We use Microsoft Intune to secure and control our notebooks and mobile devices.
Intune is deployed as SaaS.
We use Microsoft Intune to secure and control our notebooks and mobile devices.
Intune is deployed as SaaS.
Microsoft Intune has been instrumental in helping facilitate remote work.
Microsoft Intune brings our endpoint and security management tools into one place.
Microsoft Intune provides full visibility and IT control across our device platforms.
The Microsoft Intune user experience is seamless. The users are not affected by the control we have over the devices.
Enforcing privilege access using the privilege management feature allows us to quickly address the user's service requests.
Microsoft Intune has helped reduce the risk of security breaches. This control over our devices reduces the attack surface and makes them more secure.
Microsoft Intune has helped consolidate our vendors making it easier to administer control.
Intune suite's ability to integrate with Microsoft 365 and Microsoft Security for all managed devices is important and makes managing them easier.
The policies restricting non-corporate devices on our network and the installation of unauthorized apps are the most effective for managing and securing devices.
The ability to block and erase remote devices is valuable to us, especially when those devices are lost.
I would like the ability to install the agent on devices from suppliers, which would enable us to implement a zero-trust strategy for guest devices.
I have been using Microsoft Intune for almost two years.
Microsoft Intune is stable. I have not encountered any issues.
Microsoft Intune is scalable. We are planning to increase the size of our company within the next 12 months.
I have contacted Microsoft support once because we primarily use one of their local partners for support.
Positive
One infrastructure analyst completed the deployment.
We used a Microsoft partner to help with the initial deployment.
On a scale of one to ten with one being the cheapest, the cost of Microsoft Intune is a five.
We evaluated a solution from Blackberry but did not like it because it was not as intuitive and the configuration was antiquated. Microsoft Intune was also less expensive.
I would rate Microsoft Intune nine out of ten.
We have only 100 users. It is easy for us to administrate this number of devices.
A junior-level infrastructure analyst manages the solution.
Before implementing Microsoft Intune make sure to have a good plan and become familiar with all the solution's features.
We are currently using Intune, and we are also deploying it for customers. We use Intune to manage our mobile devices. We manage our Android and iOS devices with it, and at the same time, we also use Intune to manage our macOS and Windows devices.
During the pandemic, there were devices that we couldn't control. For example, we wanted to manage BYOD and make sure that they are secured so that when they access our corporate resources, our data, computers, users, and mobile devices are protected. We use Intune to publish some of our company applications and at the same time push down our restriction policy and configuration profiles, such as VPN.
We are a vendor, and we deploy the Intune solution. We see that our clients have benefited from this solution. They're able to manage devices that were previously not managed. They are able to secure those devices. It also improves the productivity of the users. They can work from wherever they are and leverage their own devices to access company resources. So, productivity-wise, users are more productive when it comes to Intune.
Based on my experience, I find Intune very flexible for managing Windows devices. We can use scripting, and we can make use of the self-service portal or the company portal to publish some of the applications for Windows.
I'd suggest adding more features for macOS in Intune. There should be more functionality for managing macOS. There should be a better capability for pushing things down on macOS. Currently, Intune is not capable of managing macOS at the same level as Windows.
It has been four years since I've been using Intune.
I'd rate it an eight out of ten in terms of stability because it sometimes breaks. That's mainly because Windows OS keeps on changing because of upgrades and things like that, and there are some instances where it's not supported, or it has not been tested fully on a specific version of OS.
We haven't yet gone down to the scalability part. It meets the needs of our customers. What they have right now in the cloud is sufficient and satisfies the requirements. So, scalability is not a problem.
Some of the deployments are done across sites, so there are multiple sites.
I have interacted with their support. I'd rate them a ten out of ten.
Positive
We have previously used MobileIron and Jamf Pro.
The deployment model for Intune is cloud basically, but for other MDM solutions, it's on-prem because the government and healthcare sectors prefer to use the on-prem solution.
The deployment duration depends on the project timeline and the complexity of the deployment. A fresh Intune deployment is straightforward. We just need to do the configuration and create configuration profiles. For example, for Windows OS, we can enroll 1,000 devices in a month or something like that depending on the availability of the machine. Everything is configured in the backend, so they just need to power on the device, and everything works as expected, and everything is pushed down.
The number of people required depends on how many machines need to be deployed and users' availability. The model that we're having right now is that for a new device, it's straightaway delivered to the user. So, there is no involvement of IT because it's an autopilot deployment. When a user powers on a device, the configuration kicks in. The users just log in using their user accounts, and that's all. So, one IT person is enough to configure the backend.
We implement it in-house. It does require some maintenance, but that's taken care of by another party.
It's affordable. It's cheaper if you have an Office 365, E5, or E3 subscription because everything is there.
I evaluated VMware Workspace ONE, which is similar to Intune. They both can manage multiple OSs.
While evaluating, I'd advise evaluating each and every feature of Intune and using multiple operating systems, such as Android, iOS, Windows, and macOS. You should see the capabilities of Intune and also check how to integrate Intune with other solutions. For example, for security, there is endpoint protection, etc. You need to check that because one of the requirements is to make sure that the computers and the mobile devices are secure, but Intune cannot secure your device itself. It's just an MDM solution. It only restricts some of the functionality. It cannot do more in terms of security. You need another solution to secure your devices, and you must check that your security solution can be integrated with Intune.
I'd rate Intune an eight out of ten.
We are using Microsoft Intune for personal devices, specifically for mobile devices with Android, iOS, and Windows. We have applied the policies over there for device restriction and compliance. We also have a few policies related to Microsoft Defender.
At the security level, it has done wonders. We can easily differentiate between applications. For example, there are a few applications that are only related to the organization's work. We can deploy those applications.
It is very effective. Since the pandemic, we have been in the remote work scenario. We are managing people working from the office and home. Microsoft Intune has been helping us with most tasks we are doing, such as deploying applications and resetting passwords. We are also enrolling the devices. It has saved lots of time and money.
It did not take us long to realize its benefits. We just put our scenarios, and it took us a month or two months.
Microsoft Intune integrates well with other Microsoft solutions. It collaborates well with Defender and Cloud PC. We will see a few more collaborations in the future. It will work with other features of Microsoft as well.
The reporting of Microsoft Intune is very good. They have been introducing new things as per the requirements of customers. It is quite granular compared to other MDM solutions.
The feature I like the most is that we can perform remote tasks. If we want to retire or wipe out personal data or corporate data from a device, we can use Microsoft Intune remotely, and with the click of a button, data is removed automatically. Nothing needs to be done from the end-user side.
The App Protection policies are very effective. With these policies, we can separate the corporate data and personal data. We can block the sharing of information from personal data to corporate data and vice versa.
There are lots of areas. The backend of Microsoft Intune needs to be improved. We have seen a little bit of delay as compared to other MDM solutions. That needs to be improved. A little bit more granularity should also be added.
I have been using Microsoft Intune for 3 years.
Its stability is great. I would rate it a ten out of ten for stability.
It has great features. It has a good amount of scalability.
They have been great. They have a team that works granularly on the issues. They also have unified support for this. They also have 24/7 support. We get good support from Microsoft. I would rate them a nine out of ten.
Positive
I have only used SCCM which was provided by Microsoft and was totally on-premises. I have not used any MDM solutions from them.
In my organization, it is a hybrid deployment. I was not involved in its initial deployment, but I know that it is a little bit complex for people who are using it from scratch. You need at least an experience with SCCM.
It is deployed at a single location. In terms of maintenance, it does not require any maintenance from our side. Everything is handled by Microsoft.
We have seen an ROI.
I am not that aware of the pricing, but as compared to other MDM solutions, Microsoft is providing a lot of things at the organizational level. So, it is quite reasonable as compared to other MDM solutions.
I would recommend Microsoft Intune to others. If you have any plans for having remote work in your organization, Microsoft Intune has the capability. In the future, you will also see Microsoft handling everything related to Active Directory, which is the backbone of an organization, from Microsoft Intune itself.
I would advise learning Microsoft Intune as soon as possible because this is the future.
I would rate Microsoft Intune a nine out of ten.
We use Microsoft Intune for managing mobile devices. We considered purchasing another solution but ultimately decided to leverage the tools already available within our Microsoft product portfolio.
Microsoft Intune helps us achieve better predictability and a more secure mobile device environment.
Intune consolidates all our endpoint management tools into a single platform. This simplifies our software footprint. We began with mobile devices and are now expanding to personal computers and beyond. While the process may seem ongoing, it reflects the continuous growth of our endpoint management needs.
Intune is user-friendly. Supporting users doesn't require a huge effort. We've even created a self-service portal and instructions to help them install and manage their devices independently. We centrally manage policies and other configurations. This approach eliminates the need for users to bring their devices to service for initial setup, even for mobile devices. It's all about centralized management. When we provide company devices, everything is managed in one place with consistent policies. Software updates are also streamlined. Compared to older Microsoft tools, Intune offers a significant improvement. Updating software and maintaining the system is much easier with Intune.
Our overall security posture is good. We have implemented all of Microsoft's recommended security baselines. As a result, we use Microsoft Defender for Endpoint to protect both our desktops and mobile devices.
Overall, Microsoft Intune has positively impacted productivity within our organization. Several routine tasks that previously required manual intervention are now automated. This includes administrative functions, monitoring processes for functionality, and even interacting with processes that previously demanded significant manual effort.
By integrating Azure Active Directory Conditional Access with Microsoft Intune, we achieved full visibility of our devices, even when disconnected from the company network. This enhanced security posture is particularly beneficial for our remote workforce.
We can securely manage both company-owned devices and personal devices enrolled in our BYOD program. Intune allows us to create different profiles with varying security settings. This enables us to enforce strong security policies while maintaining flexibility. In case of a compromised device, Intune allows us to remotely wipe it, ensuring our data remains secure.
Intune does not provide real-time visibility. Since it's an online tool, it can take a few hours for the records to update.
I have been using Microsoft Intune for two years.
Microsoft Intune is stable.
Intune reduces the number of people needed for routine tasks, freeing them up for higher-value projects. This reallocation of resources delivers a clear return on investment.
Our enterprise agreement includes Microsoft Intune at no additional cost. To add advanced endpoint protection, we need a separate, but relatively inexpensive plan. This makes it a much more cost-effective solution compared to buying these capabilities as separate products.
We considered other mobile device management solutions, such as Davenport and a VMware product, but ultimately chose to stay with Intune due to its rapid development pace.
I would rate Microsoft Intune 8 out of 10. Microsoft Intune excels in environments with standardized devices, but organizations with a mix of models and devices may require significant manual configuration to ensure functionality.
In the past, I wouldn't have recommended Intune. However, with its integration into the Microsoft product line, it has become a valuable tool for any organization's IT portfolio.
The primary use case of Microsoft Intune is for patch management and app deployment.
Microsoft Intune is deployed in a hybrid environment and we use Atel cloud.
I can see that the patch management process is much improved with the bundled patch management option available in Microsoft Intune compared to the KPI deployment required by the other deployment solutions.
Deploying an app can be a complex process due to dependencies. For example, I have a package with three files that need to run, but one of them has a dependency on another one. This can be challenging to manage with the Intune app deployment and has room for improvement.
I have been using the solution for one month.
We have premium technical support from Microsoft.
We currently also use BigFix.
We have not yet implemented the solution but the app deployment is a bit complex.
When we add a device to the Azure domain, the activation process for Intune is simple and straightforward with no added complexity.
We partnered with Microsoft to help us implement the solution in our environment.
Intune is cost-effective as it is included in some of the Office 365 packages. GMF can be more expensive.
We evaluated Jamf Pro and will be rolling it out for Apple devices.
I give the solution a seven out of ten.
As of now, we deployed the solution onto 10,000 devices and when completed it will be 30,000 devices. The solution is used in multiple departments in multiple geographical locations.
Microsoft Intune is a Windows solution, and organizations can take advantage of its features. However, I would not recommend using iOS devices with Microsoft Intune as it is suited for Windows only.
Generally, the top three uses are operating system deployments, software updates and patching, and software deployments to endpoints.
If you're a small shop, a two-person organization, yet you have many endpoints, five to 10,000, you can easily manage them. You can manage the masses with one person part-time and it's a good automation tool that takes away the need for multiple folks to do a lot of things in the environment like software deployments or patch management. It's very good at automating those functions.
The reporting aspect is very nice. It's got about 450 canned reports in it. They're easily customizable. You can get really good granular reports for inventory, patch management, status, and everything. It's very good at reporting.
It's not hard to set up. It's easy to manage.
Third-party patching and other solutions integrate with Endpoint Manager. From that perspective, there's no deficiency.
The UI is good. You can filter things out so that you'll only see things that are pertinent to your function.
It's really matured and improved over the years by assimilating competing products. There are a lot of things that used to be better than Endpoint Manager or not available in Endpoint Manager that were absorbed or purchased and placed into this product. From a deficiency perspective, I can't recall coming across anything substantial. I'm trying to think of a weakness. I compared it to Ivanti. From a new user's perspective, it may be a little overwhelming because there are quite a few things to look at in the console, however, once you are sort of acclimated and are familiar with your core functions, it's fairly simple and straightforward.
You can modernize the UI a little bit, however, change for a sake of change isn't always a good thing.
I've been using the solution for 25 years. It used to be called SCCM.
The solution is very stable.
The scalability is great.
The largest user base I've ever supported, for example, was a headquarters and they had 220,000 endpoints. In contrast, small colleges and educations may only have 500 users, so they can get by with a single server hosting everything. SQL and everything can be one server.
For us, the solution is extensively used.
If you're looking forward to deficiency, I'd say that the Endpoint Manager support at the lower levels is poor. As you go higher and you get like a more engineering level, then you're fine, however, the early stages of support are not the best.
I've worked with Ivanti and LANdesk and other tools.
I've used Endpoint Manager every day. I'm currently using it. I've been using it for 25 years. However, there are other ones like BigFix, which I've rarely used. I've used LANdesk a few times. And people would try to use LANdesk to avoid the expensive Endpoint Manager, however, at the end of the day, it costs them more in time to use the LANdesk solution. Ivanti is a competitor, however, they're cobbled together with Shavlik, for patch management they've got Altiris. They bought Altiris and Altiris has been passed around like a cheap hoe from Symantec to Intel, to everybody.
Altiris was actually developed to support Endpoint Manager and provide asset management. At the time, Endpoint Manager didn't have good asset management, so they actually worked with Altiris, only to find out that Altiris was actively taking Microsoft customers. Microsoft booted them to the curb and they haven't done well since. That was back probably in the late nineties that they did that. Endpoint Manager has been around the longest, it's survived, it's matured and it's the top dog in general.
Complexity-wise, it's not hard to set up. It's just a lot of small steps, such as making sure the firewall ports are open and certain things are in place, and all the perquisites are taken care of, as the wizard, the installation wizard for Endpoint Manager, is pretty straightforward. As long as you have SQL and some other features turned on to support the different functions of Endpoint Manager, you're fine. You'll need WSS or you'll need WSS for patching and you'll need SQL reporting services for the reporting portion of it. All those small things. The more lights you turn on, the more configuration you have to do.
The deployment itself took me four hours end to end, to put all the prerequisites in, however, understanding, of course, may take a while for someone new. I've done this now for over 25 years. For me, it's pretty straightforward and I have, a lot of these things PowerShell scripted so it works very well. You can create a PowerShell script and set the whole thing up from Powershell, which is what I've done.
Maintenance requirements are low. Since it lives on SQL, if you put a SQL maintenance plan in place, it's pretty much, it's very healthy, it's very stable.
We've seen an ROI. It enables you to pair down the resources necessary for configuration management. You don't need a large shop to maintain your environment. If you want to develop it, if you want to create new images all the time and that sort of thing, then you're going to need to staff yourself accordingly, however, not necessarily to support Endpoint Manager, just to develop those and payloads that it delivers.
I'm a partner. I'm using the most up-to-date version of the solution.
While the solution was on-prem initially, now it's converted to more of a hybrid. They have co-management so you can manage on-prem and cloud together.
I'd rate the solution nine out of ten.
We are using it to protect our devices. We are using it for protecting our corporate data on the phone and for GDPR compliance.
We are using its latest version.
It is helpful for protecting our corporate data on the phone. In the event a phone is stolen, we can remotely wipe the phone or destroy the data on it.
It also helps us with our GDPR compliance. We also have the GDPR module on the cloud that links to all the endpoints, laptops, mobile phones, and tablets. So, we can also remotely protect the data on the phones, wherever they are.
Intune makes it possible for us to reach all the endpoints and have them protected at all times. We have what is called Defender now, but it used to be called Advanced Threat Protection.
The ability to manage devices with different sets of policies is most valuable.
We haven't really gone through all the features of Intune. We are just discovering them. Every day, we see a new feature that we want to apply, but what will be great for Intune is to be able to deploy apps in a simple fashion. We should be able to easily install various apps on the Windows platform, iOS, and Android. Currently, we have to write some scripts. It's not as straightforward as we would like it to be. It should be simplified so that we can do it just with three clicks—next, next, finish—without needing to write a script.
I have been using this solution for about six years.
So far, it has been good because what we tend to do is get high-end phones with lots of processing power, RAM, and storage. That way, its capacity is never an issue.
It is scalable. It is a multi-user license, and because there are templates for policies, it's easy to just assign what you have set up for executives, for ordinary users, for marketers, etc.
We have about 150 users who use this solution. I work with this on a daily basis.
I would rate them a 10 out of 10 because they knew what the problem was, and they walked us through resolving it. I am satisfied with their support.
Positive
The first one we used was VMware AirWatch. The reseller overestimated our requirements, and we got a very expensive package. It was about $57,000 every year, and eventually, we found out they had a package for $6,000 every year that did exactly what we wanted, so we had to drop it. We had spent two years on VMware AirWatch with the expensive module.
We switched to Intune because we were already on a Microsoft subscription for Office 365, and the add-on wasn't that expensive.
It was simple. I would rate it a four out of five in terms of the setup. It took about a week.
It is a cloud product. It doesn't require any maintenance from our side. We get an update every time they upgrade a feature.
We did it internally. We just went through the documentation.
It's affordable for the protection it gives. There are no additional costs.
I would advise getting a Microsoft partner to deploy it for you. It's a lot quicker.
I would definitely recommend this product. I would rate it a 10 out of 10.
It is good data protection - protecting your endpoints, information on those endpoints, and information stored centrally in Office 365. It focuses on endpoint protection, configuration, and visibility.
You need to know what you have and where it is before you can consider protection. As an MDM umbrella covering all mobile devices, we can instantly see across all of them and centrally manage policies.
The most obvious example of improvement is full hard drive encryption. You want all your endpoints encrypted, and if a device is lost or stolen, you want to be able to wipe it remotely or disable it remotely. MDM allows all of these features.
We can ensure all devices are encrypted, check instantly and get reports, reset them, wipe them, or block them remotely at any time from anywhere in the world. These are powerful and crucial tools for incident management and data and information governance. You need to be able to protect what you need to protect.
It's very powerful for onboarding employees. It's also powerful for integrating other software applications or pushing out solutions. For example, we use Intune, or sometimes MDM, to ensure all our computers have CrowdStrike installed. MDM automates the installation process, and we get reports confirming its success.
We can also use it to push out other important security software and see any unauthorized software present on the machines. Although we primarily use CrowdStrike for that purpose. CrowdStrike can scan every computer, identify potential threats, and prevent the installation of unauthorized software in the first place.
So, MDM is great for integration in terms of onboarding new staff remotely and securely. It confirms the computer matches all our policies and flags any non-compliance issues. Based on compliance, we can even stop non-compliant devices from connecting to our network through conditional access policies. It's all very automated within Office 365. It integrates everything together, by design.
It's excellent. Top-class product.
Fundamentally, MDM is the ability to centrally manage all of our endpoints in terms of the policies applied to them, along with all the actions we can perform on the devices themselves.
We need to harmonize policies across all machines, update them in real time, and get reports. So, all endpoints constantly communicate with Intune, allowing us to view, disable, restart, and push new policies at any moment. It's this centralized control over a distributed network of endpoints that's crucial.
Because our endpoints were remote-first, not centrally located, how else would you manage a large network of computers scattered across individual homes? An MDM solution is the only way. That's why it's so valuable.
We can manage and standardize security across your environment, identify problems, receive alerts, and so on. That's its purpose, and that's also why it's so good.
The reporting is excellent. You can draw what information you want in the reports. So, that's also excellent. I would rate the rating capabilities a ten out of ten as well.
It's hard to point to an area of improvement because, like most Microsoft cloud services, they're constantly evolving and adapting. Keeping up with the changes can be more challenging than finding features that are missing.
The only thing to consider is complexity. Think about Excel. It can do everything imaginable, but it's not necessarily the easiest software to use. You need to know how to use it.
Similarly, while Intune might have all the functions you need, finding or configuring them can be difficult, especially for new users. The key is user experience, making essential features easier to find. It's easy to get lost in the complexity.
However, I've never found a crucial function missing in Intune. It just can be challenging to navigate sometimes. They're always working on making it more user-friendly, but it's a difficult task for something so complex. So, improving user experience would be my suggestion for improvement.
In future releases, I would like to see better integration with Apple products. While they integrate reasonably well already, it's never quite as seamless or up-to-date as it is with Windows. That would be helpful because many companies have a mix of devices. So, better integration with macOS.
I have been working with this product since the beginning, forever.
When I joined the company, everything was already in Office 365. No physical network, and no domain controller. All devices are connected by the internet, not a physical office network.
I've never had any issues with stability. I'd rate it a nine out of ten because I rarely give anything a perfect ten. But it's very stable. I haven't experienced any stability issues.
It's perfectly scalable. I'd rate the scalability a ten out of ten.
There are around 200 end users using it in my company.
The customer service and support are excellent.
Positive
We use a family of products. We don't want to put all our eggs in one basket. For example, we use software from other providers for security awareness training, phishing protection, and so on.
However, as a Microsoft Gold Partner, we're heavily integrated with Office 365, Microsoft Defender for Security Center, and everything that goes along with Azure and Office. We essentially have a suite of different tools depending on the specific need.
For our Endpoint Detection and Response (EDR) or physical endpoint security on laptops, we also use CrowdStrike. Our approach involves leveraging different options depending on their strengths.
Some vendors like CrowdStrike claim they can do everything, but we prefer specialization. We want different providers to handle different aspects of our security.
We have Microsoft Defender, which provides access to threat intelligence and also offers endpoint protection. While Defender is a competitor to CrowdStrike, we avoid using its endpoint protection functionality to maintain our distributed security approach. However, we utilize Microsoft Intune for Mobile Device Management (MDM).
And through Intune, we can push out policies that enforce specific security standards on all our computers, such as encryption.
We leverage it for managing device security policies. Additionally, all our devices access Office 365.
We use Microsoft security features within Office 365, SharePoint, and OneDrive.
As with everything in IT, once you reach a certain level of complexity, which Intune does, the rule is: everything is easy when you know how, and everything is difficult when you don't.
Especially with something as complex as MDM, if you don't know everything, it can be very difficult. But if you do, it can be easy. So, it depends. There are very few people who know absolutely everything.
So, there is a difficulty there, but once you know how to do it, it's easy. Like user experience is not necessarily intuitive.
The pricing is not cheap, especially with inflation. They've had to increase their prices. It's not excessive, but alright. So, it's reasonable, but it would be better if it were lower.
In my experience, it would be difficult to find a competitor. It's kind of the gold standard because it's Microsoft dealing with Windows. They have an inherent advantage.
If a third-party vendor tries to offer a competing MDM solution, they're always a bit behind the curve. They don't have first access to all updates or the roadmap for future developments. There's always an element of catching up.
On the other hand, Microsoft can bake these changes into the product as they make them. So, on that basis, it's quite simply the best.
Overall, I would rate the solution a nine out of ten.