Microsoft Intune Reviews

We use Intune to manage endpoints as a centralized enterprise solution. Instead of relying on Active Directory or an on-premise system, we directly manage employee devices using Microsoft Intune. Intune, a cloud-based SaaS product, simplifies endpoint management. From a user perspective, it's an improvement. Users no longer need to be on the office network. They can set up their devices anywhere with an internet connection, whether at home or another location.

Security is also enhanced. By using Intune as a mobile device management solution, we can implement security controls and restrictions on endpoints. Intune helps us achieve a balance between user experience and security.

Managing remote employee devices with Microsoft Intune is easy. Intune acts as a central platform for deploying controls, policies, and applications to our endpoints. It simplifies the delivery of these configurations to our remote workforce.

Intune simplifies our mobile application management. Once implemented across the organization, it will eliminate our reliance on on-premises solutions. Previously, managing endpoints required using our System Center Configuration Manager. Now, Microsoft offers a unified solution called Microsoft Endpoint Manager. Intune, a key component of this suite, allows for convenient device enrollment over the internet, streamlining endpoint organization.

Intune helps bring our endpoints and security management tools into one place.

Consolidating endpoints and security management tools simplifies IT and security operations. This unified approach offers a single solution or console for all tasks. Role-based access control ensures each administrator only sees and modifies what's relevant to their role. For example, the security team can access Intune solely for security-related functions, while the patch management team has its own set of permissions. This centralized management is significantly easier to handle than using multiple third-party tools. Intune provides a comprehensive solution where everyone can configure settings – security, endpoints, controls, etc. – within a single platform.

Intune offers endpoint visibility and IT control across various device platforms. It simplifies troubleshooting and device management compared to other solutions. Intune excels in providing a comprehensive solution. We can manage applications, security controls, and patching processes all within Intune. This eliminates the need to rely on three separate solutions. With Intune, everything is consolidated into a single platform, allowing for combined reporting and streamlined issue resolution.

Enrolling endpoints with Intune is a breeze! The overall user experience is excellent, easily a nine out of ten.

There are three critical features of Intune for maintaining our devices' security. Endpoint encryption ensures data on the device is scrambled even if it's lost or stolen. Intune supports BitLocker encryption for Windows devices and file-level encryption for Mac devices. Defender is a comprehensive security solution that helps protect devices from malware, viruses, and other threats. Compliance policies in Intune allow us to define security requirements for devices. These policies can enforce encryption, complex passwords, and other security settings. If a device doesn't meet the compliance policy, it can be restricted from accessing organizational resources. Intune can also send notifications to users or administrators when a device becomes non-compliant.

In the initial stages of migrating from our on-premises solution to Intune, we relied on device compliance policies. We configured these policies to require the latest antivirus signatures, specifically targeting developer devices. This ensured compliance and minimized the risk of non-compliance impacting their work. While compliance policies were initially used, we've since transitioned to Microsoft Defender, which now plays a major role in our device security strategy.

Intune's application deployment feature has significantly improved efficiency in our IT department. As one of its key functionalities, Intune allows deployment of a variety of applications with different extensions, such as .DXE or .MSI files. However, for applications requiring custom license scripts, batch files, or executables, Intune provides its own Windows app deployment toolkit. This toolkit facilitates the conversion of these files into a format compatible with the Intune app store and its update system.

The user interface is easy to navigate. Microsoft provides monthly updates that introduce new features. Previously, they provided pie chart visualizations for complaint and policy control status reports. These have been transitioned to standard chart formats. Overall, the UI continues to improve with each Microsoft update.

Company-owned devices are subject to a different set of policies. These policies may be very strict, restricting certain functionalities, or they may prioritize security above all else. On the other hand, for BYOD programs, we provide users with certain privileges for their mobile devices and laptops. We create a secure, isolated environment in a sandbox to manage the devices within that environment. Security is a major consideration for both BYOD and company-owned devices.

Intune has increased our IT productivity for patching and security by around 15 percent.

Microsoft Intune helps our organization reduce the risk of security breaches by eight percent by deploying zero-day patches in conjunction with Defender and Sentinel.

Intune has helped us consolidate vendors with the driver deployment and onboarding.

We manage configurations for Microsoft 365, co-managed devices, Azure, Defender security controls, and DLP controls within Intune. This centralized platform allows us to configure roughly 80 percent of these services and controls in a single location.

A valuable feature is user enrollment, where users can enroll their devices in their organizations themselves. This streamlines the process and saves IT time.

Another key benefit is zero-day productivity. During enrollment, the user has access to the applications and settings the organization needs them to have, making them ready to work immediately. Intune essentially pre-configures the device based on the user and organization during enrollment.

Finally, Intune offers easy patch management for various endpoints, including Windows 10, 11, and Macs. Deploying upgrades and monthly patches is significantly simpler compared to other solutions, both from Microsoft and third-party vendors.

The current Intune reporting functionality could benefit from some improvements. Specifically, a report that tracks patch deployment status would be valuable. Ideally, I'd like a report that provides device-level details on applications and controls deployed. However, it seems like other organizations might be more interested in control-centric reports, showing details like what control was deployed, the number of devices affected, and other relevant device data. Overall, reporting is the area where we're encountering the most challenges with Intune.

I've been using Microsoft Intune as a comprehensive solution for the past six years. While I had some experience with it before 2019, it was limited to mobile device management. Since 2019, I've been managing the full Intune suite as an administrator, overseeing Windows endpoints, Mac endpoints, Android and iOS.

I would rate the stability of Microsoft Intune eight out of ten.

Microsoft Intune excels in scalability, earning it a nine out of ten rating. It empowers organizations to migrate to the cloud and manage all their endpoints seamlessly. This includes a wide range of platforms like Windows, macOS, mobile devices, and even Linux. Intune simplifies endpoint management by offering a centralized solution for all these platforms.

The response time and technical knowledge of the support team is not what it used to be.

Neutral

We previously used an on-premises solution, Microsoft Endpoint Manager, to manage our devices. The pandemic necessitated a shift to the cloud.

The initial deployment of Intune can be complex because it is linked to Microsoft Entra, which itself is a complex product. This complexity depends on the desired outcome. Intune's deployment complexity hinges on whether users will enroll their devices themselves or if the IT team will enroll them and grant access. A proper pre-assessment is crucial to determine if Intune's complexity aligns with our desired outcome.

Our deployment took two months to complete because of the internal security approvals we required.

Three administrators were required for the deployment.

The price for Intune is fair.

I would rate Microsoft Intune eight out of ten. There are some improvements concerning the reports and there are other design-related concerns that we are looking at in Intune.

We don't have the tunnel option because we primarily work in a restricted computer environment. Our organization uses Microsoft Intune to manage applications within a dedicated sandbox environment. We perform frequent updates to ensure everything is current.

During the initial onboarding process, we encountered some challenges, and multiple teams were involved in resolving them. For example, users from India might experience issues like broken URLs or restricted access due to their ISPs. Similarly, in China, certain URLs might be blocked by some internet service providers. To address these issues, we initially involved additional administrators from each region on the administrative side. However, we've since transitioned to a centralized management structure with a core team of five to six members overseeing the entire organization.

We maintain a separate development Intune environment for User Acceptance Testing specific to the Asia Pacific region. Since our production environment is also located in Asia Pacific, we essentially have two Intune instances: one for development and one for production. We also have around 290,000 devices.

We have a team of five Intune administrators. The only maintenance required for Intune is the updates.

I recommend Microsoft Intune.

Based on the number of users and devices you're enrolling, I recommend having separate UAT and production Intune environments for larger deployments. For simpler environments, a single Intune license is sufficient to manage your devices and integrate with your Enterprise and Microsoft 365 solutions.

We use Microsoft Intune to automate the onboarding and maintenance of our customers.

Before using Microsoft Intune, we struggled with software deployment and remote device wipe capabilities.

Most of the Intune is for all the remote devices, so it's all on-prem. For cloud, it wouldn't make too much sense.

Microsoft Intune brings all our endpoint and security management tools into one place. We use both Mac and Windows devices. Having all our endpoints and management tools in one place is helpful. I have a single place to check for current status and add and remove assets.

Microsoft Intune provides full endpoint visibility and IT control across device platforms. Having full endpoint visibility and IT control across device platforms allows us to deploy and manage the systems more effectively.

Intune works well and is seamless for the users.

Intune has allowed us to standardize better.

Intune's use of Microsoft security signals has improved our security because we can now take remote action on these systems as well as have a more common deployment.

It has helped to reduce the risk of security breaches in our organization because of the standardization and single sign-on.

It has also helped us reduce the number of IT staff, saving us costs.

The Asset Management and Auto Pilot are valuable features.

One of the other features we leverage is the single sign-on that Intune facilitates.

The Mac integration has room for improvement.

I have been using Microsoft Intune for two years.

I have not had any stability issues with Microsoft Intune.

Microsoft Intune is highly scalable.

Although I have not used the technical support for Intune, I am not happy with Microsoft's technical support in general.

Negative

The initial deployment was complex until we understood the process. We went through a simple dev test and then prod methodology. 

Two to three people were required for the deployment.

We implement Intune for our customers.

For organizations that are a Microsoft shop, the pricing is compelling. To buy it outright, it's two dollars a seat, which is cheap. The price is worth it.

I would rate Microsoft Intune an eight out of ten.

We have 400 users across multiple regions internationally.

Given the evolving security landscape in the cloud, it's crucial that Intune Suite is integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices.

Maintenance is required to keep the packages up to date for any software we deploy. We have four people that deal with the maintenance.

I recommend planning and understanding how Intune will be used before deploying it.

We are using Intune for managing endpoint devices with zero-trust principles. The devices are not domain-connected because most people work from home. We do not trust these computers, so we use Intune to deploy and enforce policies related to updates, software installation, and management of admin users.

When we are using Microsoft products on mobile devices, we are using Intune to enforce policies on them.

Our usage is very simple. We are using Intune to manage devices that we do not trust. We are using Windows 365, and we install all applications only on these virtual PCs in the cloud. We do not have anything on endpoint devices. Not even a simple document can be downloaded there. We just have an access point to Windows 365 machines in the cloud. We are a financial company. There are not too many enterprise applications that we can use. We prefer to use zero trust. This means no there is no data on company devices at all. It is only on the cloud machines. It is easier to control one perimeter than 10,000 or 20,000 machines. We can reduce the attack surface in this way.

Intune increases the productivity of our IT team. 

There is a reduced cost of ownership and management. We do not need a lot of additional training. Administrators can share roles because its interface is similar to other Microsoft solutions. With one or two days of training, administrators can start working with it. There are a lot of Windows specialists in the market.

We work completely in a Microsoft environment. Its interface is similar to other Microsoft solutions that we are using such as Microsoft Defender. So far, for our administrators, it is easy to use. 

At the moment, we need more flexibility. We have some offices migrating to Windows 11 remotely. Sometimes, it is difficult to manage image installation because we have to collect some information before starting image deployment. Currently, Intune cannot collect the information needed for deploying new images.

We have been using Microsoft Intune for three years. I also used it for two years in my previous work.

Intune is a stable product with no significant issues. We have standardized hardware. We do not have a wide variety of endpoints.

Intune is quite scalable. We started with 3,000 machines, and we now manage 15,000 machines. Our endpoints will probably grow.

I have not interacted with Microsoft technical support personally, but I was satisfied with their support in my previous company.

Positive

I have not used any other solution in my current company.

We are using the public cloud for access, but everything is closed. There is no public access to infrastructure. Access is only through the cloud. There is no VPN or any other way.

I was involved in the security assessment in the beginning. The initial setup was quite easy because we did not look for very complicated functions. We did face some issues with the multi-user mode but resolved them. It took us about a month.

It requires maintenance. You have to review regular policies and adjust policies when something changes in the environment or you deploy new applications. Its maintenance is mostly done in-house. Only in a very complicated situation, we involve a third-party consultant.

We performed the deployment with the assistance of a third-party consulting company, not resellers. Three engineers from our team were involved.

Cost is not my department, but the product is included in the E5 license that we already pay for every user, so no additional cost is incurred.

We have not evaluated other options because Microsoft Intune is included in our E5 licensing. I would prefer to use the VMware solution, but that is not possible because Intune is included with our existing license. Buying any other solution will result in additional costs.

I recommend doing thorough homework and testing everything in a test environment. After ensuring that everything works fine, proceed with the final deployment.

It is not the best solution. It requires a bit more effort in management, but it works. It is not so flexible, but considering it is free for us, it is okay.

We are doing experiments with Copilot to see how we can use it. For some users, it is deployed, and we will be testing it actively. We are mainly using it to make emails, presentations, and documents better for the end users who will read them. We are an international company, and English is not the primary language for 99% of people. Copilot makes the documents more readable. We have not yet tested Copilot in Intune for security functions. We have SIEM and other security tools for insights. At the moment, we do not have a big need to start experimenting with Copilot in Intune. After we finish with the end-user use cases, we can switch focus on daily operations for IT teams.

Intune has not helped us consolidate vendors because we do the installation on the cloud. On endpoints, we have nothing.

I would rate Intune a seven out of ten because it is not so flexible.

We use Microsoft Intune for both application management and deployment for new users. Applications are packaged within Intune and then deployed to the end user's machines or devices, specifically targeting designated user groups.

Intune allows us to manage all our devices from one location.

The ability to manage all our devices from a single platform has significantly enhanced our security and IT operations. Previously, we relied on multiple applications, such as Ivanti and SCCM, to manage devices and security.

Intune is easier to use than SCCM. As a SaaS application, its services are GUI-based, simplifying its overall complexity.

We use Intune's advanced endpoint analytics to report the number of compliant devices, apply remediation, see the reasons for non-compliance, and track the number of BYOD devices. We can integrate third-party tools like ServiceNow if we need reporting or analytics that are unavailable through Intune.

Copilot's integration with our teams and Outlook has streamlined our workflow. It simplifies tasks like drafting emails and creating Word documents or PowerPoint presentations by providing helpful suggestions. Additionally, Copilot's independent profile allows us to reference documents from our OneDrive and seamlessly incorporate them into our emails. We can even leverage Copilot to reference Intune and integrate it into our various cloud data. Although Copilot is still in its early stages, its potential is evident. As we continue to use it, it will gather more data and refine its capabilities, offering even more features and benefits to end-users. Currently, we primarily use Copilot for drafting emails, creating presentations, and similar tasks, but its future applications are promising.

Intune helps protect data on both corporate-owned and BYOD devices in hybrid work environments. Devices can be registered through the company portal, and Intune can restrict their access to local storage, preventing unauthorized data downloads.

The endpoint privilege management feature helps restrict users' access. For instance, if they are accessing Outlook, they should not be able to access their local drives, preventing them from uploading or downloading anything from their corporate email. This feature enables those types of security settings.

Intune has significantly improved our productivity. Thanks to Intune and Autopilot, tasks that previously required four to five hours of IT effort can now be completed in just one hour. This translates to a 75 percent increase in IT productivity.

Intune has significantly reduced costs from a resource perspective. Thanks to Autopilot, scripting, and automation within Intune, a junior person can now complete tasks that previously required two engineers. This efficiency has resulted in a 50 percent cost reduction.

Intune has allowed us to consolidate other tools, such as SCCM and Jamf, reducing the need for additional licenses.  

The automatic patch management feature in the Intune Suite is helpful.

Intune has all the features enabled for Windows devices but needs to be improved on iOS and Apple devices. 

I have been using Microsoft Intune for one and a half years.

The response time from technical support has increased over time. Contacting their support remains straightforward, but while we used to receive a response within one hour, it now takes three to four hours for a Microsoft engineer to respond. The quality of their response has stayed the same.

Positive

Before implementing Intune, we used SCCM. We switched to Intune because of their advancements. We still use SCCM exclusively for server-related deployments, managing server-related applications, and patching. Everything for end-user devices has been moved to Intune. As for other similar tools, Jamf, which we used for iOS device management, can now be retired or decommissioned from our infrastructure since we can also manage iOS devices through Intune.

The deployment of Intune is straightforward, as it's a SaaS-based application. We set up our Intune connector and Azure Active Directory or the Azure AD Connect server to synchronize objects to Azure. Once that's done, we can manage our devices through Intune.

I rate Microsoft Intune nine out of ten.

The integration of Intune Suite with Microsoft 365 and Microsoft Security is included in our E5 license, providing us with the Intune license at no additional cost. This eliminates the need to purchase a separate Intune license, saving us money and streamlining our licensing.

We use Microsoft Intune to manage mobile devices across almost all platforms, including Android, Windows, and Linux, which was recently added just a few months ago.

Previously, we relied on on-premises infrastructure using SCCM to manage mobile devices alongside other tools. Intune is a cloud-based solution that empowers administrators to manage cloud devices, implement policies, and deploy applications. While other MDM platforms exist, Intune is a top choice due to its feature set.

Microsoft Intune consolidates our endpoint and security management tools into a single platform. While still under development with new security features on the horizon, the current capabilities offer administrators ample tools to fortify the environment.

Intune simplifies mobile device management by consolidating endpoint and security tools into a single platform. This centralized approach enables IT administrators to efficiently manage various aspects, including Windows updates, Wi-Fi and VPN policies, application restrictions, and user account creation, all within the Intune interface, significantly streamlining the overall management process.

The user experience is quite smooth for most users because administrators handle all necessary configurations. Options like Windows Autopilot and zero-touch deployment enrollment significantly simplify the process, minimizing user intervention and effort required to set up and use devices.

I currently support Microsoft admins and have handled numerous cases related to Enterprise Application Management. Many companies utilize this tool to manage their in-house applications. While not all companies employ this method, most larger organizations do. These companies often deploy their enterprise applications using Intune, which offers a feature that allows admins to protect application data through mobile application management policies. To enable MAM, applications must be wrapped with the Intune Software Development Kit to communicate with Intune services. This process is valuable as it empowers admins to safeguard sensitive data. Intune provides SDK options for both iOS and Windows applications.

There are two methods for automatically updating the application: independent updates within the application itself or updates to the application package managed through Intune. The chosen method depends on the enterprise application's configuration. Recently introduced Azure application registration simplifies the process by requiring registration before deployment, enhancing security through authentication.

We utilize advanced endpoint analytics within the Intune suite, and the recent release of Windows Autopilot's version has expanded the range of analytics tools available to administrators. While Intune provides data on devices and users under its management, more in-depth reports can be accessed through Log Analytics or Azure Monitor. However, Intune's analytics are sufficient for gathering reports on managed devices.

The advanced endpoint analytics feature within the Intune suite allows us to access detailed information about our devices. This includes data on device counts, specific settings for bulk administration or devices, and the ability to filter devices based on our needs.

I have experience with several MDM solutions. While Microsoft Intune is excellent for managing thousands of user devices, it may not be ideal for specific use cases like bulk printer or Jabra device management, which could present challenges. However, Intune shines in organizations with large numbers of users, especially when integrated with existing on-premises infrastructure or SCCM. This integration can streamline operations and reduce staffing needs. For example, a ten-person IT team might only require two to five people dedicated to Intune management with on-premises support. While I cannot provide a full sales pitch, I confidently recommend Intune to anyone seeking a robust MDM solution.

Copilot in Intune is valuable when integrated with back-end data, such as our existing tools and libraries. This integration empowers administrators to assess information effectively. However, the tool's effectiveness hinges on the quality of data input and query formulation. As users are still familiarizing themselves with Copilot, its adoption varies across environments, with some users enabling it and others disabling it.

Copilot in Intune simplifies IT operations by quickly responding to inquiries about integrated systems. Users won't need to search for specific details as Copilot offers a variety of solutions.

Intune offers more than device management; it also aids in user management. Regardless of the platform, Intune provides various options for device enrollment. Intune prevents mixing personal and corporate data, whether using a corporate or personal device. It also offers robust security features, enabling granular control over user access to applications, resources, and other tools.

In a hybrid environment, security management depends on whether devices are co-managed and how policies are configured in Intune. Intune offers various features, including remote actions, to address these scenarios. However, I discovered an issue with BYOD devices on iOS: wiping an enrolled device deletes all data, not just corporate data. This is a problem that needs to be addressed internally.

With the endpoint privilege management feature, the admin can create an EPM policy. If a user tries to access a resource, the admin will be prompted to grant or deny access based on the policy.

Suppose I need to access data, logs, or files on a Windows device that a global administrator restricts or requires approval for. In that case, I can configure an EPM policy to remind users that additional authorization is necessary. For instance, I encountered cases where users frequently mistakenly assigned test applications to production environments. To prevent this without restricting access or privileges, we configured an EPM policy to prompt users specifically when assigning that application to a production environment. This approach demonstrates how EPM policies can be tailored to address various requirements.

EPM provides an additional layer of authentication for accessing a resource, application, or permission. For ASR, we can define rules by which users can access the resources.

Intune has significantly improved productivity by simplifying tasks like certificate authority restoration. For example, using a deployed CA server certificate, I've set up a Wi-Fi profile with auto-authentication. Previously, expiring certificates required manual reissuance, but Intune automates this process by revoking certificates when they approach their expiration threshold. This threshold, configurable within the certificate profile, can be set as a percentage of the certificate's lifespan. A revocation request is triggered when the threshold is reached, ensuring a new certificate is issued for the device or user profile before the old one expires.

Intune's integration with Microsoft 365 and Microsoft Security for both cloud and co-managed devices is beneficial because it offers a centralized platform. We can directly assign licenses within Intune instead of using the separate M365 admin portal to create users, simplifying the process. Intune synchronizes features and functions from M365, streamlining management. However, purchasing new licenses still requires accessing the admin center. Despite this, Intune effectively synchronizes information to endpoints.

While conditional access isn't solely limited to Intune, we can also effectively implement and manage conditional access policies through Azure. However, Intune significantly simplifies application deployment, mobile application management, and policy enforcement, such as restricting user access to specific applications, thereby enhancing overall environment security. Furthermore, Intune automates numerous tasks previously requiring manual configuration by administrators, streamlining the process by creating simple policies for desired outcomes.

There are specific devices we can focus on. For example, due to GMS restrictions in China, we face limitations. However, BlackBerry UEM can enroll Android devices as Android Enterprise, though the exact method is unclear. We could explore whether Intune can replicate this functionality. Since GMS is unavailable in China, we currently rely on device administrator enrollment for managing Android devices there. This suggests potential opportunities to develop solutions or collaborate with Chinese partners to create new features within Intune for managing Android devices in the Chinese market.

I have been using Microsoft Intune for three years.

While some specific tenants experience occasional outages and bugs, our monitoring team is actively tracking an upcoming issue affecting certain tenants in specific regions. Both the support and broader teams are diligently working to resolve this. Aside from this, Microsoft Intune is demonstrating overall stability.

If an organization has the budget, they can easily scale Microsoft Intune.

Microsoft's technical support for Microsoft Intune and the broader Microsoft environment consists of several tiers. Customers can choose between broad commercial support, Pro support, or Premier support, the latter including dedicated Customer Success Account Managers and Incident Managers to facilitate access to specialized engineers. Support engineers are categorized into levels one, two, and three. We collaborate weekly with global subject matter experts to address ongoing issues and cases. For complex or backend problems, we engage the product group using a specific request form. While Microsoft previously employed support staff primarily in the US and Canada, they now utilize vendors in India and the Philippines, offering varying levels of expertise. To enhance support quality, Microsoft should invest in training these engineers and consider opportunities for full-time employment, rather than incurring the costs of recruiting and training new staff.

Positive

An organization migrating to the cloud typically requires an Azure subscription as a starting point. While our FastTrack Team offers full migration solutions, IT administrators can also independently move operations to the cloud by purchasing an Azure subscription, tenant, and licenses and configuring policies, privileges, and workloads. Existing on-premises infrastructure can be synced to the cloud using Azure AD Connect, enabling management within a hybrid or pure Azure AD environment. The ease of migration depends on the administrator's experience, and Microsoft support is available for those requiring assistance.

One to two solution architects are enough for the deployment.

Several factors influence the time required for deployment. For instance, with a user base of 100, deployment can be achieved within a week. However, environments with thousands of users and devices, especially on-premises setups, present greater challenges. Customers or administrators migrating to the cloud and adopting Intune often follow a phased approach. They typically start by deploying and testing a subset of policies to assess manageability and feasibility before proceeding with application deployment. As a result, the overall deployment timeline varies significantly across organizations and can extend to several weeks.

Microsoft services are slightly more expensive than competitors but offer advantages and disadvantages. Even if they charge a premium, they aim to provide equal value.

I have experience with SOTI MobiControl, Jamf Pro, and AirWatch. SOTI MobiControl excels at managing specific devices, offering a list of compatible models upon request. Intune, however, struggles with printer management and Zebra device compatibility. Its network security features are limited due to ongoing development, and it lacks in-built policies for third-party applications, hindering compatibility and communication with external devices and manufacturers. While custom policies can be implemented, comprehensive built-in options would be beneficial.

I would rate Microsoft Intune eight out of ten.

Intune requires no maintenance after initial deployment, but ongoing subscriptions are necessary for each user as individual licenses are needed monthly. Microsoft continually updates the service to support the latest operating systems and applications, so ensuring our environment is up-to-date is crucial for optimal performance.

Microsoft Intune is a good tool, and to simplify operations, I recommend a full cloud environment over a hybrid environment.

We use it for pretty much everything related to endpoint management. We use it for bring-your-own-devices and corporate-related devices such as laptops and tablets. We have various operating systems such as Windows, iOS, and Android.

Microsoft Intune is helping to streamline operations and minimize administrative overhead.

We are using the Enterprise Application Management features of Intune Suite. It is very well designed and very well suited for Microsoft-related applications. Third-party applications can require some workaround. They do not always organically fit into the solution, but, overall, it is a great option to have visibility into what the users are using and be able to set up some policies based on that. We can allow applications or deny applications. We can manage what users can onboard. Overall, it is a great solution. We can definitely simplify and streamline some security operations.

Microsoft Intune is great for securing hybrid work and protecting data on company and BYO devices. What is more important is that it is not a static product. It is not that the product is very well established and not moving anywhere. It is constantly evolving. Microsoft seems to be spending lots of resources trying to improve and bring new features. That is great.

We are starting with Intune's Endpoint Privilege Management feature. It definitely impacts productivity. It is great and definitely helps a lot. It helps minimize the attack surface because you do not have elevated privileges accounts available all the time. It helps mitigate or shrink the potential impact or potential entry points into the network.

Microsoft Intune has helped us to manage the accounts with elevated privileges. We are a managed service provider. We sometimes have big turnarounds on the help desk. By their job definition, many of them are supposed to have access to different clients and different sensitive areas. It helps us to mitigate and manage these accounts, and, as a result, to be more secure. We can make sure that those accounts are not being distributed very freely. We have control over their actions. We have control over what they are doing. We have full visibility and accountability.

Microsoft Intune is easy to use, and it is able to enforce policies towards multiple devices. It is able to bring multiple classes of devices into the same security posture. I found that very useful.

The interoperability or communication with a different platform can be better. It is a two-way street. It is not only about Microsoft. The other platforms also have to be willing to share some information, but that absolutely can be improved.

I have been using Microsoft Intune for five to six years.

It depends on the level of access you have. We are a managed service provider, so we do have access to Microsoft. Generally, it is okay if you are able to find the right parties to talk to. It can definitely be improved.

Neutral

We did not use any other solution previously.

First of all, we do not have to deploy any third-party privileged account management solution. That is one tangible benefit. An indirect benefit is that by protecting your environment and making it more secure, you are potentially avoiding any downtime. It is hard to quantify what that downtime cost could be.

If an account with elevated privileges is compromised, you need to perform a lot of work. You need to change the password, disable the account, and recreate another account, so 10% to 15% of the downtime definitely could have been avoided.

We use Defender ATP and E5 licenses.

Intune was an organic choice because we are a Microsoft shop. We use everything that Microsoft can offer.

Microsoft Intune is a great solution. If you have a Microsoft environment, it is definitely the way to go. It can help you to streamline operations and simplify a lot of things. If you go into a multi-cloud environment where you have AWS, GCP, or any other cloud workloads, it may be a little bit more complicated. If you are a Microsoft shop, it is the way to go.

In terms of user experience, for the end users, it is pretty much seamless. It is more on the administrative side. If you properly configure it, it is a relatively seamless experience.

We have just started working with Microsoft Copilot in Intune. It is a very fresh solution. It has just been released, so we are setting up use cases and working with Copilot. We have a Copilot for Teams. We have a Copilot for Microsoft Office that we are utilizing. We have started playing with Copilot for some security operations. It is yet to be determined how much value it can bring. Generally, it can help you analyze and optimize some workloads and events more efficiently, effectively, and quickly. There is great potential, but we will see how it is in real life.

I would rate Microsoft Intune an eight out of ten.

I worked with Microsoft Intune in my level two support role. My tasks included license assignment and assisting users with configuration issues, especially in mobile device management for iOS and Android devices.

The features I found most valuable in Intune are its user visibility and troubleshooting options. With Intune, I can easily search for a user and see details about their devices and real-time activity. The advanced audit log is especially helpful for diagnosing login and communication issues. Another standout feature is Autopilot, which simplifies machine integration by automatically adding devices to the domain when they are logged in.

Areas for improvement in Intune include expanding support beyond Samsung devices to accommodate other Android manufacturers like Redmi and Motorola. Additionally, there is a need for better support for Linux operating systems, as patch management for Linux is currently not managed by Intune, unlike for Windows devices.

I have worked with Microsoft Intune for three years.

In terms of stability, Intune generally performs well, but there may be occasional bugs like the issue with Redmi devices. While bugs are addressed, the resolution process can be time-consuming.

Intune is a scalable tool with long-term viability. I think it is likely to remain stable and relevant in the market for at least the next decade, even as competition evolves.

I would rate the technical support team for Intune as a five out of ten. It could be improved a bit.

Neutral

The implementation of Intune follows a structured process, starting with a change activity managed by a dedicated team. This involves creating a ServiceNow ticket detailing the implementation plan, rollback options, and involvement of various teams. After approval, testing is conducted, followed by deployment in a phased manner, typically at the beginning of the month to avoid interfering with critical month-end activities.

In comparison to other vendors, Intune is reasonably priced because it offers a comprehensive package that includes email access, Outlook, Office, and OneDrive storage, with storage increasing based on the license. Other service providers may have limitations and additional storage charges, whereas Intune provides services within a single cost, making it attractive to many companies for its flexibility and included features.

We used Microsoft Intune to solve problems, such as ensuring device security and compliance. For instance, some Redmi devices weren't meeting encryption requirements. We addressed this by enabling developer options on those devices, specifically, Redmi models 5 and above. We documented this solution for reference and future troubleshooting.

The most effective feature for managing and securing our mobile workforce is multifactor authentication. It adds an extra layer of security by requiring additional authentication steps when logging into devices. Additionally, conditional access policies allow us to set specific rules, such as blocking downloads or file transfers from personal devices to company resources, ensuring compliance with security policies.

It took about six months to start seeing the benefits of Intune deployment, especially regarding application deployment and user machine management.

Intune integration with other Microsoft products has strengthened our device management strategy by incorporating in-house applications like Outlook, Wi-Fi, and others. Additionally, it provides a mechanism similar to the Google Play Store for adding required applications internally, including Microsoft products like Dropbox, Google Chrome, and others.

Intune is deployed across various locations and departments within our organization. Licenses are allocated based on department and employee roles by our Office 365 team. Users are added to Active Directory groups, and ServiceNow automates configuration and support requests.

Intune requires regular maintenance, typically provided by the IT team or architects. Microsoft releases service updates approximately every three to four months, during which maintenance downtime may occur. 

I would recommend Microsoft Intune to others, especially those working in the field of technology. Staying updated with new technologies is crucial, and Intune offers valuable features for device management and security. However, the decision to use Intune depends on individual needs and preferences, as well as company requirements.

Overall, I would give Microsoft Intune a seven out of ten. While it is a solid tool, there are other competitors in the market like AirWatch and BlackBerry UEM that offer similar functionalities.

I use Microsoft Intune to manage and secure all our devices from one central platform. It helps me enroll and configure devices, deploy applications, and enforce security policies.

We chose Microsoft Intune to enhance endpoint management, leveraging Azure Active Directory for robust authentication. Intune's cloud-based solutions streamline device and application management, providing a user-friendly interface while ensuring strong security measures and policy compliance.

Intune has significantly bolstered our organization's security by consistently applying the latest security policies and conducting regular assessments. Its proactive approach ensures that our security measures remain robust and up-to-date.

It has significantly increased overall IT productivity in the company by enhancing efficiency and operational effectiveness. For example, its continuous monitoring and detection capabilities prevent unauthorized access attempts and streamline resource creation processes.

Microsoft Intune has notably reduced the risk of security breaches in our organization. It has significantly elevated our security posture, which is evident in the increased security score it has provided.

Microsoft Intune has helped our company save costs, especially with the implementation of policies like BYOD. This has been a significant cost-saving measure for us.

The standout features of Intune are its excellent mobile device management and highly effective application management capabilities. They streamline our operations and significantly enhance security measures.

In terms of improvement, Microsoft Intune could enhance its patch management for various devices, ensuring regular updates and tracking of device privileges. Performance reports would also be valuable for better monitoring and management.

I have been working with Microsoft Intune for five years.

Intune is a quite stable product.

We have 2,000 users currently utilizing Intune. It is highly scalable.

I would rate Microsoft's technical support as a nine out of ten.

Positive

Before Microsoft Intune, we were using SCCM, which is a more traditional approach. We switched to Intune for its modern and comprehensive capabilities, as SCCM lacked certain functionalities and agility.

The initial setup of Intune was straightforward, taking just one day to deploy. Our implementation strategy focused on identifying and securing all available assets, including desktops and mobiles. The setup was managed by one person.

Endpoint Privilege Management, through enforcing the least privileged access, enhances user productivity by safeguarding sensitive resources and data. This proactive approach aligns with auditor-defined policies, ensuring secure privileged account life cycles and minimizing operational costs. It simplifies management while providing robust protection.

Endpoint Privilege Management strengthens our security against attacks by limiting privileged access. For real-time protection, it defends against malware threats on all devices, including new or remote ones.

Intune helped us consolidate vendors, enhancing security without significantly affecting license costs, as it operates on an enterprise model. This streamlining has improved our overall vendor engagement.

Intune's integration with Microsoft 365 and Microsoft Security is crucial for our cloud journey. It provides the flexibility for users to bring their own devices and work from anywhere, aligning with our automation scaling needs.

My advice for people who are considering using Microsoft Intune is to go for it. It offers excellent scalability, accommodating any number of devices, and it is straightforward to set up, providing effective plug-and-play functionality. Overall, I would rate it as a nine out of ten.