Our main use case for Microsoft Intune is patching. We use Microsoft Intune for patching, specifically Windows patching.
Manager at a energy/utilities company with 1,001-5,000 employees
Makes remote updates easy and runs smoothly in the background
Pros and Cons
- "The most valuable features of Microsoft Intune include remote updates. The update runs in the background, so there's no need in most cases to go on-site to do it."
- "The user experience of Microsoft Intune is quite good because there's not much disturbance in the background; it's just running in the background."
- "For additional functionality, I suggest that Microsoft could expand on asset management. Since the platform is there, they could develop it into a full-fledged asset management system."
- "One thing that could be better in Microsoft Intune is the file size, as it is quite large at times."
What is our primary use case?
How has it helped my organization?
The user experience of Microsoft Intune is quite good because there's not much disturbance in the background; it's just running in the background.
What is most valuable?
The most valuable features of Microsoft Intune include remote updates. The update runs in the background, so there's no need in most cases to go on-site to do it.
What needs improvement?
Based on my experience and my team's feedback, one thing that could be better in Microsoft Intune is the file size, as it is quite large at times. Sometimes the file size is too large. The space taken on some hard disks may be too large for the patches that run on them, as we're limiting all these local storage to encourage our users to store on OneDrive rather than on local drives.
For additional functionality, I suggest that Microsoft could expand on asset management. Since the platform is there, they could develop it into a full-fledged asset management system.
Buyer's Guide
Microsoft Intune
April 2025

Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
For how long have I used the solution?
I've been working with Microsoft Intune for around a year.
What do I think about the stability of the solution?
It's stable. I would rate the stability of Microsoft Intune a nine out of ten.
How are customer service and support?
Technical support from Microsoft is quite good, especially because we subscribe to the premium services.
How was the initial setup?
We are currently working with a hybrid deployment model. It's a hybrid because our Active Directory is still on-premises, but other services are online.
As for advanced Endpoint Analytics in the Microsoft Intune Suite, we are still working on it. We only completed the implementation for the basic functions at the end of last year. We are moving in stages.
What's my experience with pricing, setup cost, and licensing?
I'm not sure about the pricing of Microsoft Intune because I didn't buy it. My team members bundled it together with their Microsoft solutions, including Microsoft 365 and related products.
Which other solutions did I evaluate?
I haven't used different solutions similar to Microsoft Intune or made any comparisons with other products at the moment. In the past, the nearest solution would be BigFix, but you cannot compare it to Microsoft Intune because BigFix was an older system, and you needed more technical knowledge to run it. You needed to know how to do scripting and related tasks.
What other advice do I have?
If they could also make Microsoft Intune a full-fledged asset management system, it would be the best.
I would rate Microsoft Intune an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Apr 14, 2025
Flag as inappropriate
CISO at a computer software company with 201-500 employees
Streamlines operations and reduces administrative overhead and attack surface
Pros and Cons
- "Microsoft Intune is easy to use, and it is able to enforce policies towards multiple devices. It is able to bring multiple classes of devices into the same security posture. I found that very useful."
- "The interoperability or communication with a different platform can be better. It is a two-way street. It is not only about Microsoft. The other platforms also have to be willing to share some information, but that absolutely can be improved."
What is our primary use case?
We use it for pretty much everything related to endpoint management. We use it for bring-your-own-devices and corporate-related devices such as laptops and tablets. We have various operating systems such as Windows, iOS, and Android.
How has it helped my organization?
Microsoft Intune is helping to streamline operations and minimize administrative overhead.
We are using the Enterprise Application Management features of Intune Suite. It is very well designed and very well suited for Microsoft-related applications. Third-party applications can require some workaround. They do not always organically fit into the solution, but, overall, it is a great option to have visibility into what the users are using and be able to set up some policies based on that. We can allow applications or deny applications. We can manage what users can onboard. Overall, it is a great solution. We can definitely simplify and streamline some security operations.
Microsoft Intune is great for securing hybrid work and protecting data on company and BYO devices. What is more important is that it is not a static product. It is not that the product is very well established and not moving anywhere. It is constantly evolving. Microsoft seems to be spending lots of resources trying to improve and bring new features. That is great.
We are starting with Intune's Endpoint Privilege Management feature. It definitely impacts productivity. It is great and definitely helps a lot. It helps minimize the attack surface because you do not have elevated privileges accounts available all the time. It helps mitigate or shrink the potential impact or potential entry points into the network.
Microsoft Intune has helped us to manage the accounts with elevated privileges. We are a managed service provider. We sometimes have big turnarounds on the help desk. By their job definition, many of them are supposed to have access to different clients and different sensitive areas. It helps us to mitigate and manage these accounts, and, as a result, to be more secure. We can make sure that those accounts are not being distributed very freely. We have control over their actions. We have control over what they are doing. We have full visibility and accountability.
What is most valuable?
Microsoft Intune is easy to use, and it is able to enforce policies towards multiple devices. It is able to bring multiple classes of devices into the same security posture. I found that very useful.
What needs improvement?
The interoperability or communication with a different platform can be better. It is a two-way street. It is not only about Microsoft. The other platforms also have to be willing to share some information, but that absolutely can be improved.
For how long have I used the solution?
I have been using Microsoft Intune for five to six years.
How are customer service and support?
It depends on the level of access you have. We are a managed service provider, so we do have access to Microsoft. Generally, it is okay if you are able to find the right parties to talk to. It can definitely be improved.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We did not use any other solution previously.
What was our ROI?
First of all, we do not have to deploy any third-party privileged account management solution. That is one tangible benefit. An indirect benefit is that by protecting your environment and making it more secure, you are potentially avoiding any downtime. It is hard to quantify what that downtime cost could be.
If an account with elevated privileges is compromised, you need to perform a lot of work. You need to change the password, disable the account, and recreate another account, so 10% to 15% of the downtime definitely could have been avoided.
What's my experience with pricing, setup cost, and licensing?
We use Defender ATP and E5 licenses.
Which other solutions did I evaluate?
Intune was an organic choice because we are a Microsoft shop. We use everything that Microsoft can offer.
What other advice do I have?
Microsoft Intune is a great solution. If you have a Microsoft environment, it is definitely the way to go. It can help you to streamline operations and simplify a lot of things. If you go into a multi-cloud environment where you have AWS, GCP, or any other cloud workloads, it may be a little bit more complicated. If you are a Microsoft shop, it is the way to go.
In terms of user experience, for the end users, it is pretty much seamless. It is more on the administrative side. If you properly configure it, it is a relatively seamless experience.
We have just started working with Microsoft Copilot in Intune. It is a very fresh solution. It has just been released, so we are setting up use cases and working with Copilot. We have a Copilot for Teams. We have a Copilot for Microsoft Office that we are utilizing. We have started playing with Copilot for some security operations. It is yet to be determined how much value it can bring. Generally, it can help you analyze and optimize some workloads and events more efficiently, effectively, and quickly. There is great potential, but we will see how it is in real life.
I would rate Microsoft Intune an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Microsoft Intune
April 2025

Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
system engineer 2 at a retailer with 10,001+ employees
Management tools streamline device provisioning and security across multiple platforms
Pros and Cons
- "Microsoft Intune is a cost-saving solution, reducing IT department workload and allowing for faster device provisioning compared to traditional methods."
- "The reporting part needs improvement, and it would be beneficial if it could integrate with third-party tools instead of just Power BI."
What is our primary use case?
I use Microsoft Intune to manage devices and Windows, including Linux and macOS. It provides a zero-touch experience for provisioning mobile devices like iOS, iPad, Android, and macOS. It offers security and serves as a management tool where multiple products can be managed.
What is most valuable?
Microsoft Intune helps me manage devices and Windows, including Linux and macOS. It provides a zero-touch experience for provisioning mobile devices like iOS, iPad, Android, and macOS. It offers security and acts as a management tool where multiple products can be managed. Having all endpoint and security management tools in one place reduces the IT department's workload, making provisioning devices faster compared to traditional methods.
What needs improvement?
The reporting part needs improvement, and it would be beneficial if it could integrate with third-party tools instead of just Power BI. Additionally, the inventories could be enhanced.
For how long have I used the solution?
I have ten years of experience working with Microsoft Intune. I also have experience with Jamf Pro, which I have used for four years.
What do I think about the stability of the solution?
I can give Microsoft Intune a ten out of ten for stability.
What do I think about the scalability of the solution?
I can give Microsoft Intune a nine out of ten for scalability.
How are customer service and support?
Customer service is good, and I would rate it nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not use any other solution before Microsoft Intune.
How was the initial setup?
The initial setup was conducted in-house, and no external integrator or consultant was used.
What about the implementation team?
We did not use an integrator or consultant; everything was done in-house.
What was our ROI?
Microsoft Intune is a cost-saving solution, reducing IT department workload and allowing for faster device provisioning compared to traditional methods. However, I am not sure about the exact savings per month or year.
What's my experience with pricing, setup cost, and licensing?
I find the price somewhat affordable.
Which other solutions did I evaluate?
I never evaluated any other options before choosing Microsoft Intune.
What other advice do I have?
My advice is to improve the reporting capabilities and integrate with third-party tools. I rate the overall solution nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 7, 2025
Flag as inappropriateInfrastructure Engineer at SpiritUK
Integrates well with Microsoft products and helps with security and compliance
Pros and Cons
- "For our clients, the conditional access feature along with different compliance policies that they can set is valuable."
- "The mobile management is good for iPhone and iPad, but the Apple Mac management needs improvement. That is probably because Microsoft does not have low-level access to Apple Mac hardware. If you are doing basic things, it is okay, but if you want to image Apple Macs and do things like that, then Jamf is much better."
What is our primary use case?
It is being used for device management. We have a couple of clients using it at the moment. They have Windows, Android, and iPhone devices that are managed by it. We have another client with only three devices, but they are Windows SE devices with the cut-down version of Windows.
They are using the latest version because it is always kept up to date online.
How has it helped my organization?
Microsoft Intune pretty much brings all of our endpoint and security management tools into one place. I cannot think of the ones where it does not do what we need. Apple Mac management could be better. It makes IT and security operations much easier and much more convenient.
We use the Enterprise Application Management features of Intune Suite. That is what the data manager is set to. These features are good. So far, we have had no problems with that.
Implementing applications is easier than MaaS360. There are definitely time savings. It is a lot smoother and a lot more well-integrated with Azure AD, etc.
The integration with Microsoft 365 and Microsoft Security for both cloud and co-managed devices is very important. That is the key thing for us. Almost all of the clients have Microsoft Office 365. We have only two clients who use Google G Suite, so this whole integration is very important.
It has helped us consolidate vendors.
Its benefits can be realized within a couple of weeks. It is very good because it works. Conditional access and compliance work from anywhere, so it is very good.
What is most valuable?
For our clients, the conditional access feature along with different compliance policies that they can set is valuable.
All the remote tools you can use on the mobile are also valuable. Features such as passcode reset for the device lock are helpful, so you can set a code and get people back into the device.
What needs improvement?
The Apple Mac management is a bit basic. The mobile management is good for iPhone and iPad, but the Apple Mac management needs improvement. That is probably because Microsoft does not have low-level access to Apple Mac hardware. If you are doing basic things, it is okay, but if you want to image Apple Macs and do things like that, then Jamf is much better.
Their support needs to be improved.
For how long have I used the solution?
I have been using this solution for about eight years.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
It is definitely scalable.
How are customer service and support?
Their support is absolutely useless. They used to be good, but now, there are separate departments. We had an issue with conditional access where the client did not like the fact that single sign-on was working and automatically logging them into everything. They found it to be a security issue. It was not a good thing. We were trying to disable that, but then conditional access would not work. Their support could not figure it out. They would say that it is Entra and then they would say that it is Intune. I found out what it was. It was a token that was coming from a single sign-on.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
We use Jamf. We are still using IBM MaaS360 for some of the clients, but it is getting phased out for Intune.
MaaS360 does not integrate with all Microsoft products as well as Intune for obvious reasons. A lot of our clients want Intune for data protection, conditional access, etc. It is more about protecting their data and making sure that the devices are compliant and meeting certain policies.
The user experience of Intune is good. It is a lot less clunkier than MaaS360. We do most of the setup, so the users are not really affected by it.
Jamf is mainly for Apple Mac management. Intune is mainly for Windows management and mobile management. Intune does not have the same level of integration with Apple Mac, so you cannot image them properly. It supports very basic imaging. Jamf is a much better tool for managing Apple Mac.
How was the initial setup?
You have to use Azure because it is a part of the Microsoft environment.
I am the lead engineer involved in setting it up and configuring all the policies. It is straightforward.
From a maintenance point of view, there is no maintenance you have to do because Microsoft does it all in the cloud. You might need to tweak a few things on an app after you send it out, but those are general tweaks to make things run better. You do not have to put updates on or do things like that.
What about the implementation team?
We do not use any external help. We just use Microsoft documentation.
What's my experience with pricing, setup cost, and licensing?
We work in the charity sector, so a lot of our clients get Microsoft Premium licenses or Business Premium for free. They get ten licenses free, and a lot of our clients do not have more than ten staff members. They are getting the tool for free, so its cost is not an issue.
Which other solutions did I evaluate?
We did not evaluate other solutions.
What other advice do I have?
It is good. If your clients want to protect their data and they are using Microsoft tools, then Microsoft Intune is definitely the one that they should be using.
We are not using it to its fullest. There is a lot more we could do. I work for an MSP, so we are bound by what the client wants to do. If the client does not want to advance anything, we will not advance it.
In terms of IT productivity, it does not benefit us directly because we are an MSP, but it is a lot easier to use than MaaS360 and other ones we have tried. Similarly, it does not save us costs because we are an MSP. We charge people to implement a solution, and that is it. If we are paid to manage it, we obviously try to manage it, but it does not save us any money.
It does not affect our security because we do not use it ourselves. We just install it for other people.
Overall, I would rate Microsoft Intune an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer:
Last updated: Sep 29, 2024
Flag as inappropriatePresident & Founder at a tech services company with 1-10 employees
It helps consolidate our endpoints, proactively detect and remediate anomalies
Pros and Cons
- "The management control feature is the most valuable."
- "Intune endpoint analytics can be challenging."
What is our primary use case?
I support mobile technology for the Department of Homeland Security first responders nationwide, particularly in the weapons of mass destruction area. This diverse group includes first responders, firefighters, and police, explicitly located in high-risk urban areas like New York, including Northern New Jersey and Southern Connecticut, Chicago, San Francisco, and Washington D.C. Additionally, a mobile deployment group travels to major events like New Year's Eve in Times Square, Pro Bowls, Super Bowls, and World Series games, carrying chemical and biological detection devices with Microsoft Intune integrated into their mobile technologies.
How has it helped my organization?
Intune consolidates our endpoint and security management tools, providing a centralized solution for controlling security and ensuring compliance with the federal government, NIST, and ISO standards. This centralized control is crucial for maintaining a secure and compliant environment.
Endpoint analytics help proactively detect and remediate anomalies on endpoints. We receive alerts from various detection devices, including biological, radiological, and mobile platforms. A common challenge with Bluetooth or similar technologies is maintaining connectivity, whether it's Bluetooth or Wi-Fi. Additionally, we need to protect the Wi-Fi network itself. To address these security concerns, we often use proprietary connectivity protocols to ensure data integrity and prevent hacking, fraud, or unauthorized access.
Intune's Cloud PKI helps us manage our current and historical actions. We can easily access recurring tasks and look for common problems, which is an important attribute of using the cloud service.
For our benefit, Intune is very useful. However, the challenge is keeping it up to date and dealing with shift workers across different time zones. When deploying to the New York region, multiple fire and police departments use these devices. We maintain a database to track deployment status and device updates to ensure effective management. Devices unused for 90 days are suspended with the carrier to avoid higher fees for inactive devices. Although maintaining these devices can be challenging, we closely monitor them and collaborate with regional directors to ensure they are turned on at least every 90 days for automatic updates.
We use the privilege management feature exclusively for points of contact or location managers. Due to the group's diversity and the inclusion of shift workers, these individuals require specific access from an identity management perspective. We only permit access in these designated areas.
Intune saves costs for the federal government.
One reason my employer switched to Intune was the integration of Intune with Microsoft 365 and Microsoft Security.
What is most valuable?
We deploy applications and manage infrastructure based on specific needs, including lockdown services to prevent unauthorized app downloads. We utilize management controls for this purpose. Currently, it's a small environment consisting of approximately 20 major locations nationwide, with plans for future expansion. The management control feature is the most valuable.
What needs improvement?
Intune endpoint analytics can be challenging. However, factors like usage patterns, timeliness, and time of day can provide valuable insights. We must also consider help desk tiers, change management processes, and other relevant factors. We must prioritize user-friendly reporting over complex, jargon-filled explanations to present these analytics effectively to the federal mobility group and leaders countering weapons of mass destruction, who may need to be more technical experts.
For how long have I used the solution?
I have been using Microsoft Intune for 18 months.
How are customer service and support?
The technical support has been good. We have priority, given that we work with first responders.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Before I joined as a contractor consultant, the government used VMware. They changed vendors, and the new vendor convinced management that Microsoft Intune was superior to VMware. I disagreed, having done a lot of business with VMware over the years. I believe any VMware issues could be resolved with the proper account management and connections in production and development.
They believed Intune offered superior controls compared to VMware, but a thorough evaluation wasn't conducted. Instead of adhering to federal government regulations that mandate due diligence when switching technologies, they bypassed the process. They directly consulted the individual heading CWMD at the time, whose recommendation led to their employment and subsequent contract. Their justification for the switch to Microsoft Intune was based on their assertion that it would enable them to perform better. Typically, an in-depth evaluation is conducted before any transition, highlighting the differences to the federal government and justifying the necessity of the change. Cost-benefit analysis might be a factor, but not always the deciding one. Improved engineering, deployment models, and infrastructure management could all contribute to the rationale behind such a decision.
What other advice do I have?
I would rate Microsoft Intune nine out of ten.
The user experience is a learning process, and it's improving. We primarily deal with shift workers who share devices, making identity management difficult and necessitating tighter security. For first responders, feedback and chemical and biological device management for alerts aren't the top priority. They focus on murders, robberies, thefts, fires, etc. Getting them to update their devices is challenging. We try to set it up so they only need to reconnect their devices every 90 days, but depending on the vulnerability, it might have to be done sooner.
Intune is a necessary tool, and we're currently undergoing a transformation with one vendor leaving and another coming in. This involves going through documentation, projects, upgrade requirements, and processes. MDM is only necessary due to the number of tools we have, including Sonim rugged mobile devices and Panasonic rugged desktops used in police cars, fire trucks, and other mobile settings. Dealing with Sonim is challenging because our contract is with the carriers, AT&T, Verizon, etc., not the federal government. Attestations and an executive order 14.28 about managing technology on these devices exist. Sonim is developed and manufactured in China, raising concerns about mobile technologies and managing them through third-party suppliers from non-friendly countries. All these factors contribute to the challenges in MDM.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Sep 11, 2024
Flag as inappropriateSystem Engineer at Capitaland
Improves security, offers excellent mobile device management and is easy to set up
Pros and Cons
- "The mobile device management is very useful."
- "There are a lot of updates happening on Microsoft."
What is our primary use case?
I'm working with InTune on the user side. It's used for device enrollment and mobile device management. It's used for remote desktops and remote control for compliance.
How has it helped my organization?
The solution helped us resolve user enrollment issues. Sometimes, users want to reset, for example, file server systems and Intune ensures a user can't just enroll any new systems.
What is most valuable?
The mobile device management is very useful. With mobile device management, we can monitor everything and control devices. We can monitor devices and fix things on remote desktops.
Intune brings all endpoints and security management tools into one place. This helps us monitor everything from one portal. We can exclude any PowerShell command. It helps us not only monitor for but also fix any problems. We can add and remove items remotely from any device from a single place.
The solution has a helpful feature called Co-Pilot. We can access it via the portal and configure it as we need. However, I have not used it myself.
We use Intune with a hybrid model. We can connect it easily to other services.
With the ability to monitor everything from one place, our security is quite good. The level of security is better. I'd rate the level of security we've been able to achieve ten out of ten.
It's positively affected IT productivity in our organization. Having Intune has made our IT engineers more effective. They can use the cloud portal from anywhere and at any time to easily adjust or deploy whatever users need.
We've been able to save money compared to using SCCM. Intune has helped from a cost-savings perspective, although I can't speak to exact costs.
What needs improvement?
There are a lot of updates happening on Microsoft.
For how long have I used the solution?
I've used the solution for about six months.
What do I think about the stability of the solution?
I haven't had any challenges with stability.
What do I think about the scalability of the solution?
I haven't come across any limitations in terms of scalability.
How are customer service and support?
I've never had to reach out to technical support.
Which solution did I use previously and why did I switch?
I also use VMware.
How was the initial setup?
The initial setup was straightforward. We simply needed to create an account don't he Microsoft side and then we can go and get licenses.
I administrate and maintain Intune for the company.
What's my experience with pricing, setup cost, and licensing?
I don't have any visibility in regards to Intune pricing.
What other advice do I have?
I'd recommend Intune to others. I'd rate Intune ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Jul 29, 2024
Flag as inappropriateInformation Technology System Administrator II at a government with 51-200 employees
Cloud-based and helpful for compliance and endpoint deployment
Pros and Cons
- "Intune provides full endpoint visibility and IT control across device platforms. You can individualize it for your company with the Intune Company Portal app."
- "I know that their AI pieces are at the infancy stage, but allowing users to do more tagging for information would be an interesting thing because Intune also directly integrates with Azure. Because a lot of the devices are hosted with that, you also get a lot of tagging of user data and other things like that."
What is our primary use case?
We are using it for the endpoint deployment piece.
By implementing Intune, we are trying to get everything off on-prem.
How has it helped my organization?
Because of the FedRAMP space and some of the pieces we are doing, such as the new policies for CMMC 2.0, we have more worries when we have anything physical. It just made sense to go for a cloud solution. Because we were already using Microsoft products and we were previously partially using Intune, it just made sense to use Intune.
Once you start getting things hosted in the cloud, rather than having to host the domain pieces yourself, they can be generally managed by Intune. One of the issues that we had when we had the hybrid or on-prem deployment set was that users would have to use a VPN to be able to change their user email or their password sets. Having to manage on-prem exchange was an issue as well. There were other things like that. As we are moving the pieces over, we are noticing a lot more availability and easier configuration of pieces for users.
Intune has helped us with compliance. We are using it for CMMC 2.0 compliance.
Intune provides full endpoint visibility and IT control across device platforms. You can individualize it for your company with the Intune Company Portal app. You can make applications and other things and have them deployed via scripts.
The user experience of Intune has been nice for other individuals from what I have seen.
A lot of security is achieved via Intune policy deployment cases. There is a baseline security set, and then a part of it was configured with some of the other things that we needed for CMMC 2.0 compliance. It is containerizing for cell phones in particular and not allowing specific connection sets. We have more cells than anything else. A lot of the users do not even need to touch a lot of the system sets that we use. We have not had any issues with user availability.
One of the things that you can do with Intune is that you can have approved app sets. As a corporation, you know that a user needs to use an application, so you can have it added to Intune Company Portal apps. You can have it pre-downloaded for the users without the need for an admin's intervention. For the apps that users could need or do need, you can either force installation or set it up for the user if they need it.
Intune certainly affects our organization's attack surface. We are utilizing DLP, domain policies, and things like that via Intune. It is nice to be able to make sure that the users can have their laptops, and there is also no need to have a VPN service for a lot of those. It makes it easier for each user's things to be isolated.
We started utilizing the app proxy service. If you have local applications that use a web URL, you can use the app proxy and have Microsoft handle the VPN connection set rather than needing a VPN yourself.
Intune has helped to reduce the risk of security breaches in our organization. Intune has saved us costs. It has helped us reduce our workloads. When doing the hybrid deployment, we have to manage our on-prem environment and have additional security for it. By moving into the cloud, we have reduced the electrical cost of the office. There is also a price difference. Hosting our own VM sets versus having them host in Azure are two different things. Doing cloud integrations with pieces is easier in Intune than on-prem. It has been a nice thing that we have been dealing with recently.
What is most valuable?
We are using it for its DM Hosting, user hosting, and end-to-end deployment as well. It is all very nice.
What needs improvement?
I would like them to stop making changes and not tell people they have already made the changes.
I know that their AI pieces are at the infancy stage, but allowing users to do more tagging for information would be an interesting thing because Intune also directly integrates with Azure. Because a lot of the devices are hosted with that, you also get a lot of tagging of user data and other things like that. Tagging is still at more of an infancy set. You get a lot of false flags.
There can also be a more simplified use case for app deployment. They leverage MSIs and WIN32. I am having a more washed-out EXE process. Rather than having to build the script sets yourself, having them autogenerated script based on you uploading in a default location would be nice.
For how long have I used the solution?
We are still in phases. It is not simple to just do a hard cutover for a lot of it.
How are customer service and support?
Even though it is a Microsoft product, Microsoft does not sell or support the product directly, so you have to talk to a third-party set that is considered their partner to be able to access support. Our partner is JourneyTEAM. After utilizing billable hours with them and other pieces like that, we have been getting a lot of nice support via them. I would rate JourneyTEAM a 10 out of 10. I really enjoy working with those individuals.
Which solution did I use previously and why did I switch?
We were using Symantec, and we ended up using Intune. Symantec is a nice security piece, and it does some device management. There is a domain-joined service for laptops. Intune has a similar service set. You do what is called the hardware hash join into the Microsoft Intune to have the laptop cleaned by an organization rather than turning on a VPN and connecting to a domain service for a domain controller that an organization has. A lot of that is cloudly or natively handled by Intune. Especially if you go further with the Intune hardware hash joining process, there are some script sets that were put out. You can even do hardware hash harvesting from where you are purchasing, so you can have the OEMs give you the hardware hashes to be able to input that into your cloud environment. You then know that anyone cannot just walk away with the laptop because it is still joined to your Intune base.
In terms of differences between these two solutions, there is the domain service set. Intune manages the whole domain set, and then it also integrates into the other application sets. Intune is more of a product suite set. It also does the policy and detection pieces for devices, whereas Symantec is more strictly the policy sets and security.
What other advice do I have?
Intune can bring all of your endpoint and security management tools into one place. For the use case that we are doing, we are leveraging additional security software as well, so there is a little bit of everything.
We are not using it for corporate assets. We are utilizing the M365 VM license set, which is a semi-part of Intune. That is how the users are reaching some of the remote corporate resources.
I would rate Intune a 9 out of 10. It is definitely a nice product, but there are nuances to it. Especially with them coming out with and changing name schemes for a lot of the features, you have to do digging to find the whole use case, but with all the options and different use cases, there is a lot to be gained.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant at IT Soli
Serves as a unified platform, enhances data protection, and provides a seamless user experience
Pros and Cons
- "As an IT administrator, I appreciate Intune's ability to implement granular device-level policies for our organization's employees."
- "Intune could be enhanced by automating application upgrades, similar to how it automates operating system upgrades."
What is our primary use case?
I have worked in various roles with Intune. In my previous organization, I supported Intune on a job board. Currently, I am in a consulting role, responsible for development, deployment, and other aspects of Intune. This experience has given me a well-rounded understanding of Intune's support and implementation aspects.
We implemented Intune to manage devices across multiple operating systems, including Windows, Mac, iOS, and Android. My expertise lies in device enrollment, compliance enforcement, configuration management, Autopatch, Autopilot for Windows, and application provisioning through Apple Business Manager for Mac devices.
We have clients who have deployed Intune on a hybrid platform and others who are fully cloud-based.
How has it helped my organization?
Intune's security management capabilities effectively meet our compliance requirements. While there may be a few unique instances where our needs are particularly complex and don't perfectly align with Intune's design, it's clear that Intune comprehensively addresses the compliance standards and policies necessary for any organization.
Intune serves as a unified platform for managing endpoint and security tools. As a comprehensive management solution, Intune allows for centralized control of various aspects of device and security management. In terms of Microsoft Defender, Intune seamlessly integrates certain features of this advanced security product, providing an additional layer of protection. This integration streamlines incident management by centralizing relevant information and tools within a single platform.
With the advancements in Intune automation, the role of IT administrators has become significantly less complex than in previous years. Tasks that once required extensive manual configuration and monitoring, such as deploying security updates to Windows machines, are now streamlined through features like Windows Autopatch. This service automates the entire process, including policy creation, deployment, and monitoring. Additionally, Autopatch offers flexible deployment options, allowing for gradual rollout to pilot groups, IT staff, and the general workforce. As a result, IT teams can focus on higher-level tasks and reduce the time spent on routine maintenance.
Intune's user experience is generally seamless, with minimal user interaction required. While some applications might occasionally conflict, causing minor disruptions, Intune's compliance and configuration policies are typically applied in the background without significant user input. As a result, the user experience is generally straightforward, with few interruptions from Intune's administrative tasks.
If implemented, Intune can significantly enhance data protection, compliance, and security. By implementing security codes, we can control user-level access to applications and ensure that only authorized individuals can access company data. In case of device loss, we can remotely wipe the device to prevent data compromise. Intune also plays a crucial role in productivity. Deploying and managing applications through Intune is straightforward, and it supports a wide range of applications, including built-in ones. These features make Intune a valuable tool for organizations seeking to improve data protection, security, compliance, and overall productivity.
Intune effectively secures hybrid work and protects data on both company-owned and BYOD devices. For company-provided devices, MDM enrollment ensures robust security. However, BYOD devices rely on MAM, requiring user interaction through the company portal or Authenticator. While most users comply, there are instances of resistance to installing the company portal app, making MAM management challenging. To address this, Microsoft could explore alternative solutions that avoid the necessity of the company portal on personal devices, accommodating user preferences.
Intune enhances IT efficiency by streamlining application deployment. Applications developed for Intune are directly accessible within the application list, eliminating the need for separate provisioning from third-party vendors. Microsoft's extensive collaborations with numerous applications ensure that features and upgrades are managed seamlessly through Intune. Overall, Intune offers a promising solution for current IT productivity needs.
Intune offers comprehensive compliance features, covering even the intricate registry aspects of Windows security. Through the settings catalog, we can configure virtually all desired settings. Existing templates can be customized, and we can delve deeper into the same settings previously configured in our on-premises environment. For those transitioning to hybrid or cloud environments, Intune provides numerous features that can be customized or replicated from on-premises, offering a seamless transition.
What is most valuable?
As an IT administrator, I appreciate Intune's ability to implement granular device-level policies for our organization's employees. This allows us to enforce company-wide regulations and ensure compliance while minimizing the risk of data breaches. Intune's user-friendly interface and straightforward accessibility make it a valuable tool for IT staff and employees.
What needs improvement?
The enterprise application management feature in Intune Suite for app discovery, deployment, and automatic updating is well-suited for Windows devices but is premature for Android and iOS. From an administrator's perspective, managing Windows apps with Intune is relatively straightforward. However, for Android and iOS, the feature requires further refinement due to their third-party operating system nature. While Android devices pose fewer challenges, iOS devices often necessitate using Apple Business Manager as an intermediary, complicating the management process. This is particularly evident when considering Apple's role as the primary manager of iOS devices.
Intune could be enhanced by automating application upgrades, similar to how it automates operating system upgrades. This would streamline the process and reduce manual effort, especially for organizations with multiple applications requiring regular updates. Additionally, the tenant dashboard could be more user-friendly by providing more customizable options and charts for monitoring various aspects of the Intune environment. This would allow administrators to easily access and track key metrics without navigating through multiple menus.
For how long have I used the solution?
I have been using Microsoft Intune for three years.
What do I think about the stability of the solution?
I would rate the stability of Intune eight out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of Intune eight out of ten.
How are customer service and support?
Regarding the frontline support we contact, they could be more responsive. While the support is essentially the same for all users, Intune customers' response times, reservation times, and overall service are influenced by their license agreement. There is room for improvement in this area. Ultimately, we use the same product and license, but premium customer service comes with an additional cost. For instance, clients with premium licenses and support add-ons typically have issues resolved within three to four days, compared to seven to eight days for those without premium or unlimited customer service.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have experience with Jamf and NBF solutions. While Jamf offers robust capabilities for managing iOS devices online and is user-friendly, it surpasses Microsoft Intune in its features for Mac devices. However, Intune remains a better choice for Windows devices.
How was the initial setup?
The initial deployment of Intune can be improved by automating enrollment processes for Windows Autopilot. This would streamline the process and reduce the number of options IT admins need to manage. Additionally, automating the initial Intune procedures performed by IT would further simplify Windows Autopilot deployment.
The deployment time varies depending on the operating system. For Windows, it can take around ten hours. Android deployment takes 15 to 20 minutes. iOS deployment requires more time due to intermediaries between the device and Apple Business Manager. Setting up a connector between Apple Business Manager and Microsoft Intune, creating profiles on both platforms, and procuring licenses for the device on both ends are necessary steps for Mac deployment. Windows deployment is simpler, and methods like Windows Autopilot are less time-consuming.
What's my experience with pricing, setup cost, and licensing?
The cost of the license and the features are justified for myself as a technical person.
What other advice do I have?
I would rate Microsoft Intune eight out of ten.
The Microsoft Intune Suite is a valuable tool for companies seeking a reliable MDM solution. Given the current structural and developmental trends in businesses, Intune has become essential for ensuring data security, protection, and compliance. It's a user-friendly platform that's relatively easy to learn, even for those with limited IT experience, such as support staff. For individuals aiming to enhance their skills and explore cloud technology, Intune offers a solid starting point before delving into Azure. By beginning with Intune and gradually expanding their capabilities, users can effectively leverage the Microsoft cloud ecosystem.
Our clients are medium size organizations.
Intune necessitates regular maintenance. To ensure optimal performance, we generate quarterly reports that inform our planning for the following quarter. These reports enable us to identify areas for improvement in compliance, non-compliant devices, configuration issues, and security and application upgrades. By addressing these concerns proactively, we can enhance Intune's overall effectiveness.
With co-managed devices, integrating the Intune Suite can be challenging due to the interplay of on-premises and cloud environments. Determining which controls have precedence—cloud-based or on-premises Active Directory features like organizational units or first levels—is crucial. Cloud-based management simplifies this process as Microsoft handles many aspects automatically, reducing the need for extensive customization. Creating user-level profiles in Azure Active Directory is essential for backend operations. On-premises management often requires more manual tasks compared to cloud-based solutions.
Intune is a viable solution for those seeking a mobile device management tool, especially if they primarily use Windows devices. However, if a Mac environment is the primary focus, Jamf offers more comprehensive capabilities and features. For organizations with a mixed device environment, including Windows, Mac, Android, and iOS, Intune is a strong recommendation. Additionally, individuals aiming to enhance their skills in cloud technology can consider Intune as a valuable starting point.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Sep 2, 2024
Flag as inappropriate
Buyer's Guide
Download our free Microsoft Intune Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Product Categories
Unified Endpoint Management (UEM) Configuration Management Remote Access Enterprise Mobility Management (EMM) Microsoft Security SuitePopular Comparisons
Workspace ONE UEM
ManageEngine Endpoint Central
NinjaOne
IBM MaaS360
Sophos Mobile
Ivanti Neurons for MDM
Citrix Endpoint Management
Scalefusion
Faronics Deep Freeze
Ivanti Endpoint Manager
Tanium XEM
Hexnode UEM
Matrix42 Unified Endpoint Management
Adaptiva
Buyer's Guide
Download our free Microsoft Intune Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Microsoft Intune and VMware AirWatch; Which do you recommend?
- What is lacking in comparison with AirWatch?
- What are the benefits of Microsoft Intune for IT Admin?
- What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions?
- What are the main differences between Jamf Pro and Microsoft Intune for Mac management?
- Which solution is better for an educational organization: Google Workspace or Microsoft Intune?
- What are the differences between MobileIron UEM and Microsoft Intune?
- What are the pros and cons of Microsoft Intune?
- How does Microsoft Intune compare with ManageEngine Desktop Central?
- Is it worth migrating from WS1 to Intune if we have Microsoft 365 E3 available?