Microsoft Intune Reviews

We are a Dutch MSP delivering modern workplace solutions for all of our clients. We create tailor-made workspace environments for them.

It helps us to transform IT environments of our customers from on-premises to the cloud, focusing on both Azure and the modern workplace.

Windows Autopatch is the most valuable because it removes the burden of patch management. Intune's user experience is pretty smooth. The endpoint analytics works well if you know how to use it as a guess. Microsoft includes a little more added value by default. It's a great source of information. 

Intune should improve its software inventory to provide better metering of which software is used throughout the company. This is especially needed for reporting third-party software solutions.

I have been using Intune since 2017 or 2018.

Intune's stability is good and has improved a lot over the last year.

Scalability works well. It supports organizations with 200 endpoints and those with more than 15,000 endpoints.

I rate Microsoft support eight out of 10. Customer service is pretty good, partly because we have a contract with Microsoft. Transparency is good.

Positive

We used Active Directory group policies and ConfigMgr in the traditional way. However, most of our clients are already on Microsoft 365 Business Premium or the enterprise E3 or E5 stack, so it doesn't make much sense to use solutions from different vendors.

We are a reseller.

One of our clients migrated the model workplace based on Intune, achieving a 78 percent cost reduction, which is quite a lot. Even with the projects around it, they still gain cost benefits in the first year.

It's cost-effective because Intune is included in the E3 and E5 licenses. It's smart because it helps Microsoft sell the license.

I rate Microsoft Intune eight out of 10. There's always room for development.

Microsoft Intune has been used in organizations ranging from US entities to Indian companies, with onboarding of systems in numbers ranging from 300 to over 7,000. We migrated from on-premise Active Directory to Microsoft Intune during COVID for remote work support.

As a user, I believe that Microsoft Intune is a superior tool that addresses many issues compared to previous methods, such as using a local Active Directory. As an administrator, I have a broader view of the system, allowing me to monitor whether users are online or offline, track their last activity, and manage various aspects effectively. This is a significant improvement over older methods, where we often had to inform users that certain activities were not approved due to insufficient access levels.

Microsoft Intune streamlines remote system access and management without a physical environment. I started my career in Active Directory configuration and Group Policy. In those roles, we provided systems to end users. When users went home and encountered issues such as password changes or other policy problems, troubleshooting those issues became quite challenging without physical access to the systems. However, using Azure and Intune has helped us resolve most of these issues. With these tools, we no longer need a physical infrastructure to manage systems, as we can push policies remotely and maintain control over the devices. This capability is a significant advantage of the cloud environment, as it allows us to streamline processes and provide remote access without reliance on physical setups.

Additionally, Microsoft Intune gives us a broader perspective, enabling us to manage policies for both users and systems through cloud portals. This approach allows us to deliver solutions much more quickly than the methods we previously used.

Reporting remains an issue, with challenges in providing comprehensive reports. For instance, while we can generate detailed reports for individual users—such as examining sign-up, sign-in, or audit logs—we struggle to produce aggregate reports for the organization. For example, if a user encounters issues logging into the system, we can monitor that specific case and provide detailed information. However, if the organization wants to know about multiple users experiencing problems with multi-factor authentication (MFA), we cannot compile a comprehensive report that highlights how many users faced this issue or identify the overall cause, such as a policy change. This limitation in Microsoft Intune is a significant drawback; we cannot produce overall reports on an organizational level. 

Another issue is that when configuring and deploying Microsoft Intune, some processes experience delays due to the cloud environment or other structural elements like the local area network and internet dependencies. I believe that if Microsoft Intune could operate through both agent-based and non-agent-based approaches, it would improve communication between cloud services and local systems. For example, the policies could first be downloaded to local systems, and once everything is ready, the deployment could occur. Currently, with Windows updates, we have control over when to deploy them, and we can see the status of the deployment, whether successful or failed. A more effective approach would be to allow for manual deployment initiation rather than automatic triggers. By implementing this, we could validate that the updates are properly downloaded and available on the local systems before proceeding with deployment. This streamlined process would enhance our ability to manage updates effectively.

Pricing can be challenging for startups or smaller companies. While larger companies have budgets for cybersecurity, smaller ones may struggle with recurring costs of cloud-based solutions like Microsoft Intune.

I have been using Microsoft Intune for five to six years.

We haven't encountered any specific session outages or similar issues, but one drawback of this cloud environment is that we cannot accurately inform the end-user or management about when the exact policy will be applied and when the results will be visible. The nature of cloud deployment means that the rethinking process can take about 30 to 45 minutes, and in some cases, it can take a few days, as we've experienced.

Regarding scalability, there are no issues. We successfully scaled from 4,000 to over 10,000 employees without major changes. I don't foresee any significant issues in this regard.

While we encountered some initial problems during the early days of deployment, the frequency of these issues has decreased. Most troubleshooting can now be handled on our end. I would rate them an eight out of ten.

Positive

We previously managed 4,000 to 6,000 systems globally using Active Directory before migrating to Microsoft Intune during COVID.

The initial deployment and installation are quite comparable to other tools, but it offers more flexibility, especially since most systems operate on Windows. While the deployment or configuration might take a few days, once we finalize the planning phase, the onboarding process becomes much smoother. We can effectively onboard the system with or without user assistance. A significant advantage is that we can complete migrations remotely, minimizing user dependency. For context, we previously used Active Directory to manage 4,000 to 6,000 systems globally. We migrated to Microsoft Intune and other security solutions during the COVID-19 pandemic, when many organizations transitioned to remote work. During that time, we began the migration process, which included transferring user profiles. Typically, it took about 38 to 45 minutes to migrate a system from on-premises Active Directory to cloud-based Intune, assuming the user had minimal data in their profile. If the profile contained more data, the migration time could vary, but the average was still around 45 minutes for one system.

Regarding maintenance, while new deployments may not require a specialized person on-site, ongoing security improvements or updates to organizational policies need to be handled carefully. These adjustments are not something that a Level 1 engineer can manage alone. Proper planning and execution by specialized engineers are essential to implement these changes effectively.

On the pricing side, the cost for tools like Microsoft Intune can be challenging for early-stage companies that cannot afford such expenses. For smaller companies, the comparison often leads them to choose a local Active Directory, as it involves a one-time cost for purchasing and configuring servers. With Windows Server's built-in Active Directory feature, there are no additional costs for customizing policies. In contrast, Intune is a cloud-based solution that requires a recurring monthly payment. Moreover, the price increases with every additional endpoint, which wasn't the case before.

This cost structure could pose challenges for startups that are struggling financially. However, companies aiming for a fully secure environment and those with a dedicated cybersecurity budget can plan to implement Intune effectively. In summary, I would say that Microsoft Intune is the best product for established companies. It can be quite difficult for new companies without a cybersecurity budget to manage the associated costs.

I would rate Microsoft Intune a ten out of ten.

Microsoft Intune is a comprehensive solution for mobile application management and mobile device management, securing various endpoints like Windows, Android, and Apple devices. It excels in managing BYOD scenarios, employing work profiles to segregate personal and company data, and ensuring device configuration and compliance with company policies.

Intune provides a centralized management solution, although its suitability depends on specific needs and comparisons with alternatives like Jamf, Kandji, or ManageEngine. Overall, Intune is a sufficient solution for general use cases requiring essential device management and data security.

The Intune Analytics section is quite useful, especially for Windows upgrades on remote devices. We frequently utilize it to assess compliance and gather analytics on upgradable devices, including TPM and Secure Boot support, and memory capacity. This allows us to identify devices that meet the requirements for Windows 11 and proceed with deployment accordingly. It's particularly valuable for managing Windows 10 to Windows 11 upgrade scenarios.

Copilot for Microsoft 365 is a valuable tool that I use daily for creating proposals, summarizing Teams meetings, and generating content in Word and PowerPoint. It's even helpful in Outlook on occasion. Additionally, both Bing Enterprise and the standard Copilot in Edge are particularly useful when integrated with Customer Data Protection. This integration allows Copilot to securely access company data, including emails, presentations, and documents, to provide relevant recommendations and answers to queries.

Intune secures Bring Your Own Devices through network access management and work profiles, separating personal and company data. Additionally, it utilizes Defender for Endpoint for device security and facilitates deployment. Features like cloud app security, Microsoft Purview, and data loss prevention further enhance security and compliance, depending on the Microsoft 365 package, protecting both devices and data.

Privilege Access Management sits mostly on Entra ID and is deployed through Intune.

The primary challenge lies in managing employee devices, particularly differentiating between personal and corporate devices. Personal devices often face pushback against deploying security measures, while corporate-owned devices can be managed more securely and effectively. For instance, if a corporate device is lost or stolen, Intune enables remote wiping to protect company data.

Intune has helped in integrating Windows Update for Business to ensure machines are compliant. It provides functionality for workflow management on devices and separating company data from personal data. It is also used for deploying security and compliance capabilities depending on the Office 365 package used.

I find Microsoft Intune valuable primarily for its Windows management capabilities, along with its Android Enterprise and Apple device management for mobile devices. The mobile application management features enable BYOD support and work profiles on personal phones, enhancing security and control. Additionally, Intune excels in configuration and compliance management for Windows 10, ensuring devices receive timely updates and adhere to organizational standards.

While Intune effectively handles basic functionalities such as device management, data separation, and updates, it may present challenges with update times and limited advanced features.

Intune is not the most user-friendly mobile device management platform available. Compared to Jamf, AirWatch, or VMware Workspace ONE, it is not as intuitive or easy to navigate. 

The primary challenge with Intune's enterprise application management feature is its focus on the Microsoft application stack. This limitation makes managing third-party applications difficult, as there is no centralized store or streamlined process for batch operations. Intune lacks the robust support for third-party applications.

Microsoft frequently changes its offerings, so features previously included in Intune might now require Intune Suite. For example, managing device certificates, once an Intune feature, now requires this separate package. Essentially, Microsoft releases new features but places them in Intune Suite, requiring an additional purchase for functionality we might expect in the standard Intune license. This ever-evolving strategy means staying current with Intune can become costly.

I have been using Microsoft Intune for almost five years.

Microsoft's product support can be inadequate, with slow response times and unsatisfactory resolutions impacting the overall user experience. This contrasts with Jamf's support, which is generally perceived as superior due to its responsiveness and effectiveness.

Neutral

Microsoft Intune's costliness stems from licensing fees and the overhead associated with its management, user experience, and device remediation. While its licensing costs are high, the platform's limitations in manageability and user experience customization further contribute to the overall expense. Unlike Jamf, which offers greater flexibility and remedial capabilities, Intune's intrusive, yes or no approach limits user customization and potentially increases support needs. Therefore, determining Intune's true cost of ownership is subjective and depends on how these factors are measured.

I have evaluated Jamf, Kandji, ManageEngine, and VMWare Workspace ONE.

I would rate Microsoft Intune a six out of ten. Its management is not user-friendly, and device additions can take up to 24 hours to synchronize, unlike Jamf, which updates within 15 minutes. This delay is problematic for immediate remediation actions, such as removing harmful content or addressing device exposure, where a 24-hour wait is unacceptable.

It is advisable to prepare for the complexities of Intune and consider Jamf for better support and manageability if working alone. If you plan to use Microsoft Intune, be prepared for manageability and potential delays in changes and support responses.

We use Intune to connect university staff and faculty to secure resources on their computers quickly.  

Intune is a force multiplier coming directly from Active Directory. We had to engineer over some limitations of Active Directory, and Intune resolves that by addressing known trouble areas. It allows us to do things quicker and more efficiently. 

We like Intune's Autopilot functionality, which enables one-touch deployment. Dynamic grouping is another feature we find valuable working in academia. We have people in buckets based on their roles in the university, such as faculty, staff, alum, or grad. Sometimes, they will fit into multiple places, and dynamic grouping helps with that. So far, using Intune has been easy and intuitive. Once everything is set up, our user base finds it much easier and more modern.

We've recently purchased Copilot licenses for Intune, but we've only had it for a week or two. It's a new deal for Syracuse, but it has been good so far. It moves quickly. You can see that it's constantly learning, and I love that. Today is the dumbest it will ever be. It's going to continue getting better and better. Even when we're wowed, we understand that more "wow" will come. 

It has some growing pains, but they are no different from anything new. We're implementing Intune on an individualized data set. So there's no way Copilot can know everything about every data set it's going to get, but it does grow pretty quickly, which is phenomenal. 

It would be awesome if Microsoft opened their API so we could filter more properties. If we have to do anything outside of Intune that requires a third-party solution to talk back to it, we're very limited in what we can do. Trust your people. We promise not to break your stuff. Open it up just a tiny bit wider.

We started using Microsoft Intune about a year and a half ago. We transitioned our fleet from Active Directory to Azure Active Directory. Then, we took that hybrid and shifted it into Intune for our MDM solution.

Intune is solidly reliable. Microsoft has some peaks and valleys that you need to get used to. Stability is essential when transitioning from on-prem to the cloud, where Microsoft manages your infrastructure. There have been a few drops in performance, but that's more growing pains from our rapid expression than an indicator of major problems.

Scalability is fantastic. 

I am a technician, so when I'm reaching out about problems I cannot solve myself, they tend not to be tier-one or tier-two problems. When I contacted Microsoft, they had the same expertise, if not more, which is phenomenal because I felt heard and my problem was solved. That is delightful because I have contacted support for other solutions. After trying several troubleshooting steps, I contacted them, and they asked me to restart something. I have gone beyond that point and tried to tell you where I am. 

Positive

We previously used Active Directory and spec ops for software deployment, with Active Directory handling computer and user management. Intune was a natural progression for MDM. For Mac users, we still use Jamf but plan to transition them to Intune as support for Apple products grows.

It is absolutely a positive investment. Everything we've gained from it makes my job easier day after day, and I see value in it as an engineer.

I am not involved in those discussions. We worked hard to acquire E5 licensing, and Microsoft collaborated well with the university to ensure everyone got what they needed.

Our primary use case for Microsoft Intune is endpoint management across our enterprise, particularly for Windows and mobile endpoints.

Intune simplifies compliance. The ability to manage software updates and policies on endpoints has helped us meet contract requirements.

We like Intune's mobile device management features. When we migrated from another solution to Intune, onboarding our mobile devices was straightforward. Intune is pretty transparent for the end user. They have a customer portal, and I've never had complaints about it. 

The enterprise application management feature allows us to identify systems outside our standard security baseline and limit their access to company resources until they are updated and approved.

The interface is not as modern as some competitors in terms of single pane of glass visibility across the entire landscape. It has a very Azure vibe and may not be as graphically appealing as other products.

I have used Intune for around two years.

There are no complaints about the stability. It works one hundred percent of the time.

There are no concerns about scalability, especially coming from an on-premises solution. We no longer need additional hardware and infrastructure.

I rate Microsoft support eight out of 10. We haven't needed support much, but what we've gotten has been good. 

Positive

Previously, we used MobileIron for mobile devices, which is our primary use case for Intune. We switched to Intune mainly because it was included in our standard E5 license, providing cost savings and managing everything under a single pane of glass.

The initial setup was straightforward with minimal support required from Intune's side.

No external integrator, reseller, or consultant was used. All implementation was handled in-house.

We have seen a small return from the native integration with our Microsoft systems and Intune's reporting. 

With our standard E5 agreement with Microsoft, there have been no pricing concerns. Introductory professional services, like a fast-track service, were included with our E5 membership, and there have been no additional costs.

We evaluated Workspace ONE and Jamf for mobile management but stuck with Intune because it's included in our license.

I rate Microsoft Intune eight out of 10. It's a great solution, but there is room for it to become a more polished product.

The feature that we need occasionally but is really important is the ability to remotely wipe a device, control it, and perform similar functions. Being able to update devices is extremely important. Especially when people do not bring their devices in, we need to be able to reach out and update them over the internet.

Microsoft Intune does a great job of helping protect our environment. Particularly for mobile devices, it is great because our team is able to reach those devices and control the data that is on them.

I am not involved in the day-to-day with Intune, but we have gone with a different product for updating mobile device software. We do not integrate many of our mobile devices that are not Microsoft-based devices, such as Dell laptops, with Intune. We are using KACE from Quest to update our systems. We find that Intune is good with smaller mobile devices, the ones you put in your pocket. That is where I find Intune to be the best.

We had Microsoft Intune for a while, and we finally successfully deployed it.

Microsoft Intune scales effectively with growing needs.

We have not had to extend usage, but we are looking at Microsoft Intune for all kinds of new mobile devices that come out all the time. We will be expanding to cover those.

The support I get from Microsoft is very good. I have had a good experience with it. I would rate them a seven out of ten, which is pretty high in my book.

Neutral

Prior to adopting Microsoft Intune, we had KACE, but it could not handle mobile devices effectively. That is where Intune really shines.

I wasn't involved in the day-to-day deployment of it. I heard some pain points. The main thing is the learning curve.

It took time to implement. It was not the best product starting out of the gate. We were having difficulties getting our mobile devices integrated, but now we are doing much better. I was not in charge of the Intune deployment, but I am aware of some of the challenges they have been experiencing. It was really hard to integrate all the mobile devices. We integrated Surface devices properly, but our mobile workforce has many Apple iPhones, and those did not work quite as efficiently. We have got it all completed now. It is going smoothly.

Overall, the user experience with Microsoft Intune has a learning curve, but they are doing much better with it now. We had a really small help desk department, so they were stretched thin, but we have hired enough people now that we are able to get Intune deployed and working properly. We are in good shape.

We haven't moved a lot of our infrastructure to the cloud or Azure. We're still very much on-prem. We're a water district. We process water. A lot of our assets are physical, and they need to be secure. However, a lot of business applications are more Internet-connected. We have some cloud applications as software as a service.

We have seen a return on investment from Microsoft Intune. The main advantage is being able to manage the mobile devices at a good cost. Microsoft generally prices things pretty competitively, except for Azure, which is very expensive.

Microsoft Intune is pretty reasonable. We have difficulty with Azure, which is probably why we have not put many assets in Azure. Everything we put there is very expensive. Because we have so much on-premises equipment and assets, we put many items on-premises for that reason, and only if something absolutely has to live in the cloud, we put it there.

Before choosing Microsoft Intune, they did look at other options. I do not remember what was on the short list of what we were evaluating, but we have been using Intune for a while. Getting it deployed just took time.

I have played around a bit with Copilot for Microsoft Intune, but I use it more on O365. For Intune, I am not sure if we are using it. We do not use Advanced Endpoint Analytics as much because we have many other security tools. I find Microsoft to be good at the front end, especially for Exchange and similar applications. For inbound items, it is the first line of defense. We have many other layered defenses, with Microsoft being one of those layers.

I would recommend we stick with it. It has been great. I would rate Microsoft Intune a seven out of ten.

I am an IT consultant, and I mainly advise my customers on how to implement Microsoft 365 solutions like Microsoft Intune within small and large companies.

First of all, the integration with the rest of Microsoft's products is a major win. Secondly, it comes from a vendor for which we manage most of the operating systems, which is a big plus. 

As a software-as-a-service, it is updated monthly, meeting all the new functionality provided by the operating system vendors. If I don't have an endpoint management solution, I must go to each computer individually to harden systems, install software and data. 

Comparing this to having an endpoint management solution, the efficiency gain may be up to 80%.

The biggest challenge Microsoft has with its own product is supporting all the versions of its own product as well. A major challenge is making all the products work within device management solutions like Intune. It would be beneficial if Microsoft removed support for older products much earlier in the process. 

However, given that they have paying customers, it's not something they can easily do. Ideally, we would have a product capable of managing the latest versions of the operating systems without having to deal with outdated systems.

I have been using the product actively for about five to seven years.

Customer service is not really good. I would give it a six out of ten. The main issue is the time it takes to get someone involved who truly understands what the product does and what the real issue is. I do realize that my support requests are the more advanced ones. 

Neutral

Getting used to working with a product like Intune is easier if I'm already familiar with other Microsoft products, as many companies are. The adoption rate is quite fast. Other vendors provide good solutions as well. Ultimately, it depends on what I am accustomed to. If I have worked for 20 years with VMware technology, then adopting the VMware endpoint management solution might be easier than switching to Microsoft Intune.

It really saves time and resources. As mentioned earlier, I need not go to each machine to update it and install software when using a device management solution. The efficiency gain might be between 60% to 80% compared to other products. If compared to another product I am accustomed to, the results may vary.

As a consultant, I advise customers and help them implement it. In addition, I offer a service where customers purchase configuration updates from me on a subscription basis. I ensure the Intune environment and other products remain up-to-date. 

Microsoft is doing a good job in this area, and many customers who ask for my help already pay for the license. Cloud PKI has similar issues, where other vendors provided that functionality before. Customers who needed it previously adopted third-party solutions. 

Now, Cloud PKI has been available for a year, serving as a good alternative provided by Microsoft, although many customers continue to stick with solutions they had already adopted. 

My overall rating for this solution is eight out of ten.

We usually use Microsoft Intune to manage our devices and add security layers to protect access to all company resources.

The main benefit for us with Microsoft Intune is centralized management of all devices, allowing us to apply one policy across the company from one location.

What I like the most about Microsoft Intune is its ability to manage mobile devices. Through integration with System Center, it can also manage desktops and laptops. We also appreciate how easy it is to manage everything from the console.

The enterprise application management feature lets you manage, deploy, or uninstall applications from Intune. It also enables us to automate updates. The Cloud PKI feature helps us manage security keys on all company devices. 

Intune should improve the management of non-Microsoft devices. It would be better to manage Mac, Android, and other non-Microsoft operating system devices within the same Intune interface.

I have been using Microsoft Intune for almost five years now.

I rate Microsoft Intune nine out of 10 for stability.

We are not a huge company to check the scalability part. However, when discussing with our customers across the region, it seems fine, especially with the integration with System Center.

I rate Microsoft support nine out of 10. We have not used customer support, but it seems okay. If something happens, we open a case and receive assistance.

Positive

While I didn't perform the initial deployment, I know it's easy to roll out Intune across all devices. 

From the device perspective, particularly for desktops, it automates application deployment and secures all the devices. Importantly, when someone leaves the company, it helps protect document access on their devices. Onboarding and offboarding users is a great asset in terms of ROI.

We are partners, so we receive some discount. However, from the customer's perspective, Microsoft Intune's pricing is competitive with non-Microsoft technology, and the price is good compared to other market competitors.

I rate Microsoft Intune nine out of 10.