I am the Technology Support Manager for a large educational organization.
We already own Intune as we are a Microsoft house but we are looking to purchase Chromebooks in large quantities, so we want to utilize Intune to manage the devices. We were wondering what would be the pros and cons for either solution. At the moment I am swayed to use Intune as it would be a cost-savi...
What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions?
I have demoed these solutions together. There are as well other alternatives that integrate with SaaS services.
Thank you for your help.
Sr. Solutions Sales Executive - Commercial/Charity/Healthcare/SMB Individual Contributor at Hypertec Direct
Feb 15, 2023
I believe it is a good first step, and I would say even a requirement, but in no way is it a comprehensive security solution, even for endpoints.
There are many things that need to be addressed for security. In addition to this, there is XDR, MDR, more comprehensive AV for endpoints & Servers that stop attacks, Threat Hunting, Mitigation, PEN Testing, Security Training for end users, Multi-Factor Authentication (Microsoft's MFA is good but only for Microsoft products), Patch Management for Endpoints, Servers and Cloud Workloads, Network Access Control, Firewalls for On-Premise and Cloud server workloads, Network Segmentation, Password Management, Data Backups (3-2-1-1 Rule) with Immutable Backups, Power Backups, Physical Security, Monitoring, NOC/SOC services, and working towards a Zero Trust architecture...
But there are no single-point solutions that will make you secure, so don't get complacent. And you can outspend your profits if you do everything. Just remember it's best to have a layered approach that works together and looks at everything from a security perspective and how it integrates with your overall security plans and objectives to help identify holes and possible mitigations.
Healthcare must do Risk Assessments by law, but I recommend that all companies of all sizes do at least annual risk assessments since there is so such thing as being too small or inconspicuous to be hit with malware or have a cyber security attack since much of the delivery is automated and not just by the script-kiddies of years gone by... Nation States are actively engaging in cyber warfare daily, along with terrorists, and opportunists looking to make big money from you...
Senior Associate Specialist at a financial services firm with 1,001-5,000 employees
Feb 16, 2023
It depends on your company's infrastructure. Check with your cyber team whether you can sync your endpoints to Cloud using Azure AD as Azure Registered/ Azure Hybrid AD join/ Azure AD join, etc.
1. So, if the ask is only to enroll them in Intune to leverage defender/BitLocker services - go directly to Azure AD's join approach.
2. If you still want to manage patch management/mcm BitLocker but Defender via cloud, the approach should be Azure Hybrid AD join.
3. You can still use autopilot using both of these approaches.
Microsoft Intune offers not only an easy-to-deploy data protection and productivity management solution, but also access to both Microsoft’s user community as well as around-the-clock customer support. Installation of this product is rather straightforward. Microsoft Intune relies on the cloud to operate. All that you truly need in order to begin to use it is a connection to the internet. It is so simple that a single person could install it on their own. Once one has acquired the correct licenses, it only takes about forty minutes for the entire configuration process to be completed. This configuration is only really necessary if you want to integrate your Microsoft solution with the solutions that you host in-house.
It is possible for Intune users to have access to an engineer at any time of day. No matter when issues arise, you can be sure to have access assistance. This can take one of two forms. The first possibility is that a user can connect to a member of Microsoft's technical support team. Alternatively, you can turn to the community of Microsoft users. Other users of Intune may even be able to offer better troubleshooting advice than the engineers.
Intune is easy to manipulate and very easy to scale up. This solution has a single user interface screen from which the system management can be overseen. It is not necessary to jump to multiple screens to exercise control of the system. This provides a simpler way to conduct business. Furthermore, Intune can be used by as many as five devices on a single license. Cost is the only thing that could prove a challenge to scaling Intune up.
Google Cloud Identity allows users to control the whole solution from a single portal. This makes things very easy for organizations that have vast networks. It is also easy to deploy. However, the user interface could be simplified. Google Cloud Identity’s ability to integrate with programs like Mac’s OS could also be improved.
Both programs offer solutions that are easy to set up and use. However, Microsoft Intune’s pricing and features make it a more competitive product.