providing details on the number of devices, their compliance status, and overall device status, including network access. The dedicated dashboard is a valuable tool, allowing users to proceed with applications and configure settings. Additionally, it assists in managing devices that may not have updated configurations promptly. For instance, in the case of a new iOS release, users receive reminders to update their devices, ensuring compliance with company policies and continued access to enterprise data.

Our experience with Intune in terms of user satisfaction is outstanding. If we were to quantify it on a scale from one to ten, I would confidently rate it around nine.

Intune plays a crucial role in securing hybrid work environments and safeguarding company data on both company-owned and BYOD devices. On a scale from one to ten, I would rate its effectiveness a nine.

The influence of Intune on our organization's security is substantial. Its impact is significant because I no longer need to be concerned about compliance or the enforcement of policies. With a single dashboard, I can efficiently handle all aspects related to compliance and security.

It has impacted IT productivity in our organization, and I would rate it around seven on a scale of one to ten. The flexibility of using Intune on multiple devices, including up to three or four, has been particularly beneficial. Whether I'm traveling or working remotely, I don't need to carry my laptop everywhere. I can efficiently manage emails and other tasks on my iPad, and if necessary, respond to emails, take calls, or update documents. Additionally, using my iPad for note-taking with OneNote is seamless – all notes captured on my iPad are automatically synchronized with my laptop. These features prove highly useful and convenient in various scenarios.

It has assisted our organization in cost savings, approximately ranging from twenty-five to thirty percent.

The system as a whole is immensely valuable, proving to be highly helpful and practical.

There has been a noticeable increase in productivity for both my organization and clients. The primary factor contributing to this enhancement is the user-friendly nature of the platform, coupled with effective technical support.

An area for improvement is the absence of seamless integration, particularly with external dashboards. Currently, to obtain an updated overview of devices not in compliance, we need to download the data, restricting visibility across other platforms like Power BI or third-party dashboards. This presents a challenge as we have to manually pull and manage the data, highlighting the need for enhanced integration with dashboard solutions.

I have been using it for three years.

I would rate its stability capabilities nine out of ten.

Its scalability is highly commendable, and I would give it a rating of nine out of ten.

The technical support is quite effective, and I would rate it at around nine out of ten.

Positive

The initial setup was quite straightforward.

It is deployed across various locations and departments.

Maintenance primarily involves administrative staff occasionally creating reports or extracting specific data. Apart from these tasks, there doesn't seem to be much ongoing maintenance required.

We have seen a return on investment by using it.

The cost is somewhat on the higher side, particularly when considering certain price points, especially in markets like India. It takes time for people to recognize and appreciate the features offered. Convincing customers to adopt this solution can be challenging initially, but as they explore its capabilities over time, they acknowledge the value of the investment. If the pricing were more competitive, it would be easier for me to recommend it to customers as their preferred choice over other endpoint management solutions.

The integration of Intune Suite capabilities with Microsoft 365 and Microsoft Security is of utmost importance to us. This is the primary reason why I encourage both my customers and the IT department to leverage it. The combined benefits of Intune with Microsoft 365 are substantial.

I encourage my users to embrace new ways of working and explore how tools like Intune can enhance productivity. Instead of relying on traditional methods and seeking IT staff for assistance, it's essential to leverage technology for improved efficiency. Overall, I would rate it eight out of ten.

Our primary use of Microsoft Intune is for device management and improve security. Initially, it focused on management for Windows devices. However, over time, its capabilities have expanded to encompass mobile device management in general, as well as management for other platforms like iPO, Android and Mac OS devices.

To ensure our devices are manageable regardless of location, we transitioned from an on-premises device management solution to Microsoft Intune. This cloud-based approach allows us to manage devices from anywhere, eliminating the need for them to be on our company network or VPN. Intune empowers us to remotely take actions on devices, including software installation, user identification, performance checks, and even triggering a remote lock if a device is compromised.

While most of our devices are company-owned, we also manage a small number of personal devices. Regardless of location, Intune allows us to manage them all.

Intune streamlines mobile application management by offering a single pane of glass for all devices across platforms, including iOS, Android, MacOS and Windows. It integrates seamlessly with the respective app stores for each platform.

Intune is a key component of a zero-trust security architecture. With Intune, we can manage our entire device fleet from a single platform. This enables us to enforce compliance policies. Intune verifies if devices meet our organization's security standards. We can implement zero-trust access control. Non-compliant devices are blocked from accessing company resources. Secure devices are granted access. Intune helps consolidate security management. It simplifies device security by offering features like compliance checks, security posture assessments, and configuration management - all in one place. Finally, Intune reduces management overhead: Intune streamlines device management by eliminating the need for multiple tools for tasks like patching and application deployment. While it may not offer the full functionality of specialized tools, it provides a comprehensive solution for core device security and configuration needs.

Intune offers comprehensive visibility and IT control over devices across various platforms. This allows for remote management, although integration with additional solutions or configuration might be necessary in some cases. However, Intune provides a single point of control for all our devices. Key functionalities include remote device control. We can manage devices remotely and trigger various actions. As well as advanced features to locate devices, enforce data synchronization, and more. It's important to note that certain advanced functionalities, like admin-level remote control, require device approval and may not be as robust as solutions offered by competitors, such as TeamViewer. Additionally, to access features like privileged email access, privileged device management, and advanced remote assistance, additional licensing is required, resulting in increased costs.

For users, Intune offers a seamless experience. Once their devices are enrolled, they typically don't need to do anything further. This is especially true for end users. For administrators, Intune is also an easy-to-use solution. Being cloud-based, it's accessible from a web portal just like any other SaaS application. The company portal experience is straightforward. Once users understand the basics, they can easily check device compliance and install applications. Overall, the user experience is very positive. However, device enrollment might require some training. Not everyone is comfortable managing their devices themselves. Even though the enrollment process is fairly simple and intuitive, some user training and change management might be necessary, especially for mobile device management in Intune. This is because multi-factor authentication is sometimes required to enroll devices, and some users may need help understanding and completing this step.

It provides a centralized solution for viewing all our devices. It also simplifies enrollment for Windows devices. Once we enable automatic enrollment for on-premises devices or upon user sign-in to company applications, enrollment can be seamlessly done through mobile devices. The most significant benefit is undoubtedly patching. Intune automates the process of keeping devices updated with the latest Windows updates and feature updates. This significantly reduces administrative overhead. After setting up the policies, we can be confident that updates are being applied without needing to constantly monitor them. Intune also offers improved visibility into device compliance. Unlike traditional Group Policies, which may only show successful application but not actual implementation, Intune displays the real-time status of enforced policies on each device. This allows us to see if features like BitLocker encryption or security restrictions are truly active, providing greater confidence in our device security posture. In essence, Intune offers a significant improvement in terms of device visibility and configuration management.

Intune's device compliance policies offer organizations valuable visibility into device settings. This includes essential requirements like BitLocker password complexity and minimum Windows or OS versions. Additionally, these policies allow for the deployment of custom compliance settings. This lets us measure compliance against any specific criteria. For example, one of my clients uses Intune to verify if CrowdStrike is running on the required version and if devices have downloaded the latest updates. By ensuring compliance, we can be confident that devices are secure against the latest vulnerabilities and security risks. This provides an extra layer of assurance. When used in conjunction with conditional access, Intune can block non-compliant devices. This guarantees that only compliant devices can access our organization's resources and applications. From a security standpoint, this offers significant peace of mind.

Application deployment in Intune offers several features that streamline the process. These features include applicability rules. We can deploy applications only to devices that meet specific criteria, such as operating system version or name. This ensures users receive the applications they need and avoids unnecessary installations. Device filtering allows us to exclude devices that don't require the application, further optimizing deployment efficiency. While Windows Win32 applications require packaging, the process is straightforward. Although automation would be ideal, packaging becomes easier with practice. Microsoft could potentially improve Intune by allowing seamless import of SCCM application packages. This would eliminate the need for repackaging and streamline migration. Overall, Intune simplifies application deployment for administrators. Features like self-service installation through the company portal empower users and reduce administrative burden. Packaging requirements vary depending on the application type. Standard applications like Office 365 are straightforward to deploy. Additionally, Intune integrates directly with app stores for iOS and Android apps, eliminating the need for manual packaging for these platforms.

Intune excels at securing hybrid work environments and protecting data on both company-owned and BYODs. It allows for selective wiping of company data from these devices without affecting personal information. However, for data downloaded from company applications like OneDrive, additional security policies might be necessary to ensure its security on downloaded devices, especially BYODs. The good news is that Intune allows the management of BYODs, enabling the deployment of settings, configurations, and security measures to assess the device's security posture. Notably, it's very easy to deploy for BYODs with its mobile application management for iOS and Android. For securing data within applications on Windows devices, Microsoft's Windows Information Protection capabilities seem to have been replaced. There's now a category requirement, likely used to secure data accessed through the Edge browser on privileged devices. This ensures data remains secure when users access it through Edge. It's important to note that some aspects of data security on BYODs might require additional configuration to guarantee complete protection.

Microsoft security signals identify the settings configurations we need to enforce on the devices. Then, it's up to organizations to deploy those settings or configurations. So, it's a good thing. It helps us understand what additional security we need to enable on the devices. Microsoft signals do help us do that, but it may not be enough. We might have various other compliance requirements that not everything would be covered under Microsoft signals, I believe.

Intune's endpoint privilege management is a valuable feature. It allows granting privileges to specific applications instead of giving local admin rights to users or entire devices. This can improve security by minimizing the attack surface. While EPM requires an additional license, it's a worthwhile consideration for many organizations. I've experimented with it in a lab setting, but we haven't deployed it for production use yet.

It has significantly boosted our IT department's productivity by automating many tasks. For instance, we no longer need to create custom images with Autopilot; we can simply deploy application settings configurations. Additionally, Intune seamlessly handles Windows updates and feature updates once they're configured. It's a set-and-forget system. Application deployment is also significantly simplified, saving admins valuable time. Overall, Intune improves IT productivity and empowers users with self-service features. Once trained, users can handle tasks like application installation, device compliance checks, and remediation actions for non-compliant devices.

While Intune isn't designed to identify security breaches directly like Defender does, it plays a crucial role in minimizing our attack surface. This is achieved by deploying the latest updates, configurations, and endpoint security policies. In my experience, Intune has significantly improved our overall security posture by reducing vulnerabilities, but it's not a replacement for breach detection tools.

Intune helps save costs by consolidating multiple endpoint management solutions. For instance, we might have separate solutions for iOS devices, Android devices, and Mac devices. By bringing everything together into a single solution with Intune, we can save on both platform licensing costs and administrative costs. Additionally, Intune reduces the need for additional per-device licensing fees that may have been incurred with separate solutions.

The user interface is well-designed and easy to navigate. It has a simple and well-structured layout, which makes it a pleasure to use. I'm very happy with the overall experience of the Intune portal. They also seem to be continuously improving it, with updates made on a monthly basis.

It streamlined our mobile device management by allowing us to manage both iOS and Windows devices under a single solution. This consolidation reduced the number of consoles and overall management tools required.

The integration of Microsoft Intune with Microsoft 365 and Microsoft Defender for Cloud strengthens cloud management and support for hybrid environments. This unified approach bridges the gap between cloud-based and on-premises device management, allowing organizations to leverage existing infrastructure while transitioning to cloud solutions.

One of the biggest advantages is that it brings the management of Windows, macOS, iOS, Android, and even Linux under a single pane of glass. This means we can manage all our devices from one central location.

A particular advantage is its tight integration for managing Windows devices. Since Intune is a native Microsoft product, it offers a more comprehensive and streamlined experience compared to many third-party solutions.

For mobile device management, Intune includes all the capabilities and features we'd expect from other vendors. However, it goes a step further by allowing us to secure Office 365 apps without needing full device management. This is a significant advantage when compared to other MDM solutions.

We package Win32 applications and import existing packages using solutions like SCCM or third-party tools. While Intune doesn't currently offer third-party application patching, we rely on third-party solutions for that functionality.

A new Intune feature - Enterprise App management allows to deploy Microsoft and Third party apps and keep them up to date but it incurs additional licensing costs. Ideally, this feature should be included in the base license. Similarly, the privilege endpoint management feature also requires additional licensing.

Intune would benefit from offering some core features at no extra cost. The most valuable improvement, in my experience, would be the ability to identify inactive devices through reports. Customizable reporting capabilities within Intune would simplify overall management and allow us to track device activity and inactivity more effectively.

I have been using Microsoft Intune for over 10 years.

Microsoft Intune is an extremely stable product with a small amount of glitches over the years.

I would rate the stability 10 out of 10. 

Intune is cloud-based and therefore highly scalable. I have clients with over 40,000 devices.

The quality of Microsoft's technical support varies based on the level we have. Premium support offers faster escalation for complex issues, while basic support may have longer wait times for a response. However, there's a strong online community around Microsoft Intune. Searching questions online through Google can often lead us to solutions from this community.

Neutral

I have used Jamf, Microsoft Configuration Manager, Altiris Symantec Endpoint Management Suite, and Cisco Meraki Systems Manager. Microsoft is considered a leader in endpoint management solutions. While Jamf excels in specific areas, Microsoft Intune is generally recognized as the market leader due to its comprehensive capabilities. Intune also integrates seamlessly with other solutions such as compliance checks, conditional access policies, and mobile application management. Microsoft Intune offers several advantages over competitors, providing a comprehensive suite of mobile device management capabilities.

The time it takes to implement Intune depends on two factors: the features we want to enable and the size of our organization. Enabling basic management features for common devices like iOS, Android, Mac, and Windows typically takes one to two weeks. This includes enrolling devices and setting up core functionalities. For a full Intune implementation with all its capabilities, the timeline can vary depending on the organization's size. However, simply enrolling devices and exploring basic features can be done in a couple of days.

While the step-by-step guided scenarios make the initial deployment process easier, it still requires familiarity with Intune and some experience using it.

It is available for individual purchase at a low per-device cost. However, it's also included as part of the Microsoft 365 suite license. Additionally, Intune offers various tiers with advanced features at an extra cost.

I would rate Microsoft Intune 9 out of 10.

We have around 20,000 users on Intune and 4 people who work directly with it.

Intune requires annual maintenance to renew push certificates and tokens for business managers. For Windows devices, we might also need to deploy the latest application. Additionally, it's recommended to periodically review devices that are inactive, outdated, or haven't reported to Intune for a set amount of time. While Intune offers a "set and forget" approach for initial configuration, some ongoing maintenance is necessary to ensure its smooth operation.

I recommend Microsoft Intune to others.

We use Microsoft Intune to automate the onboarding and maintenance of our customers.

Before using Microsoft Intune, we struggled with software deployment and remote device wipe capabilities.

Most of the Intune is for all the remote devices, so it's all on-prem. For cloud, it wouldn't make too much sense.

Microsoft Intune brings all our endpoint and security management tools into one place. We use both Mac and Windows devices. Having all our endpoints and management tools in one place is helpful. I have a single place to check for current status and add and remove assets.

Microsoft Intune provides full endpoint visibility and IT control across device platforms. Having full endpoint visibility and IT control across device platforms allows us to deploy and manage the systems more effectively.

Intune works well and is seamless for the users.

Intune has allowed us to standardize better.

Intune's use of Microsoft security signals has improved our security because we can now take remote action on these systems as well as have a more common deployment.

It has helped to reduce the risk of security breaches in our organization because of the standardization and single sign-on.

It has also helped us reduce the number of IT staff, saving us costs.

The Asset Management and Auto Pilot are valuable features.

One of the other features we leverage is the single sign-on that Intune facilitates.

The Mac integration has room for improvement.

I have been using Microsoft Intune for two years.

I have not had any stability issues with Microsoft Intune.

Microsoft Intune is highly scalable.

Although I have not used the technical support for Intune, I am not happy with Microsoft's technical support in general.

Negative

The initial deployment was complex until we understood the process. We went through a simple dev test and then prod methodology. 

Two to three people were required for the deployment.

We implement Intune for our customers.

For organizations that are a Microsoft shop, the pricing is compelling. To buy it outright, it's two dollars a seat, which is cheap. The price is worth it.

I would rate Microsoft Intune an eight out of ten.

We have 400 users across multiple regions internationally.

Given the evolving security landscape in the cloud, it's crucial that Intune Suite is integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices.

Maintenance is required to keep the packages up to date for any software we deploy. We have four people that deal with the maintenance.

I recommend planning and understanding how Intune will be used before deploying it.

I'm using all the services that Intune provides, including managing Windows 10 devices and mobile devices, with both the mobile application management and without enrolling the devices. I use it for deploying configuration profiles, compliance and app protection policies, as well as onboarding Windows 10 devices to the Defender portal.

I haven't used other mobile device management solutions, but compared to SCCM, we eliminate a lot of on-premises infrastructure and maintenance by using Intune.

For mobile device management, especially for the Windows operating system, it's quite impressive. But it would really be helpful to have the option to manage server operating systems as well, like Windows Server, at least. That way, we could scrap the use of SCCM, which requires a lot of on-premises infrastructure.

Another area for improvement is the reporting structure. For example, currently, when deploying Windows 10 or Windows 11 updates, I don't get any detail or structured reports showing which updates are installed on the devices. It only gives me information on whether the update policy has been successfully deployed on the device or not. That type of installed-updates detail would be helpful.

I've been working with Intune for more than four years. I'm part of a support operations team managing clients' infrastructures on Intune.

The product is very stable. If you have to think about managing devices securely, go with Intune. Although I have not used any other mobile device management solutions, Intune is very reliable and it's hardly out of service at all.

From the start of my career, I have been managing clients in Europe but Microsoft has no boundaries when it comes to using Intune. There are certain services that are restricted to specific regions, but that is not the case with Intune. It can be used in any region and with any number of users. I have managed environments with 5,000 to 10,000 devices enrolled in Intune.

If there is a service outage, that is made very clear on Microsoft's service portal in the admin center. But if an issue comes up where, for example, a policy deployed from Intune has not been received on a device, it is very difficult to evaluate whether the issue is with Intune or the device. In that scenario, Microsoft itself is confused about whether the situation has to be escalated to the desktop support team or the Intune team.

Other than that, everything is good.

Neutral

The initial deployment process is very straightforward. It's software as a service. You just buy the subscription and start using it. It's not the case that there are very complex configurations or prerequisites to start off.

It does not require any maintenance on the customer's side. Microsoft takes care of all the maintenance.

Having devices managed at scale and maintaining security posture are, of course, value-adds, in comparison with the cost our clients pay to purchase the service. It is worth it.

Microsoft offers different licensing structures. It offers standalone licensing for Intune, but Intune is also included in other licenses, such as for Microsoft 365, E3, and E5, Business Premium, and Business Standard.

There are other MDM solutions, like Workspace One from VMware, which has support for server operating systems as well. I've never used it but I did a quick comparison of the supported operating systems.