Microsoft Intune Reviews

I have used Microsoft Intune for six months. I used it for MDM solution and MAM, but for the packaging, Autopilot configuration, compliance profiles, compliance policy creation and configuration profile creation, I worked for six months because we were moving assets from SCCM to Microsoft Intune. It was a migration project where I was part of the team. In that project, I worked on the packaging side where I was responsible for creating new packages that were already present on SCCM for laptops. The main use cases for Microsoft Intune are for compliance policy deployment and application deployment for laptops.

I assess the user experience of Microsoft Intune as good. It's cloud-based with no need for on-premise infrastructure. You can access it anywhere and start working on it. You will have the record of data in your hand anytime if you need it quickly. The benefits that Microsoft Intune brings depend on what you are using. It's directly integrated with Azure AD. If you are using on-premise Active Directory, there is a process to integrate easily and use those resources. This tool works beyond the boundary, which is why organizations use it.

What I appreciate about Microsoft Intune are the detection method and the supersedence option, dependencies we can add on, and multiple software we can install with a single package. That's a plus point inside the solution. It's directly integrated with Azure AD, and if you are using on-premise Active Directory, there is a process to integrate easily and use those resources.

I haven't worked extensively with Microsoft Intune to identify many areas for improvement. However, one thing I would suggest is that servers are not getting managed through Microsoft Intune. If that feature would be added, everything would be improved.

I have used Microsoft Intune for six months.

When it comes to the stability and reliability of Microsoft Intune, I don't hear about any downtimes, crashes, or performance issues because it's server-based and those are managed by Microsoft only.

We can discuss Microsoft solutions, Intune or SCCM.

When implementing Microsoft Intune in my environment, it was straightforward. It's not as complex as other tools. It's easy to learn things, and I could easily work on it.

I was part of a team working on a migration project where we were moving assets from SCCM to Microsoft Intune. I worked on the packaging side where I was responsible for creating new packages that were already present on SCCM for laptops.

Everything about ROI and measurable benefits in terms of time saving, cost saving, and resource saving depends on the organization and their requirements. Products get acquired based on requirements. If you have maximum servers, you will go with a solution that patches the software most frequently and is good with compliance. If you are going to manage only laptops and workstations, you should go with a solution that is easy and very low cost to manage.

I don't have any information about the pricing of Microsoft Intune.

Regarding the key differences between Microsoft Intune and JAMF or Ivanti products, there are many things increasing inside Ivanti now. They are working on the cloud part and coming up with new features. I haven't worked on the new features and updates, so I cannot share much experience on that part.

My advice to others considering Microsoft Intune for their organization depends on the infrastructure they have in place. Based on that, they can determine if Microsoft Intune will be best for them. If they are going to manage laptops and desktops only, it will be beneficial for them. They can apply MDM and MAM on those devices if there are few and remote devices. Laptop, iPad, mobiles, Android, iOS, everything can be managed through it. MacOS and Linux can also be managed. On a scale of 1-10, I rate Microsoft Intune a 7 out of 10.

Before working with Microsoft Intune, I was not using another solution for the same needs. I decided to give it a try with Microsoft Intune because it provides me with the ability to manage devices properly.

I have been using the Enterprise Application Management feature of Microsoft Intune, which enhances abilities when it comes to app discovery, deployment, and automatic updating.

They should improve Microsoft Intune to make this tool better and simpler. Less development and moving things around would be beneficial. There may be room for improvement on the feature side, particularly with some integrations.

I have been using Microsoft Intune for six months.

I assess the stability of the product as low. I have faced downtime crashes and performance issues with Microsoft Intune.

Microsoft Intune is adequately scalable for thousands of users in my environment.

I have not contacted tech support yet.

I was not using another solution before Microsoft Intune. I decided to implement it because it provides me with the ability to manage devices properly.

Microsoft Intune has reasonable costs for me.

I am currently using Sophos MDR.

My user experience with Microsoft Intune is acceptable, though it can be irritating at times. It still accomplishes its intended purpose.

My total rating for Microsoft Intune is seven out of ten.

We use the solution for Autopilot. The company uses it for onboarding to Autopilot. We're using it mainly for mobile devices as SCCM cannot handle mobile devices. It works great for iOS, iPads and MacBooks. We do use it for Windows as well. 

If a user wants to purchase any application, they have to do it manually. However, we are now able to purchase the apps for the user and the user can access the apps without having to purchase themselves manually. When we use a VPN, we can utilize a protection policy where we can create rules around certain apps so that no data can be copied to an unmanaged device, for example. The device will be deactivated based on a threat to compliance. 

Intune allows us to deploy legacy policies and future policies for our devices. We can create policies for pushing Windows updates. 

The user experience is mainly for mobile devices, and it's very good for protecting personal devices. It helps us control company data, even on personal devices. Overall, the user experience is good. 

We are using Microsoft Copilot. We've very recently started using it. If you have a Copilot license, it can show policies for each device. It's a very useful feature. We're just starting to test it with our pilot groups. However, so far, it's given us the complete details of policies installed on individual devices. It will help us simplify our security operations. For now, we're working with our security and compliance teams to put it into place fully. 

If any user tries to access company data, it directly interacts with the conditional access policy. This helps us protect our data and set the criteria for how data can be accessed and shared. 

The enterprise application management feature for app discovery deployment and automatic updating is very useful. If you want to use a managed application in Intune, it needs to be authorized in Azure. This is an extra protection that ensures only proper applications are used. 

Intune can reduce the manpower needed on the IT side. By pushing customized policies, we can manage everything via the cloud or on-prem, and everything is seamless as it offers hybrid endpoint management capabilities for all devices.

With Intune, we can now manage both Windows and iOS devices under one solution. It's saving us a lot of costs by streamlining the management platforms needed.  We've been able to consolidate vendors. Since everything is now with Microsoft, the enterprise cost is different. The licensing is very easy.

From SCCM, you can control the complete patches of the Windows device. Either it's a future update or a critical update. Otherwise, it's just a security update. However, when it comes to Intune, we have no option to defer the policy. We can defer for 60 days; however, apart from that policy, everything needs to be deployed from Intune.

If you wish to block any App Store application, there is no way to do so. I have no app-blocking policies. If any user installs an application, the complaint policy will check it. Eventually, the device will remove any non-compliant devices. However, it will take time. There is no rapid, pre-emptive way to block the application directly from the App Store.

Intune doesn't bring all of our security management into one place. Windows patching isn't very visible in Intune. 

We need to manually add in serial numbers of the hardware. It would be ideal if the solution could offer a seamless enrollment option.

We'd like to have more visibility on endpoint security, specifically around antivirus and disk encryption. You can configure the firewall, however, it would be ideal if there was a single portal where we could manage all security efforts - from encryption to antivirus to firewalls - anything related to the network.

I've been using the solution for almost six years. 

The stability of Intune is very good. We don't need to take care of the network or anything since it's not on-prem. It's completely stable in the cloud. 

We have about 50,000 Windows devices and 25,000 iOS devices using Intune.

We haven't faced any limitations when it comes to scalability.

We've very rarely had to reach out for support. We had to in June for an update across iOS applications; however, beyond that, our need for them is very rare. You do need to be at an enterprise level in order to get complete support from Microsoft. 

Neutral

Previous to Intune, we were supposed to use only the WatchGuard devices with Citrix since we did not have any SCCM setup. Citrix completely managed the devices. And even if any user wanted to access something from home, the user had to log in first, sign in to VPN, then sign in to any virtual machine related to Citrix, and only then could they use OneDrive or whatever. There was the added cost of getting virtual machines and then having everyone utilize some more bandwidth. Using Intune helped the company streamline access and reduce bandwidth.

We also had a different process for iOS versus Windows products. For iOS, we had people accessing via AirWatch. Intune allows us to have one single type of license for all devices. Plus, Azure's Microsoft Defender offers security. 

The initial setup is not complex. If you are simply setting it up for a mobile device, it's very easy. It will redirect users for conditional access to ensure compliance. How many people you need to deploy is based on scale. However, even with thousands of devices, you only need two or three people as they would need to set up the groups. 

The tool is easy to maintain. 

We've witnessed a very good ROI by consolidating all of our platforms under Windows. A single license can cover five devices. You can sign in and gain access to all sorts of Windows applications from 365 to Excel. 

The licensing is very reasonable. With a single enterprise or EMS license, you can manage the Teams-certified device, and you can manage Windows as well as mobile devices. You can use Azure and get security. You get everything with a single vendor, which helps save costs by 30% to 50%. 

I'm working as an Intune engineer. I'm an end-user.

By moving to Intune, companies can control more DLP. The data loss protection is all right there. Users gain more visibility with Intune. 

I'd rate the solution seven out of ten. 

We use endpoint management, both SCCM and Intune, so it is a hybrid model that we use in order to manage applications, patching, updates, and operating system deployment with Intune. We also use Autopilot for deployment.

Intune has been effective in managing various mobile devices. It would be Apple Business Manager for Apple devices, the iOS tray. It's easier to manage from Intune compared to Android. I've recently heard that Android devices will no longer be managed from Intune. The MDM part is moving away.

Intune's app management feature for supporting business operations is very easy and seamless for an admin to package applications on Intune. It's also very easy to track logs on the end-user device to understand deployment or push failures. Application management works really seamlessly with Intune.

Moreover, Intune has made it very easy to package and deploy LOB apps like MSI and MSI X applications available on the Microsoft Store. This is very helpful.

Intune brings all of the endpoint and security management tools into one place. Microsoft has integrated all its cloud platforms, like Defender for Endpoint and Intune for endpoint management. We can easily manage the Defender part from the Defender portal for endpoints, and it's very easy to track vulnerabilities on the Defender portal as well. 

It's just a matter of installing the Defender client on a device, and we can easily see all the scan results from that device on the portal. So it's very easy and simple, and the security information is all on the dashboard, ready to be presented to the client.

Automatic updating can be challenging for apps not available on the Microsoft Store. We need to package and download those apps, and it's not just pushing them; we need to create scripts to uninstall previous versions. That's a caveat compared to SCCM, where we can integrate third-party tools to manage third-party applications. I hope they will soon integrate something like Patch My PC. Apart from that, it's good.

We don't use the advanced endpoint analytics but, we use the basic features available on the dashboard. We have various data sources and get a lot of reports from there.

We also don't use Intune PKI as of now because we manage PKI from our on-prem environment. But we have seen that BYO CA (Bring Your Own CA) is now available on Intune. We can bring our own CA to reduce the load on the on-prem infrastructure. That's one of the features we need to test.

Overall, Intune provides a more secure and easily monitored environment, with live and native support, unlike other tools. For example, we might get data that is seven days old with other tools, but with Intune, we get data that's only eight hours old. This helps us understand what applications run on a particular machine and which operating system is installed. Intune has saved us time and provides valuable features.

The best features are application and update management. In the context of updates, it's very easy to manage device updates through Intune because they pull updates directly from the internet. We don't have to select and push updates as we do with SCCM. 

For application management, we have many options for packaging applications. 

The overall user experience of Microsoft Intune a ten out of ten. There are certain limitations, but I would still rate it ten out of ten compared to Jamf, Tanium, and BigFix. I find Intune far better and easier to use.

I also tested the enterprise application management feature. The way we are packaging using Windows 32 apps and LOB apps. These are pretty simple to manage.

We recently introduced Copilot on Microsoft 365 portal to help draft emails. We were highly dependent on Grammarly before, but Copilot has replaced it and saved us the licensing cost. That's one way we use Copilot.

Copilot won't protect our environment. It's just an AI tool. Defender is responsible for protecting our environment. Copilot can answer our questions quickly, without needing to browse through Google or a browser. It's integrated into almost every application. We can click on it and ask our questions.

Copilot has reduced the load of typing. We can just give it a brief instruction, like "draft an email to my manager regarding a new joiner," and it generates a draft. This saves us time and typing effort. We just need to proofread it.

We've only seen Copilot so far. We haven't tested any other AI tools in Intune yet. Copilot is very useful, and it's a Microsoft product.

The challenge we experience is with Mac management. We find Intune not capable enough to handle Mac devices, configurations, or operating system deployments. However, it's easy to manage Windows devices. Mac itself has a lot of restrictions. Linux and Mac operating system compatibility need improvement. Also, they need to work on making GPO (Group Policy Objects) compatible.

Microsoft needs to work on Autopilot and make it simpler at the end-user level.

We also face challenges managing group policy. Many group policy objects that we can manage from on-prem Active Directory can't be managed through Intune. That's something Microsoft needs to work on, and I'm sure they will.

I have been using it for more than four years. 

It is a stable solution. I would rate it a nine out of ten.

Everyone in our organization uses this solution. But, for the project I am involved in, just 15 people use it. 

We have medium to enterprise businesses as our clients. 

I would rate the scalability an eight out of ten.

The customer service and support are average. Sometimes I feel they don't even know about their product. 

Neutral

I can compare it to Tanium. When I was doing a POC in place of Intune, we needed to compare other tools as well. Tanium is a good tool, but I can't find any other tool that can replace Intune with so many features.

I like the user-friendliness of Intune's GUI and the fact that we get so many features under one roof has attracted our attention.

The deployment of Intune depends on the environment in which it is being deployed. In our case, it was pretty simple because we didn't have much insight. However, depending on the requirements of a different environment, it can become complex.

The deployment takes a couple of months would be a good estimate. You need to plan everything and then execute, and migration is involved.

Intune works seamlessly with Microsoft Defender. With other security solutions, we see a lot of challenges. It depends on the complexity and scale of the environment. But it's really compatible with Defender and Intune integrates well with other security solutions.

Intune requires maintenance. It requires internet access because we need to manage certificates, check on the DMF file, and clean up stale devices.

It has helped admins immensely in order to manage those endpoint devices. With other tools, the device needs to be on the office network or VPN. Intune removes this dependency. 

We can manage devices through the internet, and we won't miss any devices that are offline.

It has saved 60% of our time. I can't put an estimate on cost savings, but it has saved a huge cost because we don't have to manage infrastructure anymore.

It's a little expensive, but it's worth having.

Compared to other tools in the market, Intune is a good tool to go with. It's a little expensive, but it's really good because we have almost everything under the same umbrella. The features that Microsoft offers are not available in BigFix, Tanium, or Canvas. But it also depends on your budget.

I would definitely recommend it. We get promoted features, and it's easy to use. The ease of use is really attractive for admins, especially compared to other tools.

Overall, I would rate it a nine out of ten. 

I work for a company that deploys all of its iOS and Android devices on Intune. It can manage company and personal mobile devices. We have 150,000 users.

It helps us secure hybrid work. Some users work on company devices at the company, and some use personal devices. We have set app configuration and protection policies in Intune.

When customers travel, they carry their tablets or cell phones, so they need to access corporate resources, such as emails, chats, and files. Instead of carrying their laptops, they can easily access corporate services from their tablets or mobile phones. 

Intune increases productivity by 80 to 85 percent. Since adding Intune, our budget has increased. We are trying a few new things, and corporate is doing data testing. We've also had to purchase more licenses. The budget has increased, but it's worth it. 

We can implement a MAM policy in this Intune and protect the device through mobile application development without touching it. The interface is easy to use and understand. 

Microsoft brings all my endpoint and security tools into one place. Intune and endpoint manager are there. We can control our devices at the maximum level. I'm fully satisfied with Intune. 

With the application management feature, we can manage Google Play and publish applications from there. Per user requirements, we can deploy applications to Intune and to the user machines.

We had an APNS certificate set to expire last week. We tried to renew it two days before it expired. We logged in to the APNS portal but could not find that certificate.

We didn't know where it went. All the iOS devices stopped working. We contacted the Apple and Microsoft teams, and each blamed the other. This is something that Microsoft should take care of. Last week, we had so many escalations from high-profile users who couldn't access corporate data on their devices.

I have used Intune for more than two years.

I rate Intune 10 out of 10 for stability. We've had no issues.

I rate Intune 10 out of 10 for scalability.

I rate Microsoft support seven out of 10. When Microsoft support engineers can't resolve an issue, they refer it to the technical department, which will come back in a month. Then, you have to explain the entire issue from the start. 

Neutral

Before Intune, we used IBM MaaS360. Intune is more flexible. With the IBM product, we had to contact their product team to make any changes. Intune is more customizable. 

The deployment is a little complex. We previously had an on-premises data center, but we have migrated everything to the cloud in the past six months. Implementing Intune took months. We have two data centers: Bangalore and Kolkata. Migrating a lot of data was a lot of work. After deployment, it requires no maintenance.

Intune isn't cheap, but it's fairly priced.

I tried the AWS but the user interface is not as good as Intune's.

I rate Microsoft Intune eight out of 10. 

Microsoft Intune has improved our organization a lot. Previously, we had concerns about device security and compliance. We now do not have those concerns, and we also have productivity and efficiency. It enables remote work.

It is very easy for us to pull the applications for security updates. Everything is done at the backend. It is very easy for us to configure for all the users because we are currently using Microsoft E5 and E3 licenses for all the users. We have created separate groups for all the users. We have more than 7,000 users across more than 60 countries. We have created separate groups for all the countries. After the onboarding is over, we add a user to a particular group and Intune. Once we enroll a user's PC, all the applications, security updates, and other things are pulled from the back end.

It helps with security enhancement. We can remotely manage the devices. It helps with productivity. We can have reports. We can download all monthly reports and enable compliance policies. Its cost efficiency is also good.

It is integrated with Microsoft 365. Everything is integrated in terms of security and endpoint solutions. Every feature is in one space or license, which is Microsoft 365. We only need to be concerned about the license because, under Microsoft 365, they have a lot of licenses. That is the only thing we need to focus on.

It is very easy for me to monitor and configure everything. It is a one-time process. Once I have done all the work at the back end, it is very easy for me to configure everything. At times, requirements come from IT managers from some countries where they need to add some applications, policies, or VPN networks, and I take care of that from time to time. They usually come in the middle of every month.

Nowadays, more and more companies are implementing Intune for their users. I see a lot of companies moving to endpoint management. It is a good move to integrate all the systems and bring them under one roof. You do not need to look for other solutions or third-party applications. Once you have the Microsoft enterprise license, it is a one-time process. You do not need to go to all the users to install everything and do the updates. It is not necessary. It requires only a one-time configuration. It is very useful for all companies. It is very user-friendly, and it is very easy to pull the data and reports on updates and applications. Everything is possible in Intune nowadays.

Microsoft Intune is very useful for us because we do not need any extra people. It reduces the manpower required. Previously, for every country, we had to recruit more IT technicians for things like installation and user support. Nowadays, in a single window, I can do all the work in the back end. For example, in the case of a laptop theft, I can wipe the laptop remotely. It is a very useful tool.

Microsoft Intune is a cloud platform. It is integrated with Azure. It protects and checks the identity at the backend. We can also configure some extra layers of protection, such as MFA or passwordless sign-ins. We can enforce all this for all the users. Our devices are more secure.

Microsoft Intune is already integrated with all the things. We have created some alerts for all the users in the case of any unusual activity or travel activity. If they click on a malicious link, it is automatically detected. We have already configured all this in Office 365. The tickets are automatically generated in Jira. We have to verify with the IT managers of the representative countries whether these user activities are valid or not. According to that, we are taking some precautions and remediation such as blocking some users. Security-wise, it is very useful for us.

It is a one-time configuration. It is very easy for me to configure all the things. Once I create policies and applications in Intune, it is very easy for us to enroll users. It is a one-time process. We do not need to spend a lot of time because all the setup is done in the initial phases. Its interface is a little bit complicated, but I know where to configure all the things in the portal. It is very easy for me. Before the user enrollment, I have a call with the IT managers of the respective countries and collect the requirements from their end. I configure all the groups accordingly. For example, we have some inbuilt applications that we need to allow for all the users. We also have some in-house applications. For every country, the policies are different. I can take care of all that.

We are facing issues with Apple products. With macOS and iOS, there are some difficulties with the updates because we cannot get full control of Apple products. In the case of Windows, it is fine, but in the case of Apple, we have some difficulties. We cannot control everything through Intune.

It can be improved in terms of UI, user productivity, ease of use, performance, customization, and flexibility. It has all of these capabilities, but they can be better. Reporting, analytics, and integration with third-party solutions can also be better.

I have been using Microsoft Intune since 2022.

It is a stable solution, but when a lot of users are facing the same issue, it can take us some time to find a solution. I would rate it a seven out of ten for stability.

It is scalable. I would rate it a seven out of ten for scalability.

We have premium support. If I am not able to find a solution for an issue at my end, I raise a ticket with them. I get a response or callback according to the priority level. They try to resolve the issue as soon as possible. I have faced some challenges on Saturdays and Sundays and at night time. 

Their support is not always very fast. Sometimes, they take a day or two and they can also take one or two weeks. In a few cases, they took one month. If level 1 support is not able to resolve the issue, the ticket is moved to the next level. If level 2 is also not able to resolve the issue, they move to level 3. Their support needs some improvements.

Neutral

We were not using any similar solution previously. We had some software for remote access and admin control.

I have some experience with Meraki MDM. I am not very familiar with it. I worked with it only for a year. When I joined the organization, all the systems were in domains. It was very difficult to manage everything because one of the engineers had to go to the user systems and install whatever the users wanted. All the systems were protected with the administrator accounts. Nowadays, it is very easy for me to pull all the applications.

For all the updates, we are using a separate third-party tool from Qualys. It is integrated with Azure. Every month, we initiate software updates. It is mandatory for all the users, and it is automatically done. Once I pull the updates, they automatically run in the backend on every user system.

We are using a third-party solution for our servers. We have about 150 servers for application development, UAT, and production. We cannot use Intune for the servers. It is not effective for servers. That is why we are using a third-party application for servers.

For the initial setup, we needed some help from the Microsoft team. As a new organization, we had to know all the features. We had different requirements for different countries in terms of applications and compliance.

We had a session with Microsoft, and they explained all the processes in Intune and showed us how to configure and implement everything. We had done some PoCs. We started with a few users, and after everything worked fine, we started with small groups and implemented it for them.

Its setup is easy, but we had requirements from IT managers regarding excluding some devices from the administrator level and allowing some users to directly install some applications. In such cases, we had to create separate groups for them.

It was a long process. It took me around one month for each country. I had to set up a meeting with IT managers, discuss the license part, and tell them the main advantages and disadvantages. Convincing them was a bit difficult because their systems were connected with domains. Different users required different permissions. We cannot give global admin permissions to all IT managers. 

We are a team of 20 people. We are the ones dealing with the global admin access. We take care of many things. For example, for application configuration or policy configuration, people need to raise a ticket with us. We schedule a meeting and take the requirements from them. We accordingly make the changes.

We also have an operations and infrastructure team. Our company is a logistics and shipping company. Here in Dubai, I am working in the global hub. It is the group IT hub. We are developing all the on-premises applications here. We have more than 20 in-house applications.

In terms of maintenance, I have not got any feedback. It is working very smoothly so far. I have not faced any challenges.

We have saved resources and time. We do not need that much manpower and time. It is a very effective solution.

It is expensive. The cost depends on the license that we choose.

The enterprise license is expensive. It is recommended only if the organization has the budget. It is not recommended for all companies because of the licensing part.

We ensure that the selected solution integrates smoothly within our IT infrastructure, including Active Directory, Azure AD, cloud platforms, and network equipment. Compatibility and integration are the key factors in achieving seamless deployment and operational efficiency. We also need to consider the security and compliance requirements and plan for scalability and future growth.

We just started using Microsoft Copilot in Intune. We have some testing going on. We assigned the license to some of our help desk IDs. We are using it for some meetings and documentation purposes. It will automatically capture the key points when we are in the meeting. We have tested only a few features in Copilot. We need to explore it more.

I would recommend Microsoft Intune. It is a very useful product. It is very helpful to monitor the devices and implement compliance policies. You can also get monthly reports and alerts about user activities. Security-wise and configuration-wise, it is a very useful product.

I would rate Microsoft Intune an eight out of ten.

We use Microsoft Intune to deploy applications, check Autopilot status, and deploy Autopilot applications. We also use it to manage user profiles, assess compliance, and define compliance and configuration profiles, among other Intune configurations.

We implemented Intune to improve our compliance.

Intune consolidates all our endpoint and security management tools into a single platform. Intune allows us to securely manage Windows, macOS, iOS, Linux, and Android devices, both corporate-owned and personally owned, in one centralized location.

The user-friendly enterprise application management system allows easy app discovery, deployment, and automatic updates without IT assistance.

Microsoft Intune Suite is a great tool for MDM.

We use Copilot whenever we encounter difficulties or receive error messages while working on a solution.

Copilot is beneficial for environmental protection as it assists in finding solutions by providing necessary information.

Copilot helped simplify our IT and security operations overall.

Microsoft Intune has significantly improved how we manage our devices, applications, and security regulations.

Intune enables us to easily manage and secure hybrid work environments, safeguarding company and personal device data.

Intune's endpoint privilege management improves user productivity because we can create temporary privileged accounts.

Endpoint privilege management, through its implementation of least privileged access, helps to reduce our organization's attack surface by limiting potential vulnerabilities related to security and authentication.

Intune has improved our IT productivity. Auto patching has freed up their time because it requires no administrative support.

Microsoft Intune has helped save us costs by consolidating multiple tools into Intune.

Microsoft Intune Suite's integration with Microsoft 365 and Microsoft Security is great for both cloud and co-managed devices because we can use it to form a single dashboard for enabling and managing licenses and creating accounts. 

The most valuable feature of Intune is the user-friendly portal for end users.

One drawback of Intune is that we cannot find devices based on a user's region or location. As a global organization, having this ability would be helpful.

I have been using Microsoft Intune for four years.

Intune is stable. We have not encountered any downtime.

Intune scales to our needs.

The prolonged response time from technical support for Intune is unacceptable, as this tool is critical to our organization's operations.

Neutral

We previously utilized Microsoft System Center Configuration Manager but transitioned to Intune due to its advanced capabilities and cloud-based architecture, enabling centralized management and accessibility.

Intune reduces the need for administrators, resulting in time and cost savings by eliminating the on-premises hardware and personnel.

I would rate Microsoft Intune eight out of ten.

We manage over 5,000 devices using Intune, which requires a team of two to three people for maintenance.

Microsoft Intune is a good tool for large organizations. I recommend using the trial version and conducting a POC.

I am working with a bank to configure backups for auto-billing devices. We have Samsung tablets used in branches with only customer accounts, where customers open accounts using these dedicated devices. We create custom policies for these devices using Microsoft Intune across multiple domains. Some devices are auto-pilot, some are dedicated tablets, and others are hybrid Azure AD joined devices managed by Configuration Manager. We are using Microsoft Intune in three domains to manage those devices.

Microsoft Intune consolidates our endpoint and security management tools into a single platform. We employ specific policies for autopilot devices tailored for global and US requirements, focusing on banking and government security. To address these concerns, we've implemented policies within the bank that restrict USB and Bluetooth access through the attack surface detection feature. This restricted app concept has been applied to autopilot laptops to enhance their security posture by blocking USB devices and preventing unauthorized research build-up.

User experience is generally good when using open internet devices like 3G, 4G, or 5G, as banks often use restricted internet connections.

Intune offers rapid benefits. Any policy, deployment, or change we implement is reflected within two to three minutes for all users. This is especially valuable for managing laptops. We can quickly implement a cleanup policy if user laptops are compromised or accessed without authorization. In the worst-case scenario of a computer being stolen, we can swiftly deploy a policy to secure the device's data within a minute.

It offers rapid policy, deployment, and change implementation, with effects visible to users within minutes. Devices managed by SCCM can also benefit from Intune workloads and policies, providing a unified management approach. Intune and SCCM work together to address security concerns for hybrid Azure AD joined devices. Attack surface reduction policies can be implemented through either platform to protect devices from threats. Intune manages SCCM-enrolled and Intune-managed devices, offering comprehensive security and management capabilities.

Intune has enhanced the productivity of our IT department. We can now establish Active Directory-related policies for public auto-enrollment devices in remote areas like Karachi and Islamabad. Not confined to specific cities, these devices can be managed through autopilot with AD-related policies created on Microsoft Intune. However, these devices are not always on-demand, so we track them using autopilot policies and create eighty policy replicas for each device. This approach is highly effective for managing our large-scale operations, as users often face challenges like requiring USB access while working remotely. We specifically tailor policies for our hundred audit users, who move frequently between locations.

Our bank's most valuable Intune features are centered around the dedicated device concept. We've implemented policies for tabs used by branch employees during account openings and deployed custom policies and applications on these devices using our Rapid Account Opening application. This dedicated device approach and tailored Intune features have yielded excellent results.

Microsoft Intune needs to improve its security policies. I want more secure, reliable, and efficient security policies.

I have been using Microsoft Intune for five years.

We have Microsoft Premium, which entitles us to Microsoft engineer support specifically for Intune. They respond very quickly. When we open a case on Microsoft and select a severity level, we always choose 'A' because we have a production environment. The engineers connect with us within 15 minutes and are highly capable.

We have upgraded support with Microsoft engineers and direct connections with some of them. When we encounter issues related to Microsoft Intune, we directly contact these highly skilled engineers for immediate assistance. They collaborate with us to resolve problems and always require ticket creation to meet our KPIs. We open and close these tickets accordingly. While we manage a significant volume of tickets, our direct relationship with Microsoft engineers ensures efficient issue resolution and support.

Positive

In my previous role, I used IBM MaaS360. Microsoft Intune surpasses MaaS360 with its broader feature set, increased flexibility, and seamless integration with other Microsoft products like Entra for XDR and QRadar. Additionally, Intune offers a more user-friendly experience.

The deployment time for Intune depends on the number of users. For example, an organization with 15 users can take 15 days to deploy. Organizations also using Active Directory and Office 365 Premium require additional deployments so that the total deployment time can reach 25 days.

Intune deployment is straightforward and has a stable internet connection. Given our appropriate EMS E3 and F3 licenses, we anticipate no significant challenges as long as our internet connection remains reliable.

I would rate Microsoft Intune nine out of ten.

After the deployment, Intune requires no maintenance. As long as the internet connection is stable, Intune can ensure all policies work as intended.

Microsoft Intune is the future. Using Intune, we can access other Microsoft tools like XDR through one portal. Pre-COVID users working remotely had to manage laptops not connected by a domain, and now all the devices and policies are managed through Intune.