Microsoft Intune Reviews

My use case for Microsoft Intune includes managing a fleet of about close to 800 laptops and another 500 mobile phone devices like iPhones. We migrated to Microsoft Intune to control and reduce the MSP cost, as our provider was very old-fashioned. As the solution architect, I create plans to ensure cost reduction and process efficiency, particularly regarding Windows patching. 

There wasn't any visibility regarding our devices. Most of the time, we couldn't tell which devices were turned on and which weren't. This lack of clarity resulted in delays with patches, as some devices were not powered on. Overall, it was a mess. To address this issue, we centralized everything into Intune, and we've been handling the patching process since last year. Additionally, we removed Bitdefender and whatever version we were using, and we implemented BitLocker.

From Microsoft Intune, everything is automated. If you need to get the keys, it's super easy for users to obtain them, and someone from IT should also be able to access them. We use Intune because it supports a hybrid environment, allowing us to manage both on-premises devices and our cloud-based services. This means we can still utilize our Active Directory organizational units (OUs) through Microsoft Intune's policies.

Eventually, we plan to migrate everything to Microsoft Intune. However, if we acquire another company that is behind in technology, we might still leverage the traditional Active Directory approach. This would involve integrating their domain into ours, while at the same time continuing to use Microsoft Intune.

We work in the agricultural supply chain, but we prioritize technology. We have the world's fastest terminal for grain loading and unloading, located in Vancouver, Canada. We operate our own trains and are responsible for nearly 20% of Canadian grain exports.

I find Microsoft Intune most valuable for its user-friendly automation and ease of use compared to other tools. We also started using Azure Windows Update Manager for our servers. Microsoft Intune is automated, where you don't need to be an Active Directory guru to manage OUs. This ease has significantly improved our patching process, allowing users to have options on whether they want to receive updates immediately or delay them, which enhances user experience compared to when we used other tools that forced reboots during meetings. With these improvements, I estimate we've reduced our patching costs by over $100,000 a month, as the MSP previously had to troubleshoot various issues manually.

To improve Microsoft Intune, I suggest enhancing reporting capabilities, including better visualization and more export options for deeper analysis. Integrating Power BI reports would be beneficial, as it currently requires manual API interaction rather than having straightforward pre-built reports.

I have been using Microsoft Intune for about two years now.

I have an issue with my MSP who is providing Azure service and other things. I used to work at ExxonMobil, where when you called or sent an email, you would receive a response within an hour. However, with Microsoft, it takes a lot longer, and I’m not getting quick resolutions. Sometimes, I find myself bouncing around between different support groups. I believe that for smaller clients, there should be a special support system in place.

Neutral

We were previously using McAfee for security. At that time, we didn’t have Microsoft Intune. After we transitioned to Microsoft Intune, we used it to encrypt our devices. As a result, we removed Bitdefender, which was the McAfee equivalent, and started using the Microsoft version instead.

I was involved in the initial setup and deployment of Microsoft Intune. It depends significantly on how the initial Active Directory was configured, and we faced considerable challenges during the registration of a hybrid setup, as hybrid configurations are complex. While cloud setups are easier, hybrid is more cumbersome. It requires knowledgeable consultants or an adept IT team familiar with all features and registrations. Through three months of trial and error, we reached a setup that works for us.

We have a cloud engineer. We also have some analysts, so about four or five people were involved.

With these improvements, I estimate we've reduced our patching costs by over $100,000 a month, as the MSP previously had to troubleshoot various issues manually.

I've heard that they might take it away from the E3 license and charge us separately. I'm not sure if it's true or not. My E3 license covers Microsoft Intune, so I think we're good.

Microsoft Intune does not yet bring all endpoint and security management tools into one place as we are still integrating everything. We haven't yet started using Microsoft Endpoint Protection and are still relying on other tools such as Tenable.

The user experience with Microsoft Intune has improved significantly over time. When I started, there was a learning curve, but I find Microsoft to be consistently better than other vendors. I might be biased as I'm essentially a Microsoft shop being a Microsoft certified solution architect with six different certifications from Microsoft.

Using Microsoft Intune alongside Microsoft Office and integrating tools via Graph API allows for seamless extension within the Microsoft ecosystem, while integrating third-party tools can complicate management. My experience with Enterprise Application Management in Microsoft Intune includes managing some applications, although we haven't yet started with dashboards to show downloadable applications.

We use Microsoft Intune to manage Windows 11 upgrades, which proceed smoothly. With Microsoft Intune, I am managing devices, including mobile devices such as iPhones, but I plan to incorporate security endpoints soon, possibly next year. We conducted Windows 11 upgrades recently since the deadline for Windows 10 licensing is approaching. This project initiated last year with the focus on drive encryption, followed by transitioning rules from OU to Intune, and we are now proceeding with Windows upgrades.

We use the cloud interface of Microsoft Intune only, without utilizing any SDKs yet. 

I would advise adopting Microsoft Intune as soon as possible. It's crucial to manage a multitude of devices since efficient patching is essential for security. Outdated devices pose vulnerabilities for hackers. Microsoft Intune is a leading tool in this regard, as it passively pushes updates with minimal user intervention.

We currently have only our managers utilizing Co-pilot in Microsoft Intune by activating it specifically for them. I am familiar with Co-pilot, and I am also a manager. I have heard that the licensing for Microsoft Intune may be separated from the E3 license. Currently, I believe that my E3 license covers Microsoft Intune, enabling us to operate without concerns.

I would rate Microsoft Intune a nine out of ten.

We primarily use Microsoft Intune for managing laptops, cell phones, and mobile devices. We aim to have control over corporate data when it is on personal or company-owned devices. This control is crucial for ensuring data protection, especially when a device is lost or goes missing.

Microsoft Intune helps us avoid issuing everyone company-owned devices. We provide a stipend, allowing users to bring their own devices. This approach gives us leverage against other MSPs. It also enhances collaboration because clients already covered by specific licensing can optimize their usage of Microsoft Intune.

Intune's integration with Microsoft 365 is exceptional. It allows a cohesive management experience for users, especially for a small MSP like ours. The automated deployment and configuration using Autopilot and the ability to secure data on lost devices are particularly helpful features.

The solution's user experience is so simple I can give a two-page PDF on how to enroll a cell phone or device, and they can follow it. Automatic enrollments help us migrate large numbers of users.  We take it slowly with them, but they are surprised at how easy it is to enroll a device.

We're still preparing to turn on Copilot in our environment for testing, but we need to sort our security more. We're doing a demo of Copilot, and we're checking out the features. We use another tool to pull the device data, but having everything in a single pane of glass makes more sense. We have to pull this information from four windows now, so having everything in one place is simpler.  

Training will be much easier for us than training someone on 20 different. Giving someone a few videos and having them start going through it will be more straightforward. I'm excited to see the growth of Copilot with Intune.

I would like Intune to natively support easier report generation. This improvement would enable less experienced staff to run reports more efficiently without relying on additional tools or functions.

We have been using Microsoft Intune for at least six years.

Microsoft Intune is reliable. Devices do not frequently go offline, and any connectivity issues usually stem from the user's side, such as a device being turned off.

Microsoft Intune allows us to scale device management efficiently. The system is easy for both technical and non-technical users to navigate, supporting a wide range of devices without complications.

I rate Microsoft customer service six out of 10. While some technicians go above and beyond, there is inconsistency, and connecting with the most helpful representatives is occasionally challenging.

Neutral

We initially used AirWatch for mobile device management before Intune matured. Eventually, Intune’s integration with Microsoft 365 became advantageous, allowing us to consolidate systems and migrate clients using alternative solutions back to Intune.

The setup, especially for mobile devices, has become entirely automated. Devices sync with accounts like Apple Business Manager or Samsung Knox, eliminating the need for hands-on configuration. From there, you can deploy everything by device or user login. 

Before, we used to bring them into our office. We would configure it and ship it out. We now pushed that back to the client and someone in charge of cell phone policy. Once they're powered on and signed in, everything else is taken care of.

We consulted Pax8, our partner, during the implementation for insights on licensing and Intune integration. Their support, coupled with information from Microsoft Ignite, helped address hybrid enrollment challenges.

We've seen a positive return on investment. The ease of use, along with automated features, proved beneficial when handling lost devices. A client successfully restored their wiped iPad and laptop, showcasing the system's efficiency.

Our company uses a flat rate model called stress-free IT. This model aligns with the necessary licensing, making it easy to cover features like Intune and conditional access, which are integral to our service offering.

We evaluated AirWatch (VMware AirWatch) and other mobile device management solutions before consolidating our clients under Intune due to its superior integration with Microsoft 365.

I rate Microsoft Intune nine out of 10. 

We use Microsoft Intune as an MDM solution for all of our Windows laptops and some of our company mobile phones. This serves as an endpoint solution we use so we can control the users' laptops or phones and have access to things on their devices.

Without Microsoft Intune, there would be a lot of cybersecurity attacks happening. We need to use Microsoft Intune so we know which devices can access all of our company resources. If they don't have Microsoft Intune, we automatically deny them from accessing company-sensitive information, so it serves as a layer to protect all of our assets.

I appreciate how easy it is to deploy certificates to end users to get control over their device with Microsoft Intune; that's what Microsoft Intune is known for, and that's what we use them for.

The user experience of Microsoft Intune is pretty easy. Initially, the user has to download a certificate, so when we first give them a certificate to download, they download it on their side, and once they verify themselves, we have access to their phone or laptop, which works pretty effectively.

We are using Microsoft Copilot with Microsoft Intune. Microsoft Copilot helps us with the deployment of Microsoft Intune. Previously, things were more difficult to manage, especially when certificates expire, as they need to be pushed out every year. Sometimes we forgot that, and then people's laptops stop working, so Microsoft Copilot helps us stay on track.

Microsoft Copilot is equally as important as Intune. The go hand in hand as it works in conjunction with Microsoft Intune to affect the deployment process.

Microsoft Intune can be improved by making it even more seamless for users to download their certificates. Currently, we have to push it out to their laptop and they have to do some work on their end, but if we could integrate it so it's seamlessly done and the end user doesn't even know that Microsoft Intune is on their laptop and it's just naturally there, that would be even better. This is especially true for Apple devices, such as Apple phones, where you have to push it out and the user has to accept or deny whether Microsoft Intune can have access to these applications. If it were easier for us to do it automatically without getting permission, that would be beneficial, but in today's environment, we have to get permission to access data.

To make it a perfect ten, it would be helpful if there was a better way to troubleshoot user issues, as I've had a few users with corrupt files before and had to redeploy it without knowing the root cause.

We have been using Microsoft Intune for eight years.

I would rate Microsoft Intune a nine out of ten for stability and reliability. We've never really had any issues with it in the past, and if we have, it's maybe one or two random people where their certificate is corrupt or something's wrong, so we just need to go back and redeploy it, which is not really a significant issue.

Microsoft Intune scales very effectively with our growing needs. The only requirement is more licenses, so once we get more licenses, we're able to deploy them more quickly.

I haven't needed to contact customer service or technical support, which is a good sign. Since I haven't had to use them, I have no experience with their quality of service.

Positive

We did not use a different solution. We started with Intune.

My experience with the deployment of Microsoft Intune was good. Initially, I didn't know much about it, so I had to review all the documentation, complete training, and watch videos to get familiar. Once I got a grasp of things, I tested it on my phone and laptop, and when it worked, I felt comfortable deploying it to more people. I eventually deployed it to about 7,000 machines as it scaled up.

The biggest return on investment for using Microsoft Intune comes down to protecting security. We are protecting all of our assets and using it as an endpoint MDM solution, which fulfills our needs.

Microsoft Intune costs about $7 per user per month, which is somewhat on the pricier end. That said, it's a reliable product, so it's fair. If it were less expensive, we would be able to roll it out to more people, so it's definitely something we're considering.

We use Microsoft Intune for Windows products and Jamf for Apple Mac products. I'm not sure if Microsoft Intune works for Macs. If they do, that's something we'd be interested in exploring.

I prefer Microsoft Intune because Jamf is not the most reliable solution based on my personal experience.

We do not use Microsoft Intune Suite's cloud PKI.

We also do not use the Enterprise Application Management features of Microsoft Intune Suite.

I haven't examined the Advanced Endpoint Analytics in the Microsoft Intune Suite yet. That said, we do have it; I just haven't had the opportunity to review it.

I rate Microsoft Intune a nine out of ten.

The primary use case is endpoint management.

The organization I'm with now is pushing towards cloud management. They want to move away from on-prem and hybrid to pure cloud.

We use some security management through Intune, but we have another product for that.

We were using a different product to manage machines. I had a lot of different organizations I was managing. I started seeing the benefits of machine level or the cloud management through Intune as we started pushing it to clients that were using the proper licensing, like 365 Premium. The management aspects of that were fantastic compared to what they had or didn't have at that point. So it was a pretty immediate benefit in using Intune.

The biggest asset is the range of device management options available with Intune, whether it is a Windows device, a Linux device, a Mac device, or mobile devices. There are numerous options available. Within Windows devices, the depth of management is very nice.

I grab the logs through the events in Intune. We do some of the security through there, but we're evaluating whether to migrate wholly into the Microsoft ecosystem for security or keep it separate.

We do manage some applications through Intune. I think they make that very simplistic and easy to maintain.

I only have under 400 endpoints that I'm managing right now with this organization. The reporting aspect of it has been very nice because I've been able to keep an eye on devices that may or may not be functioning properly. I need to explore some of that automation deeper.

We use Cloud PKI extensively for deploying certificates.

There are a lot of great functions that have been implemented, especially conditional access and zero trust. Intune really does nail that quite well.

We're more productive with Intune. The management of devices makes it a lot easier, and it's faster to deploy devices with Autopilot.

Intune helped us to consolidate vendors, which is helping reduce attack surface.

The reporting dashboard is really limited. You have to use something like Power BI and Graph to get better reporting. I wish they would implement new dashboards and widgets for the dashboard in Intune. The report updating period is very slow, taking upwards of over an hour to confirm if a policy is deployed after check-in.

The user experience is good. There are a few things that I wish could be tweaked. Whereas with other management systems like Jamf and JumpCloud, you can set the check-in interval times so you can push policy faster. We don't have that option with Intune, so I think that's the biggest failing so far. It can take a while for policies to push out to users.

I have been using Intune for about three years now.

Very rarely have I seen it crash, maybe twice. However, if Intune is not available, the 365 environment might not be available, causing a major ordeal.

Customer service used to be better. In the last couple of years, support has not been very good, even with Premier and Premium support. It's been very hit-or-miss. However, when you get a knowledgeable support engineer, they are very good and helpful.

Neutral

I've used Jamf, JumpCloud, Mosyle 360, and Automate. I switched when I started to see the benefits of machine-level or cloud management through Intune.

Intune from zero has a learning curve, however, it's not overly difficult. It's important to have a basic understanding of what you're doing.

I've set up environments by myself. It's better to have a small team to verify policies and come up with solutions.

I know what's included in 365 Premium offering, and it's a good deal. On an enterprise level, they break out features I'd really want, which complicates access. It is a good value, especially for smaller organizations.

I've used Jamf, JumpCloud, Mosyle 360, and Automate in the past.

Make sure you have a test environment or test devices. Don't push a policy out to all devices unless you absolutely understand what it's going to do.

My advice to someone considering Intune is that if they're already using 365 products, then this is a great system to lean on and to deploy to your organization. If you're in another organization's ecosystem, like Google or Amazon, then I may not necessarily think it would be the best option.

We use it for Android device management. We also work with Autopilot configuration and application deployment. We use Microsoft Intune for WiFi profile deployment and zero-touch migration from Windows 10 to Windows 11.

I used Microsoft Copilot with an Excel file containing more than 2,000 workstations with many models. For just the Lenovo manufacturer, we have 20 models. I uploaded this file to Copilot so it could indicate if a model and workstation were compatible with Windows 11 or Windows 10. We deploy many applications with the enterprise. In Tunisia, we have laws that prevent uploading documents or sensitive data to Microsoft Copilot, which creates restrictions on its use. 

The most valuable feature is that we can manage workstations or Android devices remotely without needing the device to be connected to our local network. This means even if users are on vacation or working from home, we can control it and deploy applications, deploy all features with Microsoft Intune.

The enterprise application deployment is another key feature. We have deployed many applications. Our last project was with our minister of education where there were more than 20,000 new devices that we needed to manage for education. We have many applications that students work with on a daily basis, so we use the enterprise application for deployment of all those packages and software. It helps save manual work.

Microsoft Intune is not as fast and extensive as traditional solutions such as SCCM and others. In SCCM, which is another Microsoft product, there are many logs that we can detect and monitor the deployment of the image, software, and inventory. In Microsoft Intune, there is significant slowness, and there needs to be more logs when we deploy software, parameters, or scripts to troubleshoot problems and errors in the interface, workstations, and Android devices.

Another feature that needs improvement in Microsoft Intune is device preparation. Microsoft Intune is for management. We cannot prepare devices from scratch or bare metal.

They should optimize their licensing. They should include some features for free and the others for a price. Currently, everything comes at a cost.

Microsoft Intune also needs to improve its scenario documentation. While Microsoft articles cover basic scenarios for deployment, they don't address advanced scenarios such as massive deployment, retiring applications, or updating applications.

I have been working with this solution for more than one year.

The solution is stable without any problems with stability or availability. The portal is always ready for configuration when accessed. The only issue is the slowness previously mentioned. When deploying a strategy from Microsoft Intune, sometimes it takes one to two hours to show that the strategy is deployed on the device.

It's scalable. We just need to add more licenses.

There is inadequate support for Microsoft Intune, especially if the problem is on the device. When tickets are opened regarding device problems rather than portal or configuration issues, the support becomes slower and takes considerable time for troubleshooting. They seem to give less importance to device-related problems compared to portal or configuration issues.

Negative

It's a lot easier than the traditional solution where we had to prepare a virtual machine, SQL server, install an agent, etc. It's a SaaS. We can use it as a service. We only need to access the Intune portal, configure the base configuration with the name of the company, and configure the baseline. It's very simple. The only problem is that there is slowness and no place to find logs to identify where the problem is. It is hard to identify if it's in the workstation or the configuration that I made in Microsoft Intune. 

For the basic configuration, it takes approximately one to two days.

It's a part of Microsoft 365 and E5 licenses.

Microsoft's strategy of making every feature in Microsoft Intune paid needs optimization. Remote control is one of the basic features, not a luxury feature, yet we must pay for it. It should be free as users cannot use a solution to deploy configuration and applications without being able to assist users. Even for Android devices, remote control requires purchasing the remote help add-on.

I would rate Microsoft Intune a six out of ten. As a modern workplace consultant, I see everything moving forward to the cloud. However, many features in legacy solutions cannot be migrated suddenly to Microsoft Intune. It needs to be more reliable with better support for full cloud migration.

We are a Dutch MSP delivering modern workplace solutions for all of our clients. We create tailor-made workspace environments for them.

It helps us to transform IT environments of our customers from on-premises to the cloud, focusing on both Azure and the modern workplace.

Windows Autopatch is the most valuable because it removes the burden of patch management. Intune's user experience is pretty smooth. The endpoint analytics works well if you know how to use it as a guess. Microsoft includes a little more added value by default. It's a great source of information. 

Intune should improve its software inventory to provide better metering of which software is used throughout the company. This is especially needed for reporting third-party software solutions.

I have been using Intune since 2017 or 2018.

Intune's stability is good and has improved a lot over the last year.

Scalability works well. It supports organizations with 200 endpoints and those with more than 15,000 endpoints.

I rate Microsoft support eight out of 10. Customer service is pretty good, partly because we have a contract with Microsoft. Transparency is good.

Positive

We used Active Directory group policies and ConfigMgr in the traditional way. However, most of our clients are already on Microsoft 365 Business Premium or the enterprise E3 or E5 stack, so it doesn't make much sense to use solutions from different vendors.

We are a reseller.

One of our clients migrated the model workplace based on Intune, achieving a 78 percent cost reduction, which is quite a lot. Even with the projects around it, they still gain cost benefits in the first year.

It's cost-effective because Intune is included in the E3 and E5 licenses. It's smart because it helps Microsoft sell the license.

I rate Microsoft Intune eight out of 10. There's always room for development.

Microsoft Intune has been used in organizations ranging from US entities to Indian companies, with onboarding of systems in numbers ranging from 300 to over 7,000. We migrated from on-premise Active Directory to Microsoft Intune during COVID for remote work support.

As a user, I believe that Microsoft Intune is a superior tool that addresses many issues compared to previous methods, such as using a local Active Directory. As an administrator, I have a broader view of the system, allowing me to monitor whether users are online or offline, track their last activity, and manage various aspects effectively. This is a significant improvement over older methods, where we often had to inform users that certain activities were not approved due to insufficient access levels.

Microsoft Intune streamlines remote system access and management without a physical environment. I started my career in Active Directory configuration and Group Policy. In those roles, we provided systems to end users. When users went home and encountered issues such as password changes or other policy problems, troubleshooting those issues became quite challenging without physical access to the systems. However, using Azure and Intune has helped us resolve most of these issues. With these tools, we no longer need a physical infrastructure to manage systems, as we can push policies remotely and maintain control over the devices. This capability is a significant advantage of the cloud environment, as it allows us to streamline processes and provide remote access without reliance on physical setups.

Additionally, Microsoft Intune gives us a broader perspective, enabling us to manage policies for both users and systems through cloud portals. This approach allows us to deliver solutions much more quickly than the methods we previously used.

Reporting remains an issue, with challenges in providing comprehensive reports. For instance, while we can generate detailed reports for individual users—such as examining sign-up, sign-in, or audit logs—we struggle to produce aggregate reports for the organization. For example, if a user encounters issues logging into the system, we can monitor that specific case and provide detailed information. However, if the organization wants to know about multiple users experiencing problems with multi-factor authentication (MFA), we cannot compile a comprehensive report that highlights how many users faced this issue or identify the overall cause, such as a policy change. This limitation in Microsoft Intune is a significant drawback; we cannot produce overall reports on an organizational level. 

Another issue is that when configuring and deploying Microsoft Intune, some processes experience delays due to the cloud environment or other structural elements like the local area network and internet dependencies. I believe that if Microsoft Intune could operate through both agent-based and non-agent-based approaches, it would improve communication between cloud services and local systems. For example, the policies could first be downloaded to local systems, and once everything is ready, the deployment could occur. Currently, with Windows updates, we have control over when to deploy them, and we can see the status of the deployment, whether successful or failed. A more effective approach would be to allow for manual deployment initiation rather than automatic triggers. By implementing this, we could validate that the updates are properly downloaded and available on the local systems before proceeding with deployment. This streamlined process would enhance our ability to manage updates effectively.

Pricing can be challenging for startups or smaller companies. While larger companies have budgets for cybersecurity, smaller ones may struggle with recurring costs of cloud-based solutions like Microsoft Intune.

I have been using Microsoft Intune for five to six years.

We haven't encountered any specific session outages or similar issues, but one drawback of this cloud environment is that we cannot accurately inform the end-user or management about when the exact policy will be applied and when the results will be visible. The nature of cloud deployment means that the rethinking process can take about 30 to 45 minutes, and in some cases, it can take a few days, as we've experienced.

Regarding scalability, there are no issues. We successfully scaled from 4,000 to over 10,000 employees without major changes. I don't foresee any significant issues in this regard.

While we encountered some initial problems during the early days of deployment, the frequency of these issues has decreased. Most troubleshooting can now be handled on our end. I would rate them an eight out of ten.

Positive

We previously managed 4,000 to 6,000 systems globally using Active Directory before migrating to Microsoft Intune during COVID.

The initial deployment and installation are quite comparable to other tools, but it offers more flexibility, especially since most systems operate on Windows. While the deployment or configuration might take a few days, once we finalize the planning phase, the onboarding process becomes much smoother. We can effectively onboard the system with or without user assistance. A significant advantage is that we can complete migrations remotely, minimizing user dependency. For context, we previously used Active Directory to manage 4,000 to 6,000 systems globally. We migrated to Microsoft Intune and other security solutions during the COVID-19 pandemic, when many organizations transitioned to remote work. During that time, we began the migration process, which included transferring user profiles. Typically, it took about 38 to 45 minutes to migrate a system from on-premises Active Directory to cloud-based Intune, assuming the user had minimal data in their profile. If the profile contained more data, the migration time could vary, but the average was still around 45 minutes for one system.

Regarding maintenance, while new deployments may not require a specialized person on-site, ongoing security improvements or updates to organizational policies need to be handled carefully. These adjustments are not something that a Level 1 engineer can manage alone. Proper planning and execution by specialized engineers are essential to implement these changes effectively.

On the pricing side, the cost for tools like Microsoft Intune can be challenging for early-stage companies that cannot afford such expenses. For smaller companies, the comparison often leads them to choose a local Active Directory, as it involves a one-time cost for purchasing and configuring servers. With Windows Server's built-in Active Directory feature, there are no additional costs for customizing policies. In contrast, Intune is a cloud-based solution that requires a recurring monthly payment. Moreover, the price increases with every additional endpoint, which wasn't the case before.

This cost structure could pose challenges for startups that are struggling financially. However, companies aiming for a fully secure environment and those with a dedicated cybersecurity budget can plan to implement Intune effectively. In summary, I would say that Microsoft Intune is the best product for established companies. It can be quite difficult for new companies without a cybersecurity budget to manage the associated costs.

I would rate Microsoft Intune a ten out of ten.

Microsoft Intune is a comprehensive solution for mobile application management and mobile device management, securing various endpoints like Windows, Android, and Apple devices. It excels in managing BYOD scenarios, employing work profiles to segregate personal and company data, and ensuring device configuration and compliance with company policies.

Intune provides a centralized management solution, although its suitability depends on specific needs and comparisons with alternatives like Jamf, Kandji, or ManageEngine. Overall, Intune is a sufficient solution for general use cases requiring essential device management and data security.

The Intune Analytics section is quite useful, especially for Windows upgrades on remote devices. We frequently utilize it to assess compliance and gather analytics on upgradable devices, including TPM and Secure Boot support, and memory capacity. This allows us to identify devices that meet the requirements for Windows 11 and proceed with deployment accordingly. It's particularly valuable for managing Windows 10 to Windows 11 upgrade scenarios.

Copilot for Microsoft 365 is a valuable tool that I use daily for creating proposals, summarizing Teams meetings, and generating content in Word and PowerPoint. It's even helpful in Outlook on occasion. Additionally, both Bing Enterprise and the standard Copilot in Edge are particularly useful when integrated with Customer Data Protection. This integration allows Copilot to securely access company data, including emails, presentations, and documents, to provide relevant recommendations and answers to queries.

Intune secures Bring Your Own Devices through network access management and work profiles, separating personal and company data. Additionally, it utilizes Defender for Endpoint for device security and facilitates deployment. Features like cloud app security, Microsoft Purview, and data loss prevention further enhance security and compliance, depending on the Microsoft 365 package, protecting both devices and data.

Privilege Access Management sits mostly on Entra ID and is deployed through Intune.

The primary challenge lies in managing employee devices, particularly differentiating between personal and corporate devices. Personal devices often face pushback against deploying security measures, while corporate-owned devices can be managed more securely and effectively. For instance, if a corporate device is lost or stolen, Intune enables remote wiping to protect company data.

Intune has helped in integrating Windows Update for Business to ensure machines are compliant. It provides functionality for workflow management on devices and separating company data from personal data. It is also used for deploying security and compliance capabilities depending on the Office 365 package used.

I find Microsoft Intune valuable primarily for its Windows management capabilities, along with its Android Enterprise and Apple device management for mobile devices. The mobile application management features enable BYOD support and work profiles on personal phones, enhancing security and control. Additionally, Intune excels in configuration and compliance management for Windows 10, ensuring devices receive timely updates and adhere to organizational standards.

While Intune effectively handles basic functionalities such as device management, data separation, and updates, it may present challenges with update times and limited advanced features.

Intune is not the most user-friendly mobile device management platform available. Compared to Jamf, AirWatch, or VMware Workspace ONE, it is not as intuitive or easy to navigate. 

The primary challenge with Intune's enterprise application management feature is its focus on the Microsoft application stack. This limitation makes managing third-party applications difficult, as there is no centralized store or streamlined process for batch operations. Intune lacks the robust support for third-party applications.

Microsoft frequently changes its offerings, so features previously included in Intune might now require Intune Suite. For example, managing device certificates, once an Intune feature, now requires this separate package. Essentially, Microsoft releases new features but places them in Intune Suite, requiring an additional purchase for functionality we might expect in the standard Intune license. This ever-evolving strategy means staying current with Intune can become costly.

I have been using Microsoft Intune for almost five years.

Microsoft's product support can be inadequate, with slow response times and unsatisfactory resolutions impacting the overall user experience. This contrasts with Jamf's support, which is generally perceived as superior due to its responsiveness and effectiveness.

Neutral

Microsoft Intune's costliness stems from licensing fees and the overhead associated with its management, user experience, and device remediation. While its licensing costs are high, the platform's limitations in manageability and user experience customization further contribute to the overall expense. Unlike Jamf, which offers greater flexibility and remedial capabilities, Intune's intrusive, yes or no approach limits user customization and potentially increases support needs. Therefore, determining Intune's true cost of ownership is subjective and depends on how these factors are measured.

I have evaluated Jamf, Kandji, ManageEngine, and VMWare Workspace ONE.

I would rate Microsoft Intune a six out of ten. Its management is not user-friendly, and device additions can take up to 24 hours to synchronize, unlike Jamf, which updates within 15 minutes. This delay is problematic for immediate remediation actions, such as removing harmful content or addressing device exposure, where a 24-hour wait is unacceptable.

It is advisable to prepare for the complexities of Intune and consider Jamf for better support and manageability if working alone. If you plan to use Microsoft Intune, be prepared for manageability and potential delays in changes and support responses.