Microsoft Intune and BeyondTrust Privileged Remote Access compete in the device management and security solutions category. BeyondTrust has the upper hand in secure user access due to its unique features around VPN alternatives and user privileges management.
Features: Microsoft Intune offers seamless integration with Microsoft ecosystems, allowing robust security management across Windows, iOS, and Android devices through a unified console. Its custom policy enforcement and application management ensure secure device handling. BeyondTrust Privileged Remote Access provides security without the need for VPNs, incorporating multi-factor authentication, session recording, and comprehensive access control for remote users.
Room for Improvement: Microsoft Intune could benefit from enhanced reporting capabilities and improved macOS support, alongside simplifying its policy application. It also lacks strong support for some non-Microsoft devices and could improve its interface. BeyondTrust could improve smoother API integration and session recordings, and make its onboarding more user-friendly. Integration challenges with other platforms can also interfere with its use.
Ease of Deployment and Customer Service: Microsoft Intune provides versatile deployment options across Public, Private, and Hybrid Clouds but offers inconsistent customer service, with responsiveness varying by region and support level. BeyondTrust Privileged Remote Access primarily uses on-premises or hybrid deployments. Its customer support is generally considered excellent, highlighting its superiority over Intune in this aspect.
Pricing and ROI: Microsoft Intune, often included within Microsoft suites, presents a cost-effective solution for those already embedded in the Microsoft environment, reducing operational costs through bundled services. BeyondTrust is perceived as expensive initially, yet offers significant ROI over time through its enhanced reliability and security features, making it worthwhile, especially for enterprises aiming to mitigate remote access risks.
Everything we've gained from it makes my job easier day after day, and I see value in it as an engineer.
Importantly, when someone leaves the company, it helps protect document access on their devices.
Applications are deployed through Intune, and we see fewer tickets for common issues because we can resolve them through the solution.
Support now requires opening a ServiceNow ticket, which can be time-consuming.
When a support ticket is submitted, it directly reaches someone with Intune support expertise.
When I contacted Microsoft, they had the same expertise, if not more, which is phenomenal because I felt heard and my problem was solved.
Sometimes, the support provided is excellent, and the representative is knowledgeable, while other times, the service needs improvement.
I would give it an eight or nine out of ten for scalability, possibly even a ten, as I do not see a limitation in scaling.
The scalability of Microsoft Intune is ten out of ten.
Ideally, we want to automatically segregate devices based on user properties like primary use, but currently, dynamic groups seem limited to device properties.
It supports organizations with 200 endpoints and those with more than 15,000 endpoints.
Updates sometimes introduce bugs or issues, especially with non-English versions.
Microsoft Intune has been very stable.
A couple of years ago, the performance was not as good as it is now, but there are noticeable backend improvements.
We've encountered problems with other services like Exchange, Intune has remained unaffected.
BeyondTrust should focus on automating the update process to reduce unnecessary ticket creation.
There are communication issues, so you might start working with a feature without knowing if it will be deprecated six months from now.
Many third-party companies offer single-pane-of-glass reporting that shows you what your update environment looks like, how your patch is doing, application status, etc., but Intune's reporting is not intuitive.
Workspace ONE operates in real-time, whereas Intune has a noticeable delay when deploying policies or apps.
My experience with pricing, setup cost, and licensing is that it is expensive, yet not the most expensive in the market, so the price can be considered justifiable.
Introductory professional services, like a fast-track service, were included with our E5 membership, and there have been no additional costs.
The Intune suite and add-ons, such as batch management and remote help, are costly.
Microsoft Intune's costliness stems from licensing fees and the overhead associated with its management, user experience, and device remediation.
The secure access must be audited live, ensuring patient data protection.
Intune excels in configuration and compliance management for Windows 10, ensuring devices receive timely updates and adhere to organizational standards.
Dynamic groups allow us to set conditions for automatic membership, eliminating the need for user intervention or manual review and ensuring a seamless workflow.
Windows Autopatch is the most valuable because it removes the burden of patch management.
BeyondTrust Privileged Remote Access (formerly Bomgar Privileged Access) lets you secure, manage, and audit vendor and internal remote privileged access without a VPN.
Privileged Remote Access provides visibility and control over third-party vendor access, as well as internal remote access, enabling your organization to extend access to important assets, but without compromising security.
Features include:
- Privileged Access Control: Enforce least privilege by giving users the right level of access.
- Monitor Sessions: Control and monitor sessions using standard protocols for RDP, VNC, HTTP/S, and SSH connections.
- Reduce the Attack Surface: Reduce attacks by consolidating the tracking, approval, and auditing of privileged accounts in one place and by creating a single access pathway.
- Integrate with Password Management: Inject credentials directly into servers and systems with just one click, so users never need to know or see plain text credentials.
- Mobile & Web Consoles: Use mobile apps or web-based consoles anytime, anywhere.
- Audit & Compliance: Create audit trails, session forensics, and other reporting features by capturing detailed session data in real-time or post- session review, and provide attestation reports to prove compliance.
Microsoft Intune is a comprehensive cloud-based service that allows you to remotely manage mobile devices and mobile applications without worrying about the security of your organization’s data. Device and app management can be used on company-owned devices as well as personal devices.
In an increasingly mobile workforce, Microsoft Intune keeps your sensitive data safe while on the move. Microsoft Intune makes it possible for your team members to work anywhere using their mobile devices. Microsoft Intune provides both the flexibility and the control needed for securing all your data on the cloud, no matter where the device with the data is located.
Microsoft Intune Device Management Key Features
With Microsoft Intune Device Management you can:
Mobile Application Management
Mobile application management in Intune is designed to protect your organization’s data at the application level.
With Microsoft Intune Application Management you can:
As part of Microsoft's Enterprise Mobility + Security (EMS) suite, Intune integrates with Microsoft Entra ID for access control and with Azure Information Protection for data protection. It also integrates with Microsoft 365 Applications.
Reviews from Real Users
Microsoft Intune stands out among its competitors for a number of reasons. Two major ones are its ability to secure all devices under its management and the flexibility that the solution offers its users.
A computing services manager notes, "Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly."
The head of IT engineering at a financial services company writes, "The one feature we find most useful is the Mobile Application Manager. There are two types: we have the complete MDM and the Mobile Application Manager (MAM). We don't give our users phones, it is their own personal phone, and we need to allow them to have access to the company details on their phone. We need to create a balance between their own personal data and the company data. We deploy the Mobile Application Manager for them so that we won't be able to interfere with their own personal data."
We monitor all Remote Access reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
