Microsoft Intune Reviews

My main use for Microsoft Intune is for endpoint management, primarily for Windows laptops, policy enforcement, and basic troubleshooting of enrolled devices to apply security policies, manage updates, and ensure compliance for user systems.

Recently, I had a case where a user's laptop was not following company security policy. I decided to check the device in Microsoft Intune, and I saw that it was marked as non-compliant. I reviewed the compliance policies and found that the device was missing required updates and antivirus definitions. I also use Microsoft Intune to push policies such as password requirements and screen lock settings across multiple devices.

On a day-to-day basis, I am using Microsoft Intune for monitoring device compliance, checking device status, assisting users with enrollment issues, and pushing updates and basic security policies across all devices. Microsoft Intune helps me significantly in remote support because I can manage and troubleshoot a device without physically accessing it.

Microsoft Intune has had a significant positive impact on our organization in two main areas. The first is enhanced security and compliance, and the second is improved troubleshooting and support efficiency. We can remotely wipe, lock, or reconfigure a device to resolve issues, making device management easier.

The number of support tickets has reduced because device policy issues are enforced automatically through Microsoft Intune. Compliance issues are identified before users face access problems, which gives us faster resolution time.

The main features Microsoft Intune offers me are centralized device management where I can manage all devices from one location. I also appreciate the compliance policies and security configuration, which help me ensure all devices follow company standards. Another useful feature is remote actions such as sync, reset, or wipe the data, which is very helpful in troubleshooting and handling lost or compromised devices. The integration with Microsoft 365 and Azure AD is a significant advantage.

One more important feature of Microsoft Intune is conditional access with Microsoft Entra.

One key area for improvement is faster and real-time policies and app deployment. Another area is simpler and more centralized troubleshooting tools. Additionally, Microsoft Intune needs to improve reporting and analytics. Finally, there is a need for better visibility of end-user self-services.

I have been using Microsoft Intune for the past year.

Microsoft Intune is stable. In our experience, I would rate the overall stability at around eight to ten for reliability. Microsoft Intune is generally stable in our environment, and we rarely face service outages. Most issues we see are minor, such as sync delays or reporting lag, rather than actual downtime. Overall, Microsoft Intune is stable enough for production use and reliable for daily endpoint management.

Microsoft Intune is highly scalable for our organization because it is cloud-based. We can easily onboard new users and devices by assigning licenses and enrolling them without any infrastructure changes. It scales across multiple locations and hybrid users, and policies can be managed centrally without performance issues.

I consider Microsoft Intune's customer support decent but not always fast or consistent, especially compared to expectations in an enterprise environment. For complex cases, response time can be slow, and troubleshooting may involve multiple escalations. In our environment, we mostly rely on internal troubleshooting and use Microsoft support for critical or complex issues.

Before Microsoft Intune, we were using traditional on-premises endpoint management approaches. We were using on-premises Active Directory with group policies and manual device management. We switched to Microsoft Intune because it provides cloud-based centralized management, better support for remote users, faster policy deployment, and stronger security with conditional access and compliance policies.

There is no separate setup cost for Microsoft Intune itself because it is a cloud SaaS service. We only had initial effort costs internally for device enrollment setup, policy creation, testing, and rollout. No hardware or infrastructure cost was required since everything is cloud-based. Regarding licensing cost, we use Microsoft Intune through a Microsoft 365 license, Business Premium E3/EMS. Rather than buying Microsoft Intune separately, it is included in Microsoft 365.

In our organization, we are only using Microsoft Intune as part of our Microsoft 365 licensing subscription model, and we do not act as a Microsoft partner, reseller, or implementation consultant.

We have seen a clear return on investment after implementing Microsoft Intune, mainly in terms of reduced operational effort and improved security efficiencies. These benefits include reduction in support effort, faster issue resolution, reduced downtime for users, lower infrastructure and maintenance costs, and security ROI, which is indirect but very important.

There is no separate setup cost for Microsoft Intune itself because it is a cloud SaaS service. We only had initial effort costs internally for device enrollment setup, policy creation, testing, and rollout. No hardware or infrastructure cost was required since everything is cloud-based. Regarding licensing cost, we use Microsoft Intune through a Microsoft 365 license, Business Premium E3/EMS. Rather than buying Microsoft Intune separately, it is included in Microsoft 365.

We evaluated tools such as VMware Workspace ONE and IBM MaaS360, along with our existing on-premises SCCM setup before choosing Microsoft Intune. We chose Microsoft Intune because it offered better integration with Microsoft 365, is fully cloud-based, easier to manage, and more suitable for hybrid and remote work environments.

I would rate Microsoft Intune an eight out of ten because it is a very strong endpoint management solution, especially for modern hybrid and remote environments. The reason it is not perfect is occasional delays in policies, and the reporting and analytics still need improvement.

I would advise others considering Microsoft Intune to plan the deployment and start with a pilot before a full rollout.

Microsoft Intune is a very strong and modern endpoint management solution, especially for organizations moving towards cloud and hybrid environments. It has significantly simplified device management, improved security enforcement, and reduced manual effort for IT teams. At the same time, Microsoft Intune is not a set and forget tool. It requires good planning, proper policy design, and continuous monitoring to get the best results. Overall, Microsoft Intune is a reliable and scalable platform that fits well in a modern IT environment and continues to improve with regular Microsoft updates.

I generally use Microsoft Intune for Autopilot. There is a technology in Microsoft Intune called Autopilot. You register your devices in the devices section in Microsoft Intune, import the hardware hashes from the devices, and import them in the Intune portal specifically for Windows devices. It is then further used for device provisioning for different client machines running Windows 11. Nowadays, different versions of Windows 11 are running. The other use case is for feature and quality updates. I deploy feature and quality updates using ring strategies in Microsoft Intune. Patching and device provisioning are major applications. Additionally, I use Microsoft Intune for endpoint management to manage different endpoints. These are the major tasks I perform in Microsoft Intune.

My user experience with Microsoft Intune is quite good. I would rate it nine out of ten. Whatever task I am performing, I see the progress bar in the top right corner. If I import any hardware hash or perform any other action, I see any merging in process. I basically see monitoring and charts. The support ticket opening process is also great. Overall, this rating is based on the user experience.

Endpoint management from Microsoft Intune side is quite good. Since it is merged with SCCM, I can perform UDI deployment to make devices secure and reliable. I can mitigate different vulnerabilities. These are quite impressive features from the end-user or client machine perspective that I appreciate the most.

I do use endpoint analytics in Microsoft Intune. I have different tools to detect vulnerabilities. For example, Qualys data performs a scan and gives me the number of vulnerabilities on specific devices. In the same way, I use endpoint analytics, which is a feature in Microsoft Intune. If there is any issue with slow startup of devices or if I am deploying any application and it is crashing, I can see this in endpoint analytics in Microsoft Intune. If I talk about startup performance, if few devices are slow to boot, I can analyze the different GPUs or settings for that particular performance. In the same way, if any app is crashing or it is not installing, I use Microsoft Intune analytics to improve the endpoint experience itself.

I have heard about Cloud PKI, but I have not recently gotten any use case for that.

Regarding deployment, as I mentioned, I use ring strategy and Autopilot for the client machine. The only drawback or challenge is that it does not support server deployment. It only supports client machines. That is the major drawback.

First, there should be a feature for server deployment in Microsoft Intune Autopilot so that I can also provision server devices. Most features, for example Active Directory or different features, cannot be accessed directly from the client machine. They have to be accessed from the server. Majorly, server deployment should be included.

A patching monitoring tab should be included in Microsoft Intune. When I am deploying ring strategy, I deploy multiple devices using that ring strategy. If there could be an option for monitoring that shows where the exact patch status is, it would be easier for the Microsoft Intune administrator to know the status.

BigFix is pretty good with respect to monitoring, mass deployment, and bulk deployment. Microsoft Intune is lacking in these areas, and I would say the speed is not as good as what I can see in BigFix. That is the first pro and con. Another thing is that I have to merge Microsoft Intune with on-premise technology. If someone is having a hybrid model with both on-premise and cloud in their infrastructure, I have to merge Microsoft Intune with some on-premise technology, for example SCCM, so that I can migrate the devices using the Intune connector from on-premise to cloud. There has to be some other way to make these migrations faster. That is a con from my side.

The licensing cost is also quite high, specifically for E3 and E5 licenses. Microsoft Intune uses the per-user model. If it can be reduced, then different small or medium enterprise companies can also use Microsoft Intune.

I have been working with Microsoft Intune for the last four to five years.

A couple of times, maybe once in a week, I do experience slowness or backend issues from Microsoft Intune. Majorly, I have seen these issues during EST hours, where one day in a week, I experience degradation.

On a scale of one to ten, where ten is the best, I would rate the stability of Microsoft Intune an eight.

Scalability is quite good. I would rate it nine.

Technical support is at its best in Microsoft Intune. I just go to the tenant admin and open the support case. I would rate it nine out of ten.

Positive

I am using other solutions.

Microsoft Intune is a good solution and it is purely based on Azure cloud. I can use all the benefits of Azure cloud in Microsoft Intune and several good features in Microsoft Intune to manage devices. Microsoft Intune should be used by medium to large enterprises. If there is any security organization, such as any banking or healthcare organization where security is the utmost priority, those kinds of organizations should use Microsoft Intune. My overall rating for this product is 8.5 out of 10.

Microsoft Intune's absolute core use case can be boiled down to one phrase: securing corporate data on any device, anywhere. Modern enterprises operate with the traditional network perimeter essentially dead, and people work from home, airports, and coffee shops. Unified Endpoint Management and enabling secure hybrid and mobile work is the distinctive answer to this challenge.

I want to specify one scenario where the company was onboarding fifty new remote employees across three different continents. The legacy way was that IT would have spent the previous week unboxing fifty laptops, manually logging and imaging them with a corporate OS file, repackaging them, and shipping them out. However, how Unified Endpoint Management actually helped is that the hardware vendor ships the laptop sealed straight from the factory to employees' homes. The employees unbox their machines, turn them on, and connect their home Wi-Fi. Then they type their corporate email and password. Instantly, the Unified Endpoint Management platform takes over. It pushes down the corporate security baseline, installs the core software suite including Office, Teams, browser extensions, and so on, and configures the company VPN. Within twenty minutes, the employee is fully productive and IT never had to touch a single piece of plastic.

Another situation involved a critical zero-day security vulnerability that was announced for a major web browser at ten o'clock in the morning and had to be addressed for both Windows and macOS users. Instead of actually jumping into two separate systems, I logged into the single Unified Endpoint Management console, packaged the updated browser version and targeted it to global device groups. The action taken was to set an explicit deadline for the installation first. For active machines, the browser updates silently in the background without interrupting the user. For offline machines, the policy waits patiently and executes the millisecond they check back in. By the end of the day, the dashboard showed ninety-five percent remediation across both operating systems, giving the security team complete peace of mind.

The best features I can name are the following. First is Mobile Application Management with App Protection Policies. The second one is Windows Autopilot integration. The third one I can recall is Conditional Access integration with Microsoft Entra ID. The fourth one is Endpoint Privilege Management and Cloud PKI.

If I have to pull back the curtain and look at the single mechanism that holds the entire modern enterprise framework together, I find myself relying most on Conditional Access integration with Microsoft Entra ID. While features such as Autopilot are incredible for onboarding, Mobile Application Management is brilliant for mobile devices, Conditional Access acts as the brain of the entire security infrastructure. It is the feature that actively stops data breaches in real-time.

In the past, security was operated as a castle with a moat. Once a user was inside the office network, they were trusted implicitly. Today, that model is a massive liability. Conditional Access flips the script. It assumes every connection request is weak until proven otherwise. It takes telemetry from Microsoft Intune regarding the device health. Is it encrypted? Do you have any antivirus? Is it fully patched? It is combined with the identity signals. Is the user logging in from an unusual country? Are they using multi-factor authentication? Only when every single condition is satisfied does it grant access to the data. This is very useful information and a useful feature which implements a true zero trust and verify explicitly approach. Because this was the most valuable asset for any modern organization, and it helped us provide security to any connection the system had for our organization.

From a strategic and intellectual perspective, the product fundamentally shifts how a company operates by changing IT from a traditional cost center into an engine of operational efficiency. When you evaluate the impact the product had on the enterprise, there are three distinct areas. One is radical optimization for IT overhead upon a team. Before a unified cloud platform such as Microsoft Intune, managing a global workforce required an expensive, fragmented stack of specialized tools. One was for Windows imaging, another for macOS management, and entirely separate third-party licenses for mobile security. The second one is the elimination of the onboarding bottleneck. The third one is bulletproof data isolation on mobile assets. The most complex challenge for any enterprise is managing the risk of intellectual property theft and any accidental data leakage on mobile devices. Historically, my company tried to solve this by completely locking down or seizing control of an employee's personal phone, but which caused really bad reviews from the employees and very user friction, legal liabilities, and massive pushback from personal privacy concerns. Microsoft Intune Mobile Application Management elegantly orchestrated a solution. It enforced a strict cryptographic boundary on corporate applications such as Outlook and OneDrive while leaving the rest of the device completely alone.

Microsoft Intune operates at a massive cloud scale, and I am not able to pinpoint any improvements right now because it already solves so many problems our organization had. It implemented a true zero trust and verify explicitly policy. It avoided security headaches for our IT team. Endpoint Privilege Management was a best feature with Cloud PKI. Windows Autopilot integration was one of them, which was really helpful and I think it literally solved most of our problems. I think it perfectly balanced our corporate security with individual privacy.

I think we can expand tools such as Endpoint Privilege Management and automate driver and firmware patching so they operate identically and flawlessly on macOS and Linux as they do on Windows. This would make Microsoft Intune an untouchable and truly platform-agnostic operating standard.

I have been working in my current field for around three and a half years.

Microsoft Intune is very stable for our organization.

From an architectural perspective, Microsoft Intune's scalability is virtually limitless because the product is decoupled from physical hardware constraints. Whether the organization is managing thirty devices or three hundred thousand devices, the underlying infrastructure scales effortlessly because it runs on a microservice-based architecture on top of a global Microsoft Azure public cloud, which is the in-home cloud. There is no more server sharding.

The customer support experience with Microsoft Intune is highly efficient and built directly into the administrative workflow, specifically designed to meet our standards and demands for the environment. We also appreciate its native and in-console support architecture because when we push the in-console support request, it does automated tenant diagnostics. It has a self-remediation insight link, and if it was unresolved, it was quickly shifted to engineers based on severity of multiple types. Every time we had a problem, the support team really helped us get through it.

Prior to consolidating on Microsoft Intune, our endpoint infrastructure was managed through a combination of traditional on-premises tools and third-party solutions. We previously used on-premises Windows management. We relied on Microsoft Group Policy Objects paired with basic scripting tools to manage internal Windows desktops. This setup worked flawlessly as long as employees were physically sitting inside the office building, connected directly to a local area network. For mobile device management, to manage the corporate smartphones and tablets, we used a specialized third-party platform such as MobileIron. This created a fragmented operational workflow. IT had to jump between one console for laptops and another separate console for mobile assets. The strategic switch was made because our legacy tools served their purpose during the era of the traditional corporate office. The shift towards remote and hybrid work exposed a deep installation and architectural limitation. The off-network visibility was the blind spot with Group Policy Objects, because if a remote employee did not connect to the corporate VPN for three weeks, their laptop would not receive critical security updates or configuration changes. Siloed operations and those were too clouded. Juggling MobileIron for phones and Group Policy Objects for PCs meant duplicated effort. Other options we assessed were VMware Workspace ONE and Jamf Pro for Apple fleet only.

We definitely saw a one hundred eighty-one percent return on investment because when factoring in the cost of implementation and licensing against the total savings, the platform delivered an overall one hundred eighty-one percent over three years. Turning the endpoint infrastructure into a highly efficient operation was the best thing that happened to our organization. The key metric I would like to share is that the composite enterprise saved thirty-eight percent on endpoint licensing cost alone, contributing to many more thousands of dollars in reclaiming budget over a three-year cycle. We had a fifteen percent reduction in risk of material security breach because a single pane of glass that forces devices to meet a security baseline reduced the data breach risk by fifteen percent.

Our licensing experience was really great because from a procurement to deployment standpoint, analyzing the financial and setup architecture for this product reveals a highly strategic model. When properly aligned with an organization's existing licensing estate, it minimizes waste and accelerates time to value. We purchased a standalone Microsoft Intune Plan One, which cost eight dollars per month per user. However, the most mature user wanted to shift to Plan Two. The real financial efficiency comes from bundling. Plan One is already included at no incremental cost in suites such as Microsoft 365 Business Premium, which was the very sweet spot because our organization was under three hundred users.

Some of our projects we used Microsoft Azure. For some projects, we use Amazon Web Services, but mostly our company uses Microsoft Azure.

Ensure your identity foundation, Microsoft Entra ID, is clean and organized before enrolling devices, as Microsoft Intune relies entirely on solid group structures for targeting. Leverage bundled licensing such as Microsoft 365 Business Premium or E3 or E5 to eliminate redundant third-party tools and maximize your return on investment. I would rate this product a ten out of ten.

I mostly manage devices with Microsoft Intune, applying policies such as MAM (application management) and MDM. We have companies who have managed devices, mobile devices, laptops, and mobile telephones. 

I work in a company where we serve medium-small companies up to a few enterprise clients, and we have many customers. I work in cloud support, not doing migration to the cloud, just managing it. I make changes if they want to have a group of people who shouldn't have access to company resources anymore with their non-compliant devices, setting the compliance, and conditional access policies. On a daily basis, it's more about application management - making packages, uploading them to Microsoft Intune, and distributing them to groups of people.

My favorite feature about Microsoft Intune is that I have good logging capabilities. I can effectively troubleshoot, though I'm also missing some aspects. 

It gives me a good base to troubleshoot device conflicts of policies, but when an application fails, it doesn't provide enough information about where to look for the issue.

I use advanced endpoint analytics in Microsoft Intune extensively and think it's good but has room for improvements. You see error messages directly, but sometimes you have to search for them and find more information in random blogs from MVPs rather than from Microsoft itself. Everything which is policy related is very good in logging, but everything app related needs improvement.

There can definitely be more transparency in synchronization. Sometimes you push a policy and then you're waiting without knowing if it will take 10 minutes or 25 minutes. Then you go to the device, and it's already there, but the information isn't in Microsoft Intune that it's already there. As an administrator, you are somewhat lost in the synchronization part. There's no information about which process it is and how long it would take. If there was any information that it takes 25 minutes, that would be fine. Sometimes it's fast, sometimes it's not, which can be annoying.

I have been using Microsoft Intune for five years.

We've experienced issues, especially for enterprise customers where we enrolled 150 to 250 devices per week for more than one year in Microsoft Intune. This customer has more than 25,000 devices running. You can have a bad day where 80% of the enrollments failed. The next day it's running with the same devices without any changes, and you don't know why. The downtime isn't officially tracked in your health report. It appears Microsoft Intune undergoes changes without informing customers. It happens for short periods only, but it seems they are doing some changes without informing the customers.

Microsoft Intune is good in scalability in general because we have enterprise customers with many policies and devices.

The quality and speed of support depends on the agent. You can get very basic support or very professional support. My company has premium support, which runs much better. We get routed to the correct persons who give us good answers. What is annoying is when they close a ticket because they are very fast with closing it, you have to provide all the logs again. Once the support said they couldn't see or reopen an old ticket where all the logs were already included, so we needed to do all the fiddler logs again with the customer, which is pretty annoying for them as well.

Neutral

I haven't tried using any alternatives to Microsoft Intune.

Related to what you can do and manage with Microsoft Intune, I would say it's easy. The Windows Autopilot profile is pretty straightforward. Troubleshooting when it fails is challenging. This involves going through forums, and with Dell, some drivers get swiped, making remote management impossible. The initial deployment and setting for Windows Autopilot is straightforward and good.

Once the Autopilot profile is set in Microsoft Intune, it doesn't need any maintenance. This works pretty fine. Later on, you have some apps included and build a bigger profile which has to be set up. If something goes wrong, we check what we did later on, but we don't touch the Autopilot profile much.

We have a team of three people for Microsoft Intune deployment, and we check in teams during integration.

Microsoft is generally super complicated in pricing because they split every package into an extra subscription. I know about the licenses such as Business Premium, E3, E5, F3, and so on. This is straightforward and clear what you get. But with Copilot additional license and endpoint security advanced packages, it's not clear for customers whose main business isn't Microsoft Intune or M365 administration. As a middleman, I have to explain the complicated stuff from Microsoft to the customer.

Regarding enterprise application management, I use it more through Azure portal to give consent to apps and give permissions there. 

I would rate Microsoft Intune an eight out of ten.

My main use case for Microsoft Intune is device management, policy enforcement, application deployment, and ensuring endpoint compliance.

For example, I use Microsoft Intune to enforce BitLocker encryption by creating a compliance policy that automatically checks if devices are encrypted and blocks access to company resources if they are non-compliant. This ensures all endpoints meet security standards without manual investigation.

In addition to that, we are using Microsoft Intune for zero-touch device provisioning with Windows Autopilot, remote troubleshooting, and automated app deployment.

The best features Microsoft Intune offers include centralized device management, strong security compliance, application management, and the ability to easily deploy updates and control apps across all managed devices. Centralized device management, easy app deployment, conditional access, and seamless integration with the Microsoft ecosystem are particularly valuable.

Another great feature of Microsoft Intune is Windows Autopilot, which enables zero-touch device provisioning along with remote actions such as wipe, reset, and lock for lost devices, and detailed compliance policies with conditional access.

Microsoft Intune has positively impacted our organization by simplifying device management, improving security compliance, and reducing manual efforts through automation, enabling faster processes. We have seen a 30 to 40 percent reduction in manual effort. Device onboarding time has reduced from hours to under 30 minutes using Autopilot, and the compliance rate has improved to around 90 to 95 percent due to automated policy enforcement and real-time monitoring.

Microsoft Intune could be improved by making the UI more intuitive, enhancing reporting and analytics for better visibility, simplifying troubleshooting and error messaging, and improving performance and policy sync speed in larger environments.

Besides reporting and the UI, troubleshooting could be clearer with more detailed error logs. Policy sync delays should be reduced, and advanced reporting analytics could be more customizable.

I have been working in my current field for around two to three years.

Microsoft Intune is stable.

Microsoft Intune scales very well, allowing organizations to manage thousands of devices across multiple platforms seamlessly through its cloud-based architecture.

The customer support has been generally good. The support team is knowledgeable and responsive. While sometimes response times can vary for complex issues, they provide helpful guidance and proper resolutions when needed.

We previously used manual device management and basic tools such as on-premises Active Directory and some third-party solution. We switched to Microsoft Intune for its cloud-based management, better security, easier policy enforcement, and seamless integration with the Microsoft ecosystem.

We have seen around 30 to 50 percent time savings, much faster onboarding from hours to minutes, and improved team efficiency without needing additional resources. This clearly shows a strong ROI.

The pricing for Microsoft Intune is per user per month and quite reasonable. In many cases, it is already included in Microsoft 365 licenses. It is cost-effective and easy to manage, especially if you are already on Microsoft 365 licensing. The setup does not require a heavy investment.

We looked at tools such as VMware Workspace ONE and ManageEngine Endpoint Central and UEM as they are common alternatives in this space. These tools offer strong device management and automation. We chose Microsoft Intune mainly because it integrates very well with the Microsoft ecosystem, it is easy to manage, and it fits better with our existing infrastructure.

My advice to others looking into using Microsoft Intune is to make sure to plan your device management and compliance policies clearly from the start, especially if you are in a Microsoft environment. Take time to understand Autopilot and conditional access. Once properly configured, it will significantly simplify device management and improve security.

Cloud control made simple, device secured with ease, and workflow runs smoothly. Microsoft Intune is a reliable and effective solution for modern endpoint management. It simplifies device control, strengthens security, and works especially well with the Microsoft ecosystem, making day-to-day operations smoother and more efficient. I would rate this product an 8 out of 10.

My use case for Microsoft Intune is for remote access and configuration management, and it primarily serves security purposes.

The lot of time we saved at deployment. 

Overall, the best features of Microsoft Intune are its ease of management and robust security protocols, which are what I value most about it and how it stands out. Copilot helps in keeping my environment protected by offering real-time assistance with security protocols and compliance checks.

Advanced endpoint analytics in Microsoft Intune help me to detect and remediate anomalies effectively.

Areas that have room for improvement in Microsoft Intune include network dependency, among other factors.

I have been using Microsoft Intune for some time, and my experience with it is extensive.

I would rate the stability of Microsoft Intune highly; I rarely experience downtime, bugs, or glitches. The stability is very high, with minimal issues.

I would rate the scalability of Microsoft Intune as an 8 from 1 to 10.

I would rate the technical support for Microsoft Intune as a 10 from 1 to 10.

The deployment of Microsoft Intune is generally easy, although I do encounter some complexities at times, and I have had challenges deploying it. Deploying Microsoft Intune is often a mixed experience; while it is easy, I have faced challenges at times.

The return on investment I have seen is about 20%. It has saved me time and resources, but quantifying a specific amount has been challenging.

I would compare Microsoft Intune favorably with other products and vendors on the market, emphasizing its integration capabilities and user experience.

Microsoft Intune is deployed in a hybrid model. I use it on Azure cloud, and the deployment time can vary, typically ranging from days to weeks. Approximately 100 users in Capgemini work with Microsoft Intune. My clients are primarily in the medium to enterprise business sector. The solution does require maintenance, and it is complex to maintain, especially regarding updates, patching, and releases. My thoughts on the pricing of Microsoft Intune are that it is fairly priced considering the features offered. From one to 10, I think Microsoft Intune is around a 5 in terms of being cost-efficient. I would rate the pricing of Microsoft Intune as a 5, where 1 is cheap and 10 is expensive. I am using the Enterprise Application Management feature, and it has been beneficial. I would definitely recommend Microsoft Intune to other users due to its features and support. My overall rating for this review is 9.

I mainly use Microsoft Intune for managing and securing employees' devices and applications remotely. It includes device enrollment, provisioning, enforcing security policies, application management, conditional access, and configuration management.

The standout features of Microsoft Intune are mainly focused on device security and management control from the cloud. The key features that stand out most include mobile device and endpoint management, mobile application management, conditional access integration, security compliance, and policies. The standout feature for me is the mobile device and endpoint management because it manages laptops, mobiles, and endpoints.

Microsoft Intune has positively impacted our organization by simplifying device onboarding, reducing IT support workload, strengthening security and compliance enforcement, and enabling remote wipe of all endpoints from a single cloud platform.

The UI of Microsoft Intune can be better. Currently, that is the only thing I would suggest for improvement regarding Microsoft Intune.

I have been using Microsoft Intune for almost one year.

Microsoft Intune is very stable in my experience. There is no issue with downtime and reliability, and you can rely on this. Microsoft Intune is very stable and can handle growth very easily as per the organization.

The customer support for Microsoft Intune is okay, not exceptional, and I would characterize it as moderately balanced. I would rate the customer support of Microsoft Intune on a scale of 1 to 10 as seven.

We have not used any other solution previously before Microsoft Intune.

I have seen a return on investment with Microsoft Intune. Previously, for laptop configuration setup, our organization required around four to six people for this task. With the help of automation now, this has been reduced to just two people. The remaining people can focus on other responsibilities. Both time and money have been saved, and fewer employees are needed now.

The experience with pricing, setup cost, and licensing for Microsoft Intune is that the pricing and setup cost is on the higher side, but it is negotiable. Most of the time, it comes under the same price that the company asks for, so it is very straightforward.

We have not evaluated any other option previously before choosing Microsoft Intune.

Based on our analysis regarding compliance and enforcement, there is a noticeable improvement. Audit readiness is around 50% faster, and device compliance is now 20% faster. Security incidents are resolved at a higher rate, resolved within ten minutes. IT efforts, which were previously very high, have reduced from 2.2% to only 1%.

Regarding Microsoft Intune's AI capabilities, Microsoft has its own AI tool called Copilot. With the help of Copilot, it provides us a pretty accurate result. I can trust it, and most of the time it is accurate. For governance, since it is Microsoft's own AI feature, it is very secure and can be governed from the console.

I think its accuracy and reliability of output have met my expectations, but not on a high level—at a moderate level. Sometimes, some of the things I need to verify with other tools as well. It would be helpful, but you cannot rely solely on the AI tools, this Copilot.

If you have a larger number of devices, such as Windows, Android, and macOS, and if you want to handle these centrally, then you can definitely look at Microsoft Intune. Create your use case, conduct a demo or proof of concept with your registered partner, and get the solution in place as per your use case. My overall rating for this solution is 9 out of 10.

We have an auto-enrollment process. There are many features in Microsoft Intune. Particularly, my expertise is with Autopilot enrollment and app deployment to workstations and mobile device management. Microsoft Intune is quite comprehensive in its capabilities.

My main use cases revolve around supporting customers who have enrollment processes for laptops that come out of the warehouses. We support that and push packages, set up conditional access, and manage their devices from Microsoft Intune. We handle reset, reboot, deploying app software and deploying apps such as Microsoft 365, any kind of third-party software, Microsoft products, and removing them from an operations point of view. We are a managed service provider for many technologies, and Microsoft Intune is one of them.

Microsoft Intune has affected IT productivity in my customers' organizations overall greatly. It has been a significant help. Microsoft Intune Autopilot enrollment plays a big part in supporting all of these machines, such as users being onboarded, provisioning computers, and mobile devices. All of that is managed from Microsoft Intune, which has simplified the process. Conditional access, determining which users get which apps, what access they have, and what privileges they need, is all handled and managed by Microsoft Intune. This is a great feature that is extensively used by many organizations and administrators.

Policies can be easily managed with Intune. As everything shifts to the cloud, many organizations will likely transition to a remote-only or cloud-only model in the future. They will be using Azure Active Directory, from which these policies will be derived, rather than traditional Active Directory group policies, similar to how organizational units function.

Microsoft Intune brings together all of the endpoint and security management tools in one place. Any endpoint security solution, such as Cortex XDR, Qualys, CyberArk, or CrowdStrike, can be deployed out of the box through Microsoft Intune during the Autopilot process. 

From a security perspective, if a device is lost, you can wipe that machine, laptop, workstation, or mobile device. That is the kind of control you have when using Microsoft Intune. You can effectively manage the device.

I wish there was a way to exclude certain applications based on groups. It is currently making it difficult as we need to keep creating new groups and add those users to that group to segregate. This creates a situation where we must specify which user gets which application and which user should not get certain applications installed. I wish there was an easier way to exclude based on user and not just devices. That is one of the downsides we are facing; we have to keep creating new groups to avoid conflict. The way the apps are getting deployed, the checkboxes for deleting previous versions are actually creating more conflicts than fixing problems. I am certain many people are struggling with that.

The best example I can provide is related to an application I use—Microsoft 365. Microsoft 365 includes a lot of products, such as PowerPoint, Excel, Microsoft Access, and Copilot, among others. However, you don't want everyone to have Microsoft Access installed on all the computers since it's quite outdated and not necessarily needed for everyone. For instance, if I have ten people and I want just one person to have access to Microsoft Access, there's no straightforward way to do that directly. The system doesn't allow me to simply select a user and give them access while ignoring the others. As a result, we often end up creating a new application within Microsoft Intune. This requires putting the user into a separate group to make them eligible for access, while other users stay outside of that group. This process creates unnecessary complexity because it adds more elements to manage. It would be ideal if Microsoft could simplify this process by allowing us to include specific individuals in a group or exclude others more easily.

I have been working with Microsoft Intune for the last six months. 

Microsoft Intune is very stable. It is hosted and managed by Microsoft. When it comes to shared responsibility, there is nothing except for administrators to manage from the operations point of view. Everything else is readily available and quite stable.

There are no real scalability limitations with Microsoft Intune. It all depends on how many E5 licenses or E2 licenses the customer is ready to purchase. The cost typically increases by $4 per computer based on how many laptops or workstations are being managed. It depends on the contracts between the vendor and the customer.

If we encounter problems we cannot solve, we reach out to Microsoft support. There are some MVPs (Most Valuable Persons) who are experts in Microsoft Intune, and we work with Microsoft support when issues become too complicated to resolve independently.

Positive

The deployment model can be either Entra devices only or hybrid. Organizations with on-premises infrastructure might opt for hybrid deployment because some group policies based on organizational units remain legacy. Not everyone can move entirely to the cloud. Customers who are consolidating everything in their data center may choose to go completely cloud-based with Entra devices. The future trajectory suggests everything will be in Microsoft Intune within the next five to ten years.

I have been involved in configuring Microsoft Intune rather than deploying it. We activate Microsoft Intune, set up the applications, dynamic groups, deployment profile, MDM profile, configuration, and encryption. When everything is set up and ready, we begin the enrollment of new devices, and out-of-the-box machines get all the apps installed, completely provisioned from Microsoft Intune. We perform this service for many of our clients.

The process is not straightforward. The process begins with assessment and requirement gathering, along with several preliminary tasks, such as pre-migration activities. For instance, we need to analyze all the group policies to determine which ones are compatible with the new system. I would consider this a project in itself. There are numerous features available in Microsoft Intune, but the client won't use every single one. Ultimately, it depends on the customer's goals and the recommendations provided by the solution architect. What the customer chooses to implement will also play a crucial role in this process.

It has helped save costs. Many people were using third-party tools, such as KACE or Quest, for patching and other tasks. However, Microsoft Intune has streamlined and automated these processes. This has significantly simplified the management of users and devices. Generally, just one or two people can efficiently handle a lot of administrative tasks using Microsoft Intune. For instance, they can ensure that workstations are compliant and manage various aspects of IT administration.

Microsoft Intune not only saves costs by reducing the number of personnel needed but also offers a comprehensive solution for managing laptops, applications, security, individual access, and enrollment. My customers have greatly benefited from these capabilities.

I would rate Microsoft Intune an eight out of ten.