Microsoft Intune Reviews

I use Microsoft Intune to manage and secure all our devices from one central platform. It helps me enroll and configure devices, deploy applications, and enforce security policies.

We chose Microsoft Intune to enhance endpoint management, leveraging Azure Active Directory for robust authentication. Intune's cloud-based solutions streamline device and application management, providing a user-friendly interface while ensuring strong security measures and policy compliance.

Intune has significantly bolstered our organization's security by consistently applying the latest security policies and conducting regular assessments. Its proactive approach ensures that our security measures remain robust and up-to-date.

It has significantly increased overall IT productivity in the company by enhancing efficiency and operational effectiveness. For example, its continuous monitoring and detection capabilities prevent unauthorized access attempts and streamline resource creation processes.

Microsoft Intune has notably reduced the risk of security breaches in our organization. It has significantly elevated our security posture, which is evident in the increased security score it has provided.

Microsoft Intune has helped our company save costs, especially with the implementation of policies like BYOD. This has been a significant cost-saving measure for us.

The standout features of Intune are its excellent mobile device management and highly effective application management capabilities. They streamline our operations and significantly enhance security measures.

In terms of improvement, Microsoft Intune could enhance its patch management for various devices, ensuring regular updates and tracking of device privileges. Performance reports would also be valuable for better monitoring and management.

I have been working with Microsoft Intune for five years.

Intune is a quite stable product.

We have 2,000 users currently utilizing Intune. It is highly scalable.

I would rate Microsoft's technical support as a nine out of ten.

Positive

Before Microsoft Intune, we were using SCCM, which is a more traditional approach. We switched to Intune for its modern and comprehensive capabilities, as SCCM lacked certain functionalities and agility.

The initial setup of Intune was straightforward, taking just one day to deploy. Our implementation strategy focused on identifying and securing all available assets, including desktops and mobiles. The setup was managed by one person.

Endpoint Privilege Management, through enforcing the least privileged access, enhances user productivity by safeguarding sensitive resources and data. This proactive approach aligns with auditor-defined policies, ensuring secure privileged account life cycles and minimizing operational costs. It simplifies management while providing robust protection.

Endpoint Privilege Management strengthens our security against attacks by limiting privileged access. For real-time protection, it defends against malware threats on all devices, including new or remote ones.

Intune helped us consolidate vendors, enhancing security without significantly affecting license costs, as it operates on an enterprise model. This streamlining has improved our overall vendor engagement.

Intune's integration with Microsoft 365 and Microsoft Security is crucial for our cloud journey. It provides the flexibility for users to bring their own devices and work from anywhere, aligning with our automation scaling needs.

My advice for people who are considering using Microsoft Intune is to go for it. It offers excellent scalability, accommodating any number of devices, and it is straightforward to set up, providing effective plug-and-play functionality. Overall, I would rate it as a nine out of ten.

Our main use cases with Microsoft Intune are about how we automate the deployment. Auto-pilot is a feature that we normally recommend. Another piece is about the package deployment, where we recommend, or have helped, customers in deploying and converting their Win32 application. These are the two main areas in terms of automating the enrollment and Win32. Another use case in terms of the Apple, which is being used more by the customers, is where we recommend them to go for the zero touch process by using the AD.

Intune's feature that I have found most valuable is its auto-pilot feature. The main thing is that it keeps building it. Also Intune's capability in terms of Mac, which is slowly increasing, although the customers are moving towards vMOX and leaving the Intune just because of its limited capability with Mac, though it has already been enhanced. More features include the conditional access and the app production policies with respect to BYOR devices. These have been increased a lot in terms of security.

In terms of what can be improved, I am looking for better enhancements regarding Apple management, not only on the mobile device, but also on the laptop.

Other than that, it already has good capability with Windows, and it is already very good for the mobile device. The only area that is missing is for the Mac products.

I am using Microsoft Intune for the last two, three years.

In terms of maintenance, since it is a cloud product, it automatically gets updated by Microsoft. So there is no maintenance required for the upgrade part. But definitely the maintenance part that we track is the software asset management - that the devices are there and that the patches are deployed on a timely basis. We also do maintenance on the dashboard reporting feature in terms of whether the devices are compliant or not compliant.

In terms of performance, devices will be automatically enrolled and all the applications will be deployed. So it will be ready to use once they log in with their Azure-ready credentials. That is zero touch for them. In terms of having integrations in place with other tools, any issues they face will have proactive or automated actions to resolve their issues, instead of raising them and going through the long process of raising a ticket and the resolution.

Scalability is good.

In my experience, the customers who are mostly going for the Intune are small, medium and large companies. We have seen a mix. These days we have seen a large base of customers having more than one device. So it could be suitable for any size company.

Not too much to say on support. It is pretty fast. But in some of the instances we did not get much or a proper resolution where we had to troubleshoot a lot. But in most of the cases, support was good.

Initial setup is a simple process. It is a cloud solution. It is easy to deploy and easy to integrate with other tools as well. If we have to integrate with on-prem or Azure-ready through an AD connector, it is easy. Also, it is capable of integrating with other tools.

In terms of deployment, having things in the VM or physical VM or physical system in place and the ports enabled, as the main infrastructure is all in the cloud, is only part of connecting with the Azure already and the AD connectors, and does not take much time. With full testing, it takes one day if all things are in place.

Their price is really good. That is the reason customers move here, because as part of the Office 365 package, they always get the E365 as well, which makes it easy for them to manage their devices without having additional licenses for Intune.

That is the best part.

The main differences between Intune and other products are, like I mentioned, in terms of the Mac. If the customers are majorly moving and adopting Mac laptops while they are using the Intune, they are leaving for other platforms, like Workspace ONE and vMOX. That is the reason for moving and the major difference I have seen these last couple of months. But at the same time, if there is not much dependency on Mac devices, they are moving from other platforms to Intune, also.

My advice to anyone considering Intune would be to definitely test it and have devices enrolled at least in a pilot phase. They will get feature compatibility, the policies, and the auto-pilot feature. So, I would recommend to do at least a POC, and then decide.

On a scale of one to ten, I can rate Intune an eight.

I work for a company that deploys all of its iOS and Android devices on Intune. It can manage company and personal mobile devices. We have 150,000 users.

It helps us secure hybrid work. Some users work on company devices at the company, and some use personal devices. We have set app configuration and protection policies in Intune.

When customers travel, they carry their tablets or cell phones, so they need to access corporate resources, such as emails, chats, and files. Instead of carrying their laptops, they can easily access corporate services from their tablets or mobile phones. 

Intune increases productivity by 80 to 85 percent. Since adding Intune, our budget has increased. We are trying a few new things, and corporate is doing data testing. We've also had to purchase more licenses. The budget has increased, but it's worth it. 

We can implement a MAM policy in this Intune and protect the device through mobile application development without touching it. The interface is easy to use and understand. 

Microsoft brings all my endpoint and security tools into one place. Intune and endpoint manager are there. We can control our devices at the maximum level. I'm fully satisfied with Intune. 

With the application management feature, we can manage Google Play and publish applications from there. Per user requirements, we can deploy applications to Intune and to the user machines.

We had an APNS certificate set to expire last week. We tried to renew it two days before it expired. We logged in to the APNS portal but could not find that certificate.

We didn't know where it went. All the iOS devices stopped working. We contacted the Apple and Microsoft teams, and each blamed the other. This is something that Microsoft should take care of. Last week, we had so many escalations from high-profile users who couldn't access corporate data on their devices.

I have used Intune for more than two years.

I rate Intune 10 out of 10 for stability. We've had no issues.

I rate Intune 10 out of 10 for scalability.

I rate Microsoft support seven out of 10. When Microsoft support engineers can't resolve an issue, they refer it to the technical department, which will come back in a month. Then, you have to explain the entire issue from the start. 

Neutral

Before Intune, we used IBM MaaS360. Intune is more flexible. With the IBM product, we had to contact their product team to make any changes. Intune is more customizable. 

The deployment is a little complex. We previously had an on-premises data center, but we have migrated everything to the cloud in the past six months. Implementing Intune took months. We have two data centers: Bangalore and Kolkata. Migrating a lot of data was a lot of work. After deployment, it requires no maintenance.

Intune isn't cheap, but it's fairly priced.

I tried the AWS but the user interface is not as good as Intune's.

I rate Microsoft Intune eight out of 10. 

Around 90 percent of our platforms are in the cloud, and our company uses them to manage access to various platforms. In our company, what we used to do when we were on an on-premises setup was to use group policy to basically manage access and authorizations to various services, which can be quite challenging because not everything you want to do on GPO even though it is available in it. You can use or manage VBScript and PowerShell, but it was a bit challenging. With Microsoft Intune, you already have specific processes and platforms that have several things you can do with it in terms of security and in terms of making everything standardized, sort of a standard desktop, or even a customized one based on the user's job title, ranging from executive management to basic back-end staff. Microsoft Intune allows you to customize everything, like security, the availability of some features, and even updating particular systems or where and which system can access which service from a geographical location, which we couldn't do with GPO. Microsoft Intune allows us to be very flexible.

Applications have a feature that allows you to deploy applications remotely to different systems. They can be Windows-built, some business applications, small scripts, or even custom applications. The tool can even deploy fixes, and it has been one of the features we use quite frequently to troubleshoot and fix issues.

The tool brings all of our company's endpoint and security management tools into one place.

Speaking about the impact of Microsoft Intune on our company's IT and security operations, I would say that the tool has done a good job in terms of centralized management, but there is still a lot it can do. Microsoft Intune is just a mobile device management platform. It doesn't really implement security, specifically in terms of endpoint security for ransomware and other attacks, so our company has to supplement with other solutions.

If I assess Intune's user experience, I would say it is perfect and simple. In general, the tool is very easy to use. Every feature or domain, ranging from compliance to security to DLP, integrates very well with Microsoft's other modules.

I am using certain aspects of Microsoft Intune Suite, which involves the new collection of advanced endpoint management and security tools.

If I assess Microsoft Intune for securing hybrid work and protecting the company data and the data on my own devices, I would say that it works very well in handling BYOD cases. For all the corporate business apps, you can't share data outside Microsoft Intune or the enrolled devices. It has to go through all the approved suites of Microsoft Project and then into OneDrive so that we can tell where that information passed, making it basically a DLP type of thing. You can't copy and paste anything into an external product since it must be within Microsoft's suite. The tool really helped our company keep certain information confidential within Microsoft Office Suite, and it doesn't go outside, which is helpful.

I use Intune's Endpoint Privilege Management feature in Microsoft Intune. Speaking about how Intune's Endpoint Privilege Management enables our company to enforce the least privileged access that affects user productivity in our organization, I would say that all our users are at the basic level. Depending on the function users need to do, privileged access might be required, and we can basically elevate them to do it, and then we don't have to do anything beyond that.

In terms of how important it is in the context of our company's journey to the cloud that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices, I would say that the integration part is the key since it has to follow everybody, whether they work on the company's premises or remotely with Microsoft Intune.

Improvements can be made by allowing server integrations since it is an area where the product currently has shortcomings. Currently, it is just endpoints, Windows, and mobile devices, but we would like to see the servers integrated into the tool as well so that the product covers everything.

The product currently lacks any features. For most of what we can't do with the features available in Microsoft Intune, we use PowerShell to address such areas.

I have been using Microsoft Intune for ten years. I work with one of the past versions of the tool.

My company hasn't faced any stability issues associated with the product since its deployment.

It scales up pretty much with ease. It reduces the work on the admin side. It is a very scalable tool.

With Microsoft Intune, my company covers more than 250 devices. I would probably say that it goes up to 300 devices. My company also has many remote staff members.

I have provided technical support for the solution once or twice, but all the information regarding the fixes is mentioned on the internet. I rate the technical support a ten out of ten. In my company, we haven't had any challenging situations that required a prolonged fixing process, and it was usually done in a day or two, within which it used to get resolved.

Positive

Before Microsoft Intune, I used a different solution for enterprise mobility management named VMware AirWatch. My company started using Microsoft Intune since it was bundled with the other services offered under Microsoft. I think my company moved to a new plan with Microsoft, and Microsoft Intune was present in it with Microsoft Enterprise Mobility + Security (EMS). My company thought about why we should pay for another service when we already have one.

VMware integrated with Microsoft like a connector, but every time there is a change or an upgrade to Microsoft's platform, it sort of disrupts VMware. My company then figured out that the closer we are to Microsoft's platforms, the better, which in turn helps us consolidate vendors.

My company involves two types of judgments to determine whether or not the consolidation of vendors my company deals with has affected our security posture. We have a Gartner evaluation, and we are trying to see if our current vendor is at least in the leadership quadrant. After that, we go for their products. Even if a tool is not at the top, it is a win-win situation for us as long as it is there. Gartner has been important in helping our company decide which vendor to consolidate products and services on.

The consolidation of affected vendors has not reduced our company's licensing costs. We recently discovered that Microsoft is basically unbundling several parts of its products. People can now choose Microsoft's models, but you cannot choose what you want as an add-on. In such a phase, we are going to have to compare apples with apples. If Microsoft unbundles Purview, for instance, we have to look for a similar DLP and compare it in terms of price and performance.

I was involved in the tool's initial setup process. Initially, my company faced some complexities with the product's initial setup phase, especially in terms of how to deploy it remotely. We basically had to have every device in front of us physically to do the deployment.

Considering that the deployment phase was an ongoing process, it took three months to be completed.

The product's deployment phase was carried out with the help of our in-house team with the help of the information in the tool's manuals.

The solution was deployed with the help of three people in our company.

From a cost-saving perspective, my company has no information associated with the tool. When we get the budget approved in our company, there is an additional buffer, causing us to have more of an overcapacity scenario rather than an undercapacity one.

My organization is still in the process of discovering several of the overall benefits that we have experienced from the use of the product. My company keeps discovering new features when we use Microsoft Intune's capabilities.

My company has not done any evaluations to figure out whether the product could generate any return on investment. It is something we should do in the future.

In my personal opinion, the product does offer value for money since it offers good security.

It is not difficult to maintain the product. Once the configurations are set at a basic level, the tool just keeps modifying itself and keeps on improving.

In terms of the product price and licensing costs, my company finds the product to be reasonably priced. As long as our budget is approved for it, everything is fine with the pricing part.

My company did not evaluate any other options against Microsoft Intune.

I am not using the enterprise application management features of Microsoft Intune Suite. For applications management, we are basically doing SaaS for most of our applications, so they are on the cloud. The least we do in our company is MFA or two-factor authentication and single sign-on into the enterprise applications, but they are basically on Amazon AWS or SAP.

I am not using the advanced endpoint analytics in the tool.

My company doesn't use Microsoft Copilot in Intune. I would say that my company is waiting for Microsoft Copilot to reach an advanced stage. When I say advanced stage, it means handling business cases that apply to our company's type of business. What we have seen in our company is that in areas like customer relationships and retail banking solutions, Microsoft Copilot works. With Microsoft Copilot, our company hasn't seen any business case related to our work. Microsoft Copilot is mostly for chatbots in CRM and other things, but that is not what my company wants. My company is waiting and hoping that we will see advanced features in Microsoft Copilot by next year. I am working with the basic capabilities of Microsoft Intune.

Intune's Endpoint Privilege Management's least privileged access doesn't affect our organization's attack surface since it is handled by a different platform named Symantec.

My company has not measured if Microsoft Intune has affected IT productivity in our organization, but I believe that it is something that we should do.

I would suggest those planning to implement Microsoft Intune in their company start with a pilot group and implement every aspect they want to implement with that group across different devices, ranging from Androids, iOS, Google, and everything else. In my company, when we did encryption, we found that Android already has an encryption feature, which is basically for Android, so we couldn't turn on the encryption feature. If we did turn on the encryption feature, we would lose information because it was already encrypted by Android.

I rate the tool a ten out of ten.

We are currently using Intune, and we are also deploying it for customers. We use Intune to manage our mobile devices. We manage our Android and iOS devices with it, and at the same time, we also use Intune to manage our macOS and Windows devices.

During the pandemic, there were devices that we couldn't control. For example, we wanted to manage BYOD and make sure that they are secured so that when they access our corporate resources, our data, computers, users, and mobile devices are protected. We use Intune to publish some of our company applications and at the same time push down our restriction policy and configuration profiles, such as VPN.

We are a vendor, and we deploy the Intune solution. We see that our clients have benefited from this solution. They're able to manage devices that were previously not managed. They are able to secure those devices. It also improves the productivity of the users. They can work from wherever they are and leverage their own devices to access company resources. So, productivity-wise, users are more productive when it comes to Intune.

Based on my experience, I find Intune very flexible for managing Windows devices. We can use scripting, and we can make use of the self-service portal or the company portal to publish some of the applications for Windows.

I'd suggest adding more features for macOS in Intune. There should be more functionality for managing macOS. There should be a better capability for pushing things down on macOS. Currently, Intune is not capable of managing macOS at the same level as Windows.

It has been four years since I've been using Intune.

I'd rate it an eight out of ten in terms of stability because it sometimes breaks. That's mainly because Windows OS keeps on changing because of upgrades and things like that, and there are some instances where it's not supported, or it has not been tested fully on a specific version of OS.

We haven't yet gone down to the scalability part. It meets the needs of our customers. What they have right now in the cloud is sufficient and satisfies the requirements. So, scalability is not a problem.

Some of the deployments are done across sites, so there are multiple sites.

I have interacted with their support. I'd rate them a ten out of ten.

Positive

We have previously used MobileIron and Jamf Pro.

The deployment model for Intune is cloud basically, but for other MDM solutions, it's on-prem because the government and healthcare sectors prefer to use the on-prem solution.

The deployment duration depends on the project timeline and the complexity of the deployment. A fresh Intune deployment is straightforward. We just need to do the configuration and create configuration profiles. For example, for Windows OS, we can enroll 1,000 devices in a month or something like that depending on the availability of the machine. Everything is configured in the backend, so they just need to power on the device, and everything works as expected, and everything is pushed down.

The number of people required depends on how many machines need to be deployed and users' availability. The model that we're having right now is that for a new device, it's straightaway delivered to the user. So, there is no involvement of IT because it's an autopilot deployment. When a user powers on a device, the configuration kicks in. The users just log in using their user accounts, and that's all. So, one IT person is enough to configure the backend.

We implement it in-house. It does require some maintenance, but that's taken care of by another party.

It's affordable. It's cheaper if you have an Office 365, E5, or E3 subscription because everything is there.

I evaluated VMware Workspace ONE, which is similar to Intune. They both can manage multiple OSs. 

While evaluating, I'd advise evaluating each and every feature of Intune and using multiple operating systems, such as Android, iOS, Windows, and macOS. You should see the capabilities of Intune and also check how to integrate Intune with other solutions. For example, for security, there is endpoint protection, etc. You need to check that because one of the requirements is to make sure that the computers and the mobile devices are secure, but Intune cannot secure your device itself. It's just an MDM solution. It only restricts some of the functionality. It cannot do more in terms of security. You need another solution to secure your devices, and you must check that your security solution can be integrated with Intune.

I'd rate Intune an eight out of ten.

Intune is being used by our organization for managing end-point security for our employees and customers.

We are in the financial domain where financial transactions are done. It is quite challenging to secure all the devices and systems. We have more than five banking and financial services-based applications running from the cloud. So it is a priority to protect those applications.

We have increased our overall productivity by 20 to 25 percent. Because devices are all handled remotely, and even though it is quite challenging to handle all the types of information and data from all the devices to make them secure, Intune has provided a good way to maintain everything seamlessly.

All the features are good. It has the ability to handle mobile device management and all your security infrastructure. But one of the best features is Windows Autopilot because if you change any of your devices, whatever security policies and compliance policies that applied can be easily migrated to the new devices. Windows Autopilot gives you that flexibility. You just turn on the new machine and synchronize it and Windows Autopilot does the rest.

It provides centralized administration of all our mobile devices for updates, security, patch management, and upgrades.

Also, because our team is spread out and there are users who work remotely, if their devices are stolen, damaged, or lost, we can wipe their data at our end so that there won't be any data loss. There might be useful information about our organization on the device. Because we can easily wipe their data, no third party can access that data.

In addition, it is easy to roll out policies and configurations to N number of devices.

It should enable remote connection without involving any third-party application tools. Currently, if we connect another PC or any other machine, it requires a third-party integration to connect to it through Intune. That should not be the case.

The UI also needs improvements because it is complex for end-users. We have had feedback from a few users in our organization who found the UI is not feasible for tracking and analyzing all the processes and monitoring all the devices.

I have been using Microsoft Intune for two years.

The stability is good. We haven't faced any issues yet. It is a nine out of 10.

It is scalable. There is the ability to scale resources at your end, but you have to pay more for that.

We don't require too much technical support, because all the training materials and guidance documents are available online on Microsoft's site. We have had no issues with that.

Positive

We used ManageEngine Endpoint Central. Its features and functionality are quite similar to those of Microsoft Intune. But we had to migrate to Microsoft-based solutions and we found Intune to be better than the others.

Another main reason we are using it is that Intune provides end-to-end security for Windows OS, macOS, and our systems. Earlier, it was Microsoft Endpoint Manager. Intune is very good software, a good cloud-based solution.

The initial setup is quite easy because it is a cloud-based, managed service. There is nothing complex about it.

We worked with Microsoft. About 10 to 12 of our staff were involved, mostly from the network and infrastructure groups.

The return on investment, in terms of the features and the expectations of the solution after deployment, is good. It is positive.

The pricing is challenging. Microsoft needs to pay some attention to it. It is good for big enterprises, but I'm not sure that small and medium-sized organizations can adopt it.

The pricing includes maintenance, upgrades, and updates.

In addition to ManageEngine, we looked at BigFix by HCL.

There are a lot of differences. Integration and compatibility are major aspects. If you are familiar with other Microsoft solutions, using a new Microsoft solution is not complex. It's easy to understand. That is one advantage. 

And overall, the features and suitability of Intune are unmatched.

My advice is that if you are already using Azure as a cloud service provider, Intune is a good choice, without compromising with third-party vendors and tools. It gives you the flexibility and integration capabilities with other Microsoft products.

I am an Operations and Infrastructure manager. I do not use it directly. My team is the implementer, and I oversee it. I know the product, and I know what I can do and what it can do. I just do not push the buttons.

We are still launching it. We have about 85% of our PCs in Intune. We have only got two or three conditional access policies and compliance policies in place.

We are using it for endpoint management for basically getting control. Our next step will be to launch Autopilot. We will use Intune Autopilot and then also security policy management and group policy management. We will also use it for updates and patching compliance.

At this stage, we have not fully utilized its capability for securing hybrid work and protecting data on company and BYO devices. We are still growing. We have been managing our security manually through the security portal and through Azure Security. Intune can provide an additional level of management capability by bringing all of the external services into one management console. It is going to make managing our security posture a little bit easier.

Intune has not yet affected IT productivity in our organization, but it will. Once we start bringing on the remote support capabilities and we are fully compliant in terms of touch management and minimum touch levels, it is going to ease up a lot more. There will be more time and resources for us to look at the other features and capabilities.

Intune has helped to reduce the risk of security breaches in our organization, and that is purely due to its patch management at this stage.

Intune has saved us costs. As it is bundled with our enterprise agreement or enterprise subscription, we have not had to look at additional products. I am still hoping to convince our business that maybe Absolute is not needed if we can manage things with Intune. As we are still relatively young and immature in that area, we might need to look at alternate products to bolt onto it, so we have not yet had any direct savings. We have possibly had indirect savings.

Based on the bit of work or research that I have done, it seems to fit our needs. When you are looking at some of its tracking and management capabilities versus Absolute, it just does not go that one step further where Absolute would go with the recovery service for Precision laptops. My users or asset management are asking for the recovery capability on laptops. If they were not asking for that, I would just settle for Intune and provide the lost location and submit those details to enforcement, but they want the recovery service.

Intune has not helped us consolidate vendors because we are pretty much a single vendor. We have only got the Microsoft ecosystem. We are busy decommissioning our on-prem System Center setup, and we are moving to Intune on the cloud. It is integrated fully with AAD. We do not want to run infrastructure in South Africa. Because of the load shedding and electricity problems that we have here, we would rather use the cloud.

In the context of our journey to the cloud, it is important for us that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices. It would not have been attractive if it was not.

It is quite easy to manage. From what I have seen, it is very easy to check through. It is very basic. I do not need to be a rocket scientist to manage it. It takes a little bit of experience to set it up if you have never done it before. From a manageability point of view and ease of use, I would give it an eight out of ten rating.

It is quite policy-enabled, so you can build pretty much any policy to manage remote endpoints.

There could be more wizard-driven policy development or creation. Some of the policies can get quite complex. If they have a wizard that assists the administrators in creating the policy, that will be a great job.

Microsoft South Africa should improve their support for Intune in terms of turnaround time.

We started using it in about October 2022. It has been about a year and four months.

Microsoft South Africa could certainly improve on their support of it in terms of the implementation experience and completion of the project. This project has been going on for a year and four months already, but it should have been completed in six months. There are just too many clients looking at it, and there are not enough Microsoft support engineers for Intune.

We have one assigned Microsoft resource. We have got a unified support contract. They have only one support person to deal with multiple clients within our area, and if he is not available, we just wait.

If we had confident and good support from Microsoft, we probably could have cut the project time by 50%. We probably would already be finished and have 100% PCs fully compliant with Intune. 

I would rate their support a four out of ten.

Neutral

We are busy migrating from Microsoft System Center Configuration Manager and Endpoint Manager because of the infrastructure requirements. We want to be on the cloud.

We are a key government department that looks after and advises 13 other departments. They are rolling up Intune to those 13 departments.

It comes as a bundle, so you do not really know what the prices are. Microsoft does not break it down to the user cost for us. It is just bundled with our E5 license.

We did not evaluate other solutions because Intune was a part of our subscription.

My advice would be to make certain that you have the relevant in-house capability so that if you are working with Microsoft, you are able to cross-skill with Microsoft. If you do not have that and you are going to fully rely on Microsoft to assist you with deploying it, then make certain that you go into your project with your eyes wide open in terms of timing. The product is good. The scoping of the project is good, but the turnaround time is an issue. There is a lot of improvement required at Microsoft's end. The easier they make the policy creation within Intune with the wizard-driven process, the easier it will be for the internal administrators to implement it. If you remove your reliance on Microsoft, you can run a good product.

We do not use the feature called Tunnel for MAM to provide remote access to corporate resources on mobile devices. We do use Teams as a support or email support tool. We have a very small department, so that is sufficient. We would not migrate it to Intune.

We are not using Intune's Endpoint Privilege Management feature. At this stage, we are using Azure privileged management as the primary means of control. If it makes sense, we will get to it. It is not the first one on the list of things that we have got to do at the moment. We are on a zero-trust journey. If it is going to be one of the tick boxes, we will get to that.

Based on what I have seen of the product and its capabilities, I would rate Intune a seven out of ten. There are some issues that need to be dealt with, especially with the integration with Microsoft Defender Endpoint. Most definitely, the level of support and Microsoft resource capability is where I would mark it down.

It serves as our EDM, enabling remote computer management. We install various applications directly for users, granting us administrator-level control over the computers.

We utilize it exclusively within the IT department to manage all hardware from a single location.

It consolidates all endpoint and security management tools into a single platform. This allows us to efficiently determine the required applications for each employee. Having Azure Active Directory integrated into the complete environment further simplifies the process. Additionally, its compatibility with Android-based devices is a significant advantage, enabling the management of both Windows PCs and Android devices from a unified platform.

It offers complete visibility and IT control across various device platforms, saving us a significant amount of time. The alternative, handling devices individually each time there's a change in employee or any other scenario, is much more time-consuming.

When it comes to the user experience of Intune, the initial setup is quite straightforward, but delving deeper into its functionalities demands additional training and familiarity. This complexity can be considered a drawback. The policies that can be configured sometimes lack clarity, and understanding the limitations for users who aren't global admins can be unclear.

We don't utilize the MAM tunnel feature for remote access to corporate resources. Instead, we rely on TeamViewer for remote support when dealing with any issues.

It significantly enhanced our organization's efficiency, particularly in terms of time savings. While I don't have the specific numbers at the moment, the impact was substantial. Especially when we operated with a small IT team, the investment in the license cost was undoubtedly worthwhile.

In terms of securing hybrid work environments and safeguarding data on company and personal devices, there's flexibility to fine-tune policies for preventing certain actions. Currently, our approach restricts employees from installing unauthorized software, acting as a deterrent to Shadow IT. However, we haven't explored the full spectrum of possibilities with policies to uncover additional security measures.

The impact of Intune on the organization's security is essentially a peace of mind for me. If there's ever a report of a stolen computer, I can swiftly lock it without much concern. The speed at which this can be done is particularly reassuring, especially in the current landscape of hybrid work where such incidents tend to occur more frequently than before.

It has significantly impacted IT productivity in our organization. Onboarding and offboarding processes have become much faster. Simply Intuning the device and managing it through the internal portal or even within the VPN network streamlines the workflow. This is especially beneficial since our company supports hybrid work, extending flexibility to the IT staff as well. Inventory management has also seen a notable improvement, with less time spent. Now, we not only have a count of devices but also know which accounts they are associated with. Compared to our previous reliance on paper and Excel, this is a whole new level of efficiency. Overall, it has been an extremely positive experience for us.

While it's challenging to directly quantify cost savings, Microsoft Intune has certainly resulted in significant time savings for our organization. As we didn't have a comparable system before, it wasn't a matter of moving from something else to Intune. However, the investment has proven valuable, especially evident in the offboarding process. Previously taking fifteen to twenty minutes per device, it has now been streamlined to just a few clicks, around five minutes. This efficiency has been particularly impressive and has undoubtedly saved us considerable time.

Its most valuable aspect is the seamless onboarding and offboarding of new users, whether it's for a computer or a mobile device. This process is remarkably straightforward. Additionally, while not explicitly security features, there are safeguards in place that enhance safety. For instance, if a user reports their computer as stolen, you can promptly lock it and erase all data remotely. This means you can secure the hardware even without physical possession of the device. It goes beyond safeguarding just the Microsoft 365 user account; it extends protection to the hardware itself. It also served as a means to efficiently manage our inventory. Through Intune, I could easily access a comprehensive list of all the computers, tablets, and company-owned devices. This streamlined the process of accounting for new devices in our stock, eliminating the need for separate tracking outside of the Intune platform.

The capabilities of the Intune suite are seamlessly integrated with Microsoft 365 and Microsoft Security. This integration, especially with Microsoft 365, is crucial for us as it enables clear visibility into the association of devices with specific employees. Additionally, it facilitates tracking the usage of applications by different groups. The integration with Azure Active Directory further enhances the importance of the overall integration for our operations.

It would be beneficial to have a more straightforward understanding of Intune's capabilities, presented in a simplified manner. This way, one wouldn't need to be an Intune specialist or spend hours trying to grasp the intricacies of policies and functionalities. While I've used Intune extensively and have practical experience, I've found that to explore its full potential, significant time is needed for both understanding capabilities and seeking out relevant training. The current understanding of what actions or functionalities are available for configuration is not as clear as it could be. Enhancing the clarity of these policies, whether in terms of functionality or features, would be beneficial for users managing Intune.

I have been working with it for three years.

It provides excellent stability. We didn't face any downtime. I would rate it ten out of ten.

Scalability has been excellent. We began with a pilot involving just a few devices and swiftly expanded to over two hundred without experiencing any degradation in performance or functionality. I would rate it ten out of ten.

In terms of tech support or customer support, our experience has been somewhat mixed. Since we work with partners rather than directly with Microsoft Intune, and these partners are internal and cross-charged within the same company, there have been instances where support was not entirely satisfactory. This could be attributed to a lack of in-depth understanding on their part. However, it's important to note that they are not directly affiliated with Microsoft, and the level of support might vary accordingly.

The initial setup was complex.

Our setup is hybrid, specifically with Active Directory. The initial configuration necessitated an on-premises presence. However, once the setup is complete, the entire system operates in the cloud, making it predominantly cloud-based after the initial on-premises setup. I was involved in certain aspects of the deployment process. The complexity arose not necessarily from the intricacies of the tasks themselves but from the coordination required. As we lacked global admin privileges, there was a need for extensive collaboration between our team, global admins, and the Intune team at Microsoft.

In terms of maintenance, once it's up and running, there's not much ongoing effort required. It's essentially a set-and-forget situation. Occasionally, we might need to handle reports and views, especially when there's a new release. In such cases, there might be minor adjustments, like making something visible or invisible, but overall, the maintenance workload is minimal.

Regarding the pricing, my experience was with a nonprofit, where we enjoyed a substantial discount. While I can't provide insights from a business perspective, it's worth noting that the pricing may differ significantly, and the discount we received might not be reflective of standard business rates.

It's advisable to start with a straightforward approach, avoiding unnecessary complexity initially. However, it's equally important to have a well-thought-out plan for maximizing the platform's capabilities. Assign someone the responsibility of owning and creating a roadmap for ongoing improvements and enhancements. The idea is not just to go live and consider the implementation complete; rather, to plan for continuous refinement and utilization of additional features over time. Overall, I would rate it eight out of ten.