We operate call centers and provide our agents with laptops that they use from their home environment or home offices. We use Microsoft Intune to manage those laptops remotely. This remote management accounts for 99 percent of our use cases.
Solutions Architect at a computer software company with 51-200 employees
Allows us to maintain a necessary security patch level
Pros and Cons
- "The most valuable feature of Microsoft Intune is patching-related capabilities."
- "The stability of Microsoft Intune is ten out of ten."
- "A more incisive reporting tool with automated progress updates and graphical representation would be beneficial, as the current manual method lacks efficiency and visual clarity."
- "A more incisive reporting tool with automated progress updates and graphical representation would be beneficial, as the current manual method lacks efficiency and visual clarity."
What is our primary use case?
How has it helped my organization?
Microsoft Intune has effectively managed our patching needs, resulting in very few system-wide issues. While a small number of laptops occasionally fail to receive updates, the vast majority are patched successfully without manual intervention.
Microsoft Intune has enabled us to effectively manage our laptops, which is crucial for our involvement in civilian federal projects. The platform allows us to maintain a necessary security patch level and address any bugs that may arise, ensuring our devices are always secure and functional. Implementing Intune provides a cost-effective solution that would otherwise be prohibitively expensive.
Our Intune users, the IT group and system administrators, are happy with the system and have not reported any complaints.
What is most valuable?
The most valuable feature of Microsoft Intune is patching-related capabilities. This is because patches are constantly being released, and it requires us to stay current with bug-related and security-related patches, which is critical for our day-to-day operations. Intune's support in this area is crucial for us to maintain our laptops at a certain security patch level.
What needs improvement?
A more incisive reporting tool with automated progress updates and graphical representation would be beneficial, as the current manual method lacks efficiency and visual clarity.
Buyer's Guide
Microsoft Intune
March 2025

Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,672 professionals have used our research since 2012.
For how long have I used the solution?
I have been using the solution for about a year.
What do I think about the stability of the solution?
The stability of Microsoft Intune is ten out of ten. It has been very stable for us.
What do I think about the scalability of the solution?
The scalability of Microsoft Intune is ten out of ten. Although we are not the largest company, it has never presented any scalability issues for us.
How are customer service and support?
The customer service is above average. We have an Azure engineer on staff who handles troubleshooting. Although we have not had any major issues.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
How was the initial setup?
The initial setup is straightforward. We manage everything in-house with just a few commands needed before deploying laptops, never having to reconsider our processes.
What about the implementation team?
We do everything ourselves without using a reseller or consultant.
What was our ROI?
We have never operated without Microsoft Intune, but it is apparent that it offers significant cost reductions. Operating without it would likely be prohibitively expensive, indicating a ninety-nine percent reduction in cost with Intune.
What's my experience with pricing, setup cost, and licensing?
The alternative to Intune, sending out replacements for every issue, is prohibitively expensive. In contrast, Intune's pricing is reasonable considering its benefits and the high costs it helps avoid.
Which other solutions did I evaluate?
We evaluated other options that are tool-specific. For instance, our call center platform from NICE's CXone, has built-in Copilot-like capabilities. Nevertheless, Copilot remains our primary focus as it covers our entire spectrum of needs.
What other advice do I have?
I rate Microsoft Intune nine out of ten.
We recently started using Copilot and find its support features very attractive. Our call center agents are internal customers who, like any customer, need occasional assistance with various issues. Copilot could benefit both IT and non-IT departments by providing faster service, self-guided troubleshooting, and access to relevant resources. For example, if an agent has an HR question, needs help with benefits, or experiences a technical issue like audio problems with their laptop, Copilot could guide them with self-service options or provide helpful files. This would empower our agents to resolve issues independently and efficiently. Our initial analysis suggests Copilot may have the potential to protect our environment, though our assessment is ongoing and we haven't begun implementation. Preliminary findings indicate it will be a valuable tool.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Nov 24, 2024
Flag as inappropriate
Team Lead, Information Technology Systems Administration at Intermedia
Autopilot saves significant time on managing devices
Pros and Cons
- "The Autopilot feature is the most valuable because it saves significant time on managing devices. We can ship devices globally, and users can set them up on their own. It's convenient."
- "The Autopilot feature is the most valuable because it saves significant time on managing devices."
- "Microsoft Intune could improve in reporting data for endpoints and fleets. Enhanced capabilities to run queries and gather specific device data to identify trends or issues would be beneficial. The feature parity for MacOS and handling devices from an MDM perspective is not comprehensive. Consolidation of these functionalities within Intune would simplify processes and finances."
- "We do not utilize Microsoft customer service and technical support since it is generally a waste of time."
What is our primary use case?
I use Microsoft Intune to Autopilot our devices and manage various configuration policies mainly on Windows PCs. It helps in efficiently deploying company configurations remotely.
How has it helped my organization?
Intune has streamlined our onboarding process. Most of our workforce is remote, and there typically isn't an office where they can pick up the devices. It's easy to ship them to any address and configure them remotely.
What is most valuable?
The Autopilot feature is the most valuable because it saves significant time on managing devices. We can ship devices globally, and users can set them up on their own. It's convenient.
The user experience is pretty solid. We've gotten great feedback on the onboarding process and replacing devices. Every employee on the Windows PC has gone through Intune's Autopilot process.
What needs improvement?
Microsoft Intune could improve in reporting data for endpoints and fleets. Enhanced capabilities to run queries and gather specific device data to identify trends or issues would be beneficial. The feature parity for MacOS and handling devices from an MDM perspective is not comprehensive. Consolidation of these functionalities within Intune would simplify processes and finances.
For how long have I used the solution?
I have used Microsoft Intune for about four years.
What do I think about the stability of the solution?
Microsoft Intune is very stable. I cannot recall any significant service outages in the last few years.
What do I think about the scalability of the solution?
Microsoft Intune is scalable and handles our workload efficiently. Although our organization is not very large, we foresee continuing with Intune as it supports scalability effectively.
How are customer service and support?
We do not utilize Microsoft customer service and technical support since it is generally a waste of time.
Which solution did I use previously and why did I switch?
We used SCCM before, and now we are in a hybrid state, co-managing with SCCM and Microsoft Intune. The primary reason for the switch was the convenience of joining devices to our environment over the Internet.
How was the initial setup?
Microsoft Intune's initial setup was straightforward. It took some effort to configure it to a finalized version. Like every other piece of technology, it's constantly undergoing configuration changes. From an out-of-the-box perspective, it's super-easy to set up, but, you know, you have to continue iterating on it over time.
What about the implementation team?
The implementation was primarily conducted by my team, especially my endpoint administrator on the Windows side.
What was our ROI?
Factoring in the setup time, we've saved about 1,000 hours in the last couple of years.
What's my experience with pricing, setup cost, and licensing?
We spend a lot of money on Intune licensing, and some of our users have to be double licensed just because of how our dev and corporate environments are segmented.
What other advice do I have?
I rate Microsoft Intune eight out of 10. Offering the same features for MacOS would make it a 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partners
Last updated: Dec 16, 2024
Flag as inappropriateBuyer's Guide
Microsoft Intune
March 2025

Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,672 professionals have used our research since 2012.
Engineer, Systems Admin . at a financial services firm with 5,001-10,000 employees
Dynamic groups enhance security while cumbersome deployment process needs refinement
Pros and Cons
- "Dynamic groups allow us to set conditions for automatic membership, eliminating the need for user intervention or manual review and ensuring a seamless workflow."
- "Dynamic groups allow us to set conditions for automatic membership, eliminating the need for user intervention or manual review and ensuring a seamless workflow."
- "Microsoft Intune's app deployment presents challenges for non-MSI and non-store apps, particularly EXEs, requiring the use of a Win32 wrapper tool and adding overhead to the process."
- "Microsoft Intune's app deployment presents challenges for non-MSI and non-store apps, particularly EXEs, requiring the use of a Win32 wrapper tool and adding overhead to the process."
What is our primary use case?
We use Microsoft Intune to manage mobile devices for our parent company and our independent subsidiaries. These devices are not directly corporate-owned but belong to individuals or subsidiaries with whom we work. We enroll both their and our corporate devices in Intune to manage policies, ensure optimal security settings through compliance reviews, and deploy a VPN client for secure access to our internal network resources.
How has it helped my organization?
Microsoft Intune has provided valuable insight into the status of our independent computers, which previously lacked a management agent and had no standardized security policies. We could not enforce password expiration policies, hardened passwords, or even minimum password requirements, with some users relying on six-character passwords. By enrolling these devices in Intune, we have enforced more robust security measures, such as a minimum eight-character password length, and gained visibility into device compliance to ensure adherence to best security practices for data protection.
The Intune user experience is good, especially with the many improvements made to the web interface over the years. It has always been designed as a simpler interface than Configuration Manager, and Microsoft has done a good job in achieving this goal.
What is most valuable?
Dynamic groups are more efficient than static groups, which require manually adding members. This was cumbersome, especially when onboarding new people, as it necessitated manually adding them to the appropriate groups. Dynamic groups allow us to set conditions for automatic membership, eliminating the need for user intervention or manual review and ensuring a seamless workflow.
What needs improvement?
Microsoft Intune's app deployment presents challenges for non-MSI and non-store apps, particularly EXEs, requiring the use of a Win32 wrapper tool and adding overhead to the process. Additionally, deploying device-specific installers, such as VPN clients, is complicated by the inability to target users directly, necessitating knowledge of device names that may not be readily available. Furthermore, the web interface lacks detailed information for MDM-enrolled devices, such as the user's UPN, requiring the use of Graph Explorer API and necessitating Global Admin consent to access device properties. Enhancing app deployment, enabling user-targeted device application deployment, and improving the web interface, particularly for MDM-enrolled devices, by providing comprehensive device information and customizable columns, would significantly streamline Intune's usability.
Microsoft Intune should enhance flexibility and features to better match the granularity available in systems like SCCM.
For how long have I used the solution?
I have been using Microsoft Intune for over five years.
What do I think about the stability of the solution?
Microsoft Intune has been stable, and I have not noticed any specific stability issues. While we've encountered problems with other services like Exchange, Intune has remained unaffected.
What do I think about the scalability of the solution?
Scaling Intune is challenging due to the various device types we manage. Our parent company's mobile devices were already enrolled, and we've added our independent Windows devices, with plans to include corporate devices soon. A key hurdle is the lack of visibility into user attributes in Intune, hindering our ability to create dynamic groups effectively. Ideally, we want to automatically segregate devices based on user properties like primary use, but currently, dynamic groups seem limited to device properties. This forces manual group assignment after user enrollment, which is inefficient and reliant on user notification. Improved dynamic group functionality, particularly the ability to leverage user attributes, would significantly streamline device management.
How are customer service and support?
Customer support has been reasonable overall. However, there have been cases, such as issues with BitLocker recovery keys, where support was less effective, leading to multiple hand-offs and delays.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Before Intune, the independent devices were unmanaged without any agent. For corporate devices, we previously used SCCM.
How was the initial setup?
The initial deployment of Microsoft Intune was fairly straightforward, despite a few challenges due to our unusual configuration of two on-premise domains syncing to our Azure tenant. This dual user sync caused issues because some users remained on the older domain, leading to conflicts when automated systems modified on-premise account attributes. These modifications triggered Azure to switch the sync to the other account, resulting in login failures for users with cached credentials from the old account. While we've mostly identified the cause and the fix, we still encounter this issue occasionally.
What about the implementation team?
The deployment was handled in-house. Our organization benefited from having skilled personnel and guidance from our parent company.
What was our ROI?
The return on investment includes successfully distributing applications like a VPN client and Office 365. As a result, independent devices now have better application access, encouraging even non-enrolled entities to request Intune enrollment.
Which other solutions did I evaluate?
We considered Tanium for managing independent devices, but it's a comprehensive endpoint management tool with more functionality than we needed. Management felt it would introduce unnecessary overhead. Since all our corporate devices are currently managed with Intune, adding independent devices would require segregation. Ultimately, we opted for Intune due to its ease of use, allowing us to create targeted policies from scratch.
What other advice do I have?
I would rate Microsoft Intune a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Nov 24, 2024
Flag as inappropriateCloud Engineer III at Insight
Intune centralizes device, application, and policy management, enhancing IT efficiency and security, though some custom deployments require additional innovation.
Pros and Cons
- "I like how Intune brings everything into one place. For example, you can set up conditional access to applications and devices inside Intune. I also like the segregation inside the Intune devices. You can segregate them by Windows, iOS, iPadOS, macOS, and Android. You can sort it by platform, so you don't need to go into the devices section."
- "I rate Microsoft support four out of 10. Support is one area where Microsoft needs to improve a lot. I recently raised a ticket for a Microsoft Azure issue, and it took two and a half weeks for support to reply. They need to improve support across their entire catalog of products."
What is our primary use case?
You can use Intune to manage devices for any size project, from a small business to an enterprise-level project. You can manage hundreds of thousands of devices. Intune can manage on-prem and cloud services. We are working with large enterprises mostly.
How has it helped my organization?
Intune encompasses all devices, applications, and policies that can be deployed within an organization through a single portal. In the event of an outage, it simplifies the management and resolution of issues or policy adjustments. It allows for the management of security profiles, applications, and devices from one portal across any operating system platform.
Consolidating everything in one location enhances the efficiency and productivity of IT administrators. Since adopting Intune, our IT team's productivity has increased by 20 to 30 percent. Additionally, the integration of Copilot has further improved our efficiency by 5 to 10 percent.
However, there are exceptions. Certain applications cannot be deployed easily via Intune. Win32 deployment is necessary for these, which can be challenging as it demands extensive testing to release a custom package from Intune. More innovation is needed to deploy custom applications, which would greatly benefit us. For most enterprise scenarios, application deployment is relatively straightforward.
Hybrid environments call for innovation, particularly with hybrid enrollments using GPO. While most autopilot hybrid scenarios and co-management run smoothly, I have encountered issues with hybrid GPO enrollments due to their complexity.
Intune is a leading secure solution in the Indian market. It allows the creation of any conceivable security policy. With the addition of Purview and DLP modules and integration with Microsoft Defender for Endpoint, security has never been a concern, and our security posture is nearly impeccable.
Intune has also facilitated vendor consolidation. It is our primary recommendation for an MDM solution because it offers the productivity and features that would otherwise require integration of multiple solutions from other vendors. The industry is now transitioning from on-premises Intune to cloud-based management.
Intune enables the deployment of any security solution. Although it does not integrate, it allows for the deployment of a wide range of security measures.
Consolidating everything in one location enhances the efficiency and productivity of IT administrators. Since adopting Intune, our IT team's productivity has increased by 20 to 30 percent. Additionally, the integration of Copilot has further improved our efficiency by 5 to 10 percent.
However, there are exceptions. Certain applications cannot be deployed easily via Intune. Win32 deployment is necessary for these, which can be challenging as it demands extensive testing to release a custom package from Intune. More innovation is needed to deploy custom applications, which would greatly benefit us. For most enterprise scenarios, application deployment is relatively straightforward.
Hybrid environments call for innovation, particularly with hybrid enrollments using GPO. While most autopilot hybrid scenarios and co-management run smoothly, I have encountered issues with hybrid GPO enrollments due to their complexity.
Intune is a leading secure solution in the Indian market. It allows the creation of any conceivable security policy. With the addition of Purview and DLP modules and integration with Microsoft Defender for Endpoint, security has never been a concern, and our security posture is nearly impeccable.
Intune has also facilitated vendor consolidation. It is our primary recommendation for an MDM solution because it offers the productivity and features that would otherwise require integration of multiple solutions from other vendors. The industry is now transitioning from on-premises Intune to cloud-based management.
Intune enables the deployment of any security solution. Although it does not integrate, it allows for the deployment of a wide range of security measures.
What is most valuable?
I appreciate how Intune consolidates everything in one location. For instance, it allows the setup of conditional access for applications and devices directly within Intune. The segregation feature within Intune devices is also beneficial. Devices can be categorized by Windows, iOS, iPadOS, macOS, and Android, and sorted by platform, eliminating the need to navigate the devices section.
The app management feature has seen significant improvements. Initially, navigating the app section was quite challenging, but now, all my concerns have been addressed. It's possible to deploy or manage any application, with reports and app-protection policies accessible in the same section, which is quite convenient.
I would rate the user experience at nine out of 10. Having utilized various MDM solutions from Microsoft, Cisco, and VMware, I find Intune to be superior. We employ Microsoft Defender for Endpoint and DLP policies in Purview, along with multiple security policies such as baselines and BitLocker for encryption. This integration simplifies the administration of security features from other tools in one place.
The most sophisticated analytics we've utilized are group policy analytics. As a consultant, I often handle multiple migrations, primarily from on-premises to the cloud. Group policy analytics are particularly useful in these scenarios as we migrate on-premises policies. If Intune lacks support, we must either start anew or seek alternatives.
Copilot is beneficial as it supports various CSPs or policies. Despite extensive use, one cannot be fully versed in everything about Intune. Whenever there's confusion, Copilot is a valuable resource to clarify and ensure the feasibility of creations within Intune. Copilot assists in profile creation and assignment considerations.
My perspective on tools like Copilot is that they are artificial; the intelligence aspect is still emerging in the AI industry. Nevertheless, Copilot is a well-maintained and informed tool.
The app management feature has seen significant improvements. Initially, navigating the app section was quite challenging, but now, all my concerns have been addressed. It's possible to deploy or manage any application, with reports and app-protection policies accessible in the same section, which is quite convenient.
I would rate the user experience at nine out of 10. Having utilized various MDM solutions from Microsoft, Cisco, and VMware, I find Intune to be superior. We employ Microsoft Defender for Endpoint and DLP policies in Purview, along with multiple security policies such as baselines and BitLocker for encryption. This integration simplifies the administration of security features from other tools in one place.
The most sophisticated analytics we've utilized are group policy analytics. As a consultant, I often handle multiple migrations, primarily from on-premises to the cloud. Group policy analytics are particularly useful in these scenarios as we migrate on-premises policies. If Intune lacks support, we must either start anew or seek alternatives.
Copilot is beneficial as it supports various CSPs or policies. Despite extensive use, one cannot be fully versed in everything about Intune. Whenever there's confusion, Copilot is a valuable resource to clarify and ensure the feasibility of creations within Intune. Copilot assists in profile creation and assignment considerations.
My perspective on tools like Copilot is that they are artificial; the intelligence aspect is still emerging in the AI industry. Nevertheless, Copilot is a well-maintained and informed tool.
What needs improvement?
Microsoft currently restricts deployment to PowerShell or XML scripts, so it would be beneficial to support additional scripts such as command scripts, C languages, or TypeScript to enhance systematic compliance.
While the UI has been updated, it could be made more accessible. Navigating to a specific section in Intune requires multiple clicks through different areas before arriving at the intended destination, indicating the UI could benefit from further improvement.
The process of application discovery and deployment is relatively seamless. Nonetheless, there is room for enhancement in the reporting aspect. Intune still lacks comprehensive reports, and notably, its failure reporting does not succinctly communicate the full extent of an error.
While the UI has been updated, it could be made more accessible. Navigating to a specific section in Intune requires multiple clicks through different areas before arriving at the intended destination, indicating the UI could benefit from further improvement.
The process of application discovery and deployment is relatively seamless. Nonetheless, there is room for enhancement in the reporting aspect. Intune still lacks comprehensive reports, and notably, its failure reporting does not succinctly communicate the full extent of an error.
For how long have I used the solution?
I have used Intune for more than six and a half years.
What do I think about the stability of the solution?
I rate Intune 10 out of 10 for stability.
What do I think about the scalability of the solution?
With Linux and Chrome OS now supported, the scalability has reached 100 percent. Every device or endpoint operating on our OS can be enrolled in Intune.
How are customer service and support?
I would rate Microsoft support as four out of ten. Support is an area where Microsoft could significantly improve. I had an issue with Microsoft Azure recently, and after raising a ticket, it took two and a half weeks to receive a response. There is a need for enhanced support across all their product offerings.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We have utilized Cisco Meraki, VMware Workspace ONE, and Jamf for managing Apple devices. However, Intune stands out among these options because it overcomes application deployment limitations that others have. While some support only Apple or Windows devices, Intune excels in compatibility, supporting Android as well. Moreover, Intune can implement more security policies than any other MDM solution available.
How was the initial setup?
Hybrid enrollment is typically complex, yet cloud autopilot simplifies the process considerably. It's possible for anyone to grasp cloud deployment within five to ten minutes. While the most intricate enrollments, involving thousands of devices, may take two to three weeks, a cloud-based deployment can be accomplished in approximately one week.
What about the implementation team?
This was completely in-house.
What's my experience with pricing, setup cost, and licensing?
Intune is considered moderately priced. It is available as part of a bundle with Microsoft 365 E3 or E5 licenses. While the E5 licenses are somewhat costly, Intune offers some more affordable solutions.
Which other solutions did I evaluate?
Yes, we evaluated Cisco Meraki and VMware workspace One.
What other advice do I have?
I give Microsoft Intune a rating of nine out of ten. Intune stands out as one of the top solutions in the market, and its capabilities are expanding with the integration of cloud PCs, Chrome OS, and Linux systems. For any large enterprise, I endorse both Intune and Defender.
The recent CrowdStrike outage, which is the largest in IT history, affected only systems without Microsoft Defender but with CrowdStrike. This incident underscores the importance for enterprises to transition towards deploying Intune and Defender for enhanced security.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Aug 8, 2024
Flag as inappropriateMicrosoft Support Engineer at a tech vendor with 10,001+ employees
It helps consolidate our endpoints, simplifies mobile device management, and provides a smooth user experience
Pros and Cons
- "Intune significantly simplifies application deployment, mobile application management, and policy enforcement, such as restricting user access to specific applications, thereby enhancing overall environment security."
- "Since GMS is unavailable in China, we currently rely on device administrator enrollment for managing Android devices there."
What is our primary use case?
We use Microsoft Intune to manage mobile devices across almost all platforms, including Android, Windows, and Linux, which was recently added just a few months ago.
Previously, we relied on on-premises infrastructure using SCCM to manage mobile devices alongside other tools. Intune is a cloud-based solution that empowers administrators to manage cloud devices, implement policies, and deploy applications. While other MDM platforms exist, Intune is a top choice due to its feature set.
How has it helped my organization?
Microsoft Intune consolidates our endpoint and security management tools into a single platform. While still under development with new security features on the horizon, the current capabilities offer administrators ample tools to fortify the environment.
Intune simplifies mobile device management by consolidating endpoint and security tools into a single platform. This centralized approach enables IT administrators to efficiently manage various aspects, including Windows updates, Wi-Fi and VPN policies, application restrictions, and user account creation, all within the Intune interface, significantly streamlining the overall management process.
The user experience is quite smooth for most users because administrators handle all necessary configurations. Options like Windows Autopilot and zero-touch deployment enrollment significantly simplify the process, minimizing user intervention and effort required to set up and use devices.
I currently support Microsoft admins and have handled numerous cases related to Enterprise Application Management. Many companies utilize this tool to manage their in-house applications. While not all companies employ this method, most larger organizations do. These companies often deploy their enterprise applications using Intune, which offers a feature that allows admins to protect application data through mobile application management policies. To enable MAM, applications must be wrapped with the Intune Software Development Kit to communicate with Intune services. This process is valuable as it empowers admins to safeguard sensitive data. Intune provides SDK options for both iOS and Windows applications.
There are two methods for automatically updating the application: independent updates within the application itself or updates to the application package managed through Intune. The chosen method depends on the enterprise application's configuration. Recently introduced Azure application registration simplifies the process by requiring registration before deployment, enhancing security through authentication.
We utilize advanced endpoint analytics within the Intune suite, and the recent release of Windows Autopilot's version has expanded the range of analytics tools available to administrators. While Intune provides data on devices and users under its management, more in-depth reports can be accessed through Log Analytics or Azure Monitor. However, Intune's analytics are sufficient for gathering reports on managed devices.
The advanced endpoint analytics feature within the Intune suite allows us to access detailed information about our devices. This includes data on device counts, specific settings for bulk administration or devices, and the ability to filter devices based on our needs.
I have experience with several MDM solutions. While Microsoft Intune is excellent for managing thousands of user devices, it may not be ideal for specific use cases like bulk printer or Jabra device management, which could present challenges. However, Intune shines in organizations with large numbers of users, especially when integrated with existing on-premises infrastructure or SCCM. This integration can streamline operations and reduce staffing needs. For example, a ten-person IT team might only require two to five people dedicated to Intune management with on-premises support. While I cannot provide a full sales pitch, I confidently recommend Intune to anyone seeking a robust MDM solution.
Copilot in Intune is valuable when integrated with back-end data, such as our existing tools and libraries. This integration empowers administrators to assess information effectively. However, the tool's effectiveness hinges on the quality of data input and query formulation. As users are still familiarizing themselves with Copilot, its adoption varies across environments, with some users enabling it and others disabling it.
Copilot in Intune simplifies IT operations by quickly responding to inquiries about integrated systems. Users won't need to search for specific details as Copilot offers a variety of solutions.
Intune offers more than device management; it also aids in user management. Regardless of the platform, Intune provides various options for device enrollment. Intune prevents mixing personal and corporate data, whether using a corporate or personal device. It also offers robust security features, enabling granular control over user access to applications, resources, and other tools.
In a hybrid environment, security management depends on whether devices are co-managed and how policies are configured in Intune. Intune offers various features, including remote actions, to address these scenarios. However, I discovered an issue with BYOD devices on iOS: wiping an enrolled device deletes all data, not just corporate data. This is a problem that needs to be addressed internally.
With the endpoint privilege management feature, the admin can create an EPM policy. If a user tries to access a resource, the admin will be prompted to grant or deny access based on the policy.
Suppose I need to access data, logs, or files on a Windows device that a global administrator restricts or requires approval for. In that case, I can configure an EPM policy to remind users that additional authorization is necessary. For instance, I encountered cases where users frequently mistakenly assigned test applications to production environments. To prevent this without restricting access or privileges, we configured an EPM policy to prompt users specifically when assigning that application to a production environment. This approach demonstrates how EPM policies can be tailored to address various requirements.
EPM provides an additional layer of authentication for accessing a resource, application, or permission. For ASR, we can define rules by which users can access the resources.
Intune has significantly improved productivity by simplifying tasks like certificate authority restoration. For example, using a deployed CA server certificate, I've set up a Wi-Fi profile with auto-authentication. Previously, expiring certificates required manual reissuance, but Intune automates this process by revoking certificates when they approach their expiration threshold. This threshold, configurable within the certificate profile, can be set as a percentage of the certificate's lifespan. A revocation request is triggered when the threshold is reached, ensuring a new certificate is issued for the device or user profile before the old one expires.
Intune's integration with Microsoft 365 and Microsoft Security for both cloud and co-managed devices is beneficial because it offers a centralized platform. We can directly assign licenses within Intune instead of using the separate M365 admin portal to create users, simplifying the process. Intune synchronizes features and functions from M365, streamlining management. However, purchasing new licenses still requires accessing the admin center. Despite this, Intune effectively synchronizes information to endpoints.
What is most valuable?
While conditional access isn't solely limited to Intune, we can also effectively implement and manage conditional access policies through Azure. However, Intune significantly simplifies application deployment, mobile application management, and policy enforcement, such as restricting user access to specific applications, thereby enhancing overall environment security. Furthermore, Intune automates numerous tasks previously requiring manual configuration by administrators, streamlining the process by creating simple policies for desired outcomes.
What needs improvement?
There are specific devices we can focus on. For example, due to GMS restrictions in China, we face limitations. However, BlackBerry UEM can enroll Android devices as Android Enterprise, though the exact method is unclear. We could explore whether Intune can replicate this functionality. Since GMS is unavailable in China, we currently rely on device administrator enrollment for managing Android devices there. This suggests potential opportunities to develop solutions or collaborate with Chinese partners to create new features within Intune for managing Android devices in the Chinese market.
For how long have I used the solution?
I have been using Microsoft Intune for three years.
What do I think about the stability of the solution?
While some specific tenants experience occasional outages and bugs, our monitoring team is actively tracking an upcoming issue affecting certain tenants in specific regions. Both the support and broader teams are diligently working to resolve this. Aside from this, Microsoft Intune is demonstrating overall stability.
What do I think about the scalability of the solution?
If an organization has the budget, they can easily scale Microsoft Intune.
How are customer service and support?
Microsoft's technical support for Microsoft Intune and the broader Microsoft environment consists of several tiers. Customers can choose between broad commercial support, Pro support, or Premier support, the latter including dedicated Customer Success Account Managers and Incident Managers to facilitate access to specialized engineers. Support engineers are categorized into levels one, two, and three. We collaborate weekly with global subject matter experts to address ongoing issues and cases. For complex or backend problems, we engage the product group using a specific request form. While Microsoft previously employed support staff primarily in the US and Canada, they now utilize vendors in India and the Philippines, offering varying levels of expertise. To enhance support quality, Microsoft should invest in training these engineers and consider opportunities for full-time employment, rather than incurring the costs of recruiting and training new staff.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
How was the initial setup?
An organization migrating to the cloud typically requires an Azure subscription as a starting point. While our FastTrack Team offers full migration solutions, IT administrators can also independently move operations to the cloud by purchasing an Azure subscription, tenant, and licenses and configuring policies, privileges, and workloads. Existing on-premises infrastructure can be synced to the cloud using Azure AD Connect, enabling management within a hybrid or pure Azure AD environment. The ease of migration depends on the administrator's experience, and Microsoft support is available for those requiring assistance.
One to two solution architects are enough for the deployment.
Several factors influence the time required for deployment. For instance, with a user base of 100, deployment can be achieved within a week. However, environments with thousands of users and devices, especially on-premises setups, present greater challenges. Customers or administrators migrating to the cloud and adopting Intune often follow a phased approach. They typically start by deploying and testing a subset of policies to assess manageability and feasibility before proceeding with application deployment. As a result, the overall deployment timeline varies significantly across organizations and can extend to several weeks.
What's my experience with pricing, setup cost, and licensing?
Microsoft services are slightly more expensive than competitors but offer advantages and disadvantages. Even if they charge a premium, they aim to provide equal value.
Which other solutions did I evaluate?
I have experience with SOTI MobiControl, Jamf Pro, and AirWatch. SOTI MobiControl excels at managing specific devices, offering a list of compatible models upon request. Intune, however, struggles with printer management and Zebra device compatibility. Its network security features are limited due to ongoing development, and it lacks in-built policies for third-party applications, hindering compatibility and communication with external devices and manufacturers. While custom policies can be implemented, comprehensive built-in options would be beneficial.
What other advice do I have?
I would rate Microsoft Intune eight out of ten.
Intune requires no maintenance after initial deployment, but ongoing subscriptions are necessary for each user as individual licenses are needed monthly. Microsoft continually updates the service to support the latest operating systems and applications, so ensuring our environment is up-to-date is crucial for optimal performance.
Microsoft Intune is a good tool, and to simplify operations, I recommend a full cloud environment over a hybrid environment.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Aug 6, 2024
Flag as inappropriateTechnical Sales Professional (Microsoft Modern Workplace) at Alnafitha IT
Enables us to deploy applications to devices remotely without touching or interacting with the end user
Pros and Cons
- "Microsoft Intune is very stable due to its cloud-based infrastructure and its reliability in performance."
- "Improvements are needed in Microsoft Intune's enterprise app management, including support for more applications in app patching, boot batching, and discovery. I also hope the cost of Remote Help will decrease because it's a much-needed Intune function. Our customers need that capability, or they will buy it from a third party at a premium."
- "I also hope the cost of Remote Help will decrease because it's a much-needed Intune function."
What is our primary use case?
We use Microsoft Intune to manage our customers' end-user workstations. Specifically, we use it for mobile application management, managing personal phone devices for iOS and Android without enrollment, and configuring app VPN through the Intune tunnel server. We also manage Microsoft Teams for mobile application management and use it extensively for Windows devices.
How has it helped my organization?
Microsoft Intune has helped by making additional access based on corporate owned devices or managed devices, which prevents our IT admins from accessing specific organizational resources unless using these secure devices.
Intune enables us to deploy applications to devices remotely without touching or interacting with the end user. We can also configure some profiles, like Wi-Fi profiles, for specific branches without additional configuration from the end user. It's easy for end-users to adopt changes or merge branches. Also, you can predefine the applications so they automatically download when the user joins that branch.
What is most valuable?
Microsoft Intune offers features such as mobile application management and always-on VPN for Windows, which are valuable for managing customer devices and ensuring efficiency. It also aids in application deployment and configuration without requiring direct user interaction, simplifying the integration of new devices and systems.
We use endpoint analytics to analyze the user performance on their machines or app crashes. We can also evaluate Windows startups to detect if there are some user problems or if it's their workstation performance. We can be more proactive about improving our user's work infrastructure.
We use enterprise application management for app patching, but it needs to include more applications. Some important applications are not part of the enterprise app management, but we hope they will be added soon. We appreciate the automatic updates and discovery of installed applications and older devices. Automatic patching will help us keep the devices and applications up to date to detect newly discovered vulnerabilities. Copilot helps us generate reports about compliant devices and software installed on specific devices. We can also track the device's compliance state.
What needs improvement?
Improvements are needed in Microsoft Intune's enterprise app management, including support for more applications in app patching, boot batching, and discovery. I also hope the cost of Remote Help will decrease because it's a much-needed Intune function. Our customers need that capability, or they will buy it from a third party at a premium.
For how long have I used the solution?
We have used Microsoft Intune for around three years.
What do I think about the stability of the solution?
Microsoft Intune is very stable due to its cloud-based infrastructure and its reliability in performance.
What do I think about the scalability of the solution?
Microsoft Intune's cloud-based nature ensures it is highly scalable, supporting a large number of devices without performance issues.
How are customer service and support?
We do not often rely on Microsoft Support. Sometimes response times can be long, but generally, they are helpful in resolving issues.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Previously, we used solutions like ManageEngine and Endpoint Central. We switched to Microsoft Intune to better support enterprise customers needing fully managed devices like iPads for secure environments.
How was the initial setup?
The initial setup of Microsoft Intune was straightforward, thanks to its various enrollment methods.
What about the implementation team?
We are a consulting partner, providing implementation services for Microsoft Intune.
What was our ROI?
We've seen a return on investment through enhanced security, as Intune allows access to critical systems only through corporate-owned devices, integrating well with Microsoft’s ecosystem to protect company assets.
What's my experience with pricing, setup cost, and licensing?
The default capabilities of Microsoft Intune are reasonably priced, but the Intune suite and add-ons, such as batch management and remote help, are costly, leading customers to consider third-party options.
Which other solutions did I evaluate?
Before switching to Microsoft Intune, we considered ManagerEngine. Eventually, the decision focused on Intune specifically to meet enterprise requirements.
What other advice do I have?
I rate Microsoft Intune eight out of 10. I deduct a couple of points because key features like application patching and Remote Help need to be purchased separately.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: LSP Partner
Last updated: Dec 4, 2024
Flag as inappropriateIT Manager at Profile Software
Helps to improve our data governance, security, and central management
Pros and Cons
- "The compliance and configuration policies in Microsoft Intune are the most valuable features, saving significant time compared to manual implementation."
- "Although Intune is from the same provider, its integration with other Microsoft products, like Microsoft Defender or Microsoft Purview, could be improved."
What is our primary use case?
I used Microsoft Intune for compliance policies, configuration policies, and Intune enrollment.
We implemented Microsoft Intune to manage mobile devices in bulk and enforce management policies.
Intune was deployed in a hybrid environment. Devices were initially onboarded to Azure Active Directory and then enrolled in Intune. All devices originated from a local Active Directory.
How has it helped my organization?
Intune brought all of our endpoint and security management tools into one place.
Having our endpoint and security management tools in one place saves time, and I have most of the information in one dashboard.
From an administrative and user standpoint, Intune offers a beneficial and secure user experience.
I have had a great experience with enterprise application management for app discovery, deployment, and automatic updating because it automates all the procedures.
Intune improved our data governance, security, central management, and policy application. I realized these benefits after two to three months of seeing how Intune works.
Intune effectively secures hybrid work environments and safeguards company data, especially on BYOD devices. Through Intune, we can monitor all devices accessing company data and manage them centrally, which is crucial.
Intune affected IT productivity in our organization by governing company data, securing global data, and saving time, all through central management.
It helped our organization save 50 percent of costs by integrating Office 365 and Intune into one license. We didn't have to use third-party software for mobile device management.
Intune helped consolidate vendors. This consolidation has dramatically improved our security posture.
The vendor consolidation helped reduce our licensing costs.
The integrated capabilities of Intune within the Microsoft 365 and Microsoft Security suites are essential for managing cloud and co-managed devices. They provide a comprehensive solution under a single license, eliminating the need to install agents from third-party vendors and saving significant time and effort.
What is most valuable?
The compliance and configuration policies in Microsoft Intune are the most valuable features, saving significant time compared to manual implementation. The security integration with Microsoft Defender is also valuable.
What needs improvement?
Although Intune is from the same provider, its integration with other Microsoft products, like Microsoft Defender or Microsoft Purview, could be improved. Regarding synchronization, there are occasional delays in updating a device's status. Integrating Microsoft products, such as Microsoft Purview, Microsoft Defender, and Entra, requires enhanced synchronization capabilities.
For how long have I used the solution?
I have been using Microsoft Intune for almost three years.
What do I think about the stability of the solution?
I would rate the stability of Microsoft Intune eight out of ten.
What do I think about the scalability of the solution?
I would rate the scalability of Microsoft Intune eight out of ten.
How was the initial setup?
Intune has too many capabilities. Deploying it is not straightforward, but it gets easier once you understand how it works.
For 200 devices, the deployment took us almost three months to complete.
What was our ROI?
In conjunction with Microsoft Defender, Intune has significantly reduced our spending on third-party endpoint security solutions. For instance, we previously used Check Point, but after implementing Intune and Defender, we discontinued using it, resulting in substantial cost savings.
What's my experience with pricing, setup cost, and licensing?
Our Office 365 Business Premium license, including Office 365 and Intune Management, offers excellent value.
What other advice do I have?
I would rate Microsoft Intune eight out of ten.
I would recommend Microsoft Intune to others.
Intune offers a wide array of capabilities, and even after extensive familiarity with the platform, it's difficult to fully grasp its potential. To effectively implement Intune, it's recommended to conduct thorough research, primarily through online resources, to understand specific requirements and capabilities in advance.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 25, 2024
Flag as inappropriateManager, Enterprise IT Engineering at a healthcare company with 1,001-5,000 employees
Provides a cloud deployment process where we don't have to touch the equipment
Pros and Cons
- "Microsoft Intune's autopilot has been nice to have."
- "Microsoft Intune has been a time saver and reduces the time and effort IT admins have to invest."
- "Historically, Group Policy has simplified the management of various items, such as printer and drive mappings and while Intune offers workarounds, it lacks native support for these functionalities."
- "Historically, Group Policy has simplified the management of various items, such as printer and drive mappings and while Intune offers workarounds, it lacks native support for these functionalities. This is an area I believe needs improvement."
What is our primary use case?
A subset of our staff works remotely. We ship laptops directly to them from our vendor, and they complete the setup process using Microsoft Intune. This process has been working seamlessly.
How has it helped my organization?
Microsoft Intune has been a time saver and reduces the time and effort IT admins have to invest.
The user experience with Intune has generally improved since the retirement of the old Silverlight-based legacy portal.
What is most valuable?
Microsoft Intune's Autopilot has been nice to have. It provides a cloud deployment process where we don't even have to touch the equipment—it arrives provisioned and ready to go.
What needs improvement?
Historically, Group Policy has simplified the management of various items, such as printer and drive mappings and while Intune offers workarounds, it lacks native support for these functionalities. This is an area I believe needs improvement.
For how long have I used the solution?
I have been using Microsoft Intune for about five years.
What do I think about the stability of the solution?
It is nice that we don't have to manage any local on-prem servers. Intune just runs itself.
What do I think about the scalability of the solution?
It's nice that we can provision a bunch of equipment almost immediately without any hands-on involvement.
How are customer service and support?
Microsoft support has significantly improved since we obtained the Enterprise Agreement. Previously, the support we received was not as satisfactory.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
We previously used SCCM to manage our devices but switched to Microsoft Intune to simplify cloud management when we transitioned to a remote workforce during the pandemic. We are pleased with the transition to Intune.
How was the initial setup?
The initial deployment went smoothly thanks to our Microsoft Enterprise Agreement, which provided access to support and Software Assurance Training hours. The documentation was clear, concise, and easy to implement.
What about the implementation team?
We implemented Microsoft Intune in-house.
What was our ROI?
Microsoft Intune's Autopatch feature has significantly reduced the time and effort required by IT administrators, resulting in a positive return on investment by streamlining patching processes and increasing efficiency.
What's my experience with pricing, setup cost, and licensing?
Intune is included with our F3 and E5 licenses. However, some suite features should be accessible without additional cost, a sentiment widely echoed online.
Which other solutions did I evaluate?
We evaluated several solutions, including ManageEngine and Meraki, before ultimately selecting Intune, which was conveniently included in our existing licensing agreement.
There were some aspects that were easier in some of the competitive solutions, but we would have had to pay extra. It wasn't included, so we decided to go with Intune. And overall, as the years progressed, Intune improved some of that functionality.
What other advice do I have?
I would rate Microsoft Intune an eight out of ten for scalability.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Nov 30, 2024
Flag as inappropriate
Buyer's Guide
Download our free Microsoft Intune Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Unified Endpoint Management (UEM) Configuration Management Remote Access Enterprise Mobility Management (EMM) Microsoft Security SuitePopular Comparisons
Workspace ONE UEM
ManageEngine Endpoint Central
NinjaOne
IBM MaaS360
Sophos Mobile
Ivanti Neurons for MDM
Citrix Endpoint Management
Faronics Deep Freeze
Scalefusion
Ivanti Endpoint Manager
Hexnode UEM
Tanium XEM
Matrix42 Unified Endpoint Management
Adaptiva
Buyer's Guide
Download our free Microsoft Intune Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Microsoft Intune and VMware AirWatch; Which do you recommend?
- What is lacking in comparison with AirWatch?
- What are the benefits of Microsoft Intune for IT Admin?
- What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions?
- What are the main differences between Jamf Pro and Microsoft Intune for Mac management?
- Which solution is better for an educational organization: Google Workspace or Microsoft Intune?
- What are the differences between MobileIron UEM and Microsoft Intune?
- What are the pros and cons of Microsoft Intune?
- How does Microsoft Intune compare with ManageEngine Desktop Central?
- Is it worth migrating from WS1 to Intune if we have Microsoft 365 E3 available?