Microsoft Intune Reviews

I use Microsoft Intune to manage mobile devices and enforce security policies.

The most valuable features in Microsoft Intune for me are application deployment, Defender deployment, and asset management.

There is room for improvement in integrating additional features such as Purview and SharePoint activities into Intune, which would enhance its functionality.

I have been working with Microsoft Intune for four years.

The stability of Microsoft Intune is quite good.

The solution is very scalable.

I would rate the technical support for Intune as a nine out of ten.

Positive

We previously used SCCM. We switched to Intune due to its better usability, cost-effectiveness, and alignment with our Microsoft-centric environment, as we predominantly use Windows across the domain.

The initial deployment of Microsoft Intune was complex as fine-tuning policies took time. We ran a POC for three to six months before deploying to production. Our implementation strategy involved evaluating vendors, cost comparison and prioritizing security features. We opted for Microsoft Intune for its ability to consolidate security telemetry into the Defender portal. Deployment followed a phased approach: POC, small pilot group, then rollout to production. 

The solution requires maintenance from our side. This includes change management and configuration management to prevent unauthorized changes to policies, as well as constant review of threats from mobile devices. A team of four people is involved in maintaining the solution.

We used an integrator for deployment, which was a positive experience.

Having all endpoint and security management tools in one place streamlines IT and security operations. It simplifies processes for help desk support, image deployment, and asset management. Transitioning from SCCM to Intune has made tasks like application deployment easier and more efficient.

Intune provides full endpoint visibility and IT control across devices.

Intune has significantly improved our IT operations by consolidating management tasks into one portal. This streamlined approach has led to greater efficiency and effectiveness in our operations, as we no longer need to navigate multiple portals for various tasks.

Overall, I find the user experience of Intune quite positive. It streamlines tasks such as deploying applications and managing mobile devices, which previously required multiple applications. Transitioning endpoints to Intune, including laptops and servers, has been straightforward. Creating security policies and compliance policies is also easier within Intune.

We use the tunnel feature in Intune for MAM to provide remote access to corporate resources on mobile devices. We integrate Intune with Microsoft E5 Compliance Module for DLP, which helps maintain user privacy while protecting sensitive data.

Intune is highly effective for security in hybrid work environments, especially for protecting data on both company and BYO devices. All policies, including those for MDM and BYOD, are managed through Intune, ensuring consistent enforcement. Additionally, Intune offers features like allowing BYOD devices to access corporate data while restricting downloads or uploads, enhancing security without compromising productivity.

Intune's utilization of Microsoft security signals enhances our organization's security by providing visibility into Defender, MDM, Nathan, DLP, and other aspects. While there is a separate Defender portal, Intune allows access to certain features, offering comprehensive security management within a unified platform.

We use the Endpoint Privilege Management feature in Intune to control user access, especially for system admin accounts. This helps improve security by limiting the visibility of passwords and enforcing password rotations. Additionally, role-based access is managed through Intune, enhancing security without hindering productivity.

Endpoint Privilege Management helps reduce our organization's attack surface by providing greater visibility into account usage and usability. Previously, we lacked this visibility, but now we can grant engineers precise roles and responsibilities through privileged access management. Additionally, just-in-time access limits privileges to a small window of time, minimizing the risk of prolonged access.

Intune has positively affected IT productivity in our organization. It offers easy deployment, a user-friendly portal accessible both on and off the network with the right MFA, and consolidates all features, policies, and tools under one portal. This integration has increased efficiency as we no longer need to navigate multiple portals for different tasks, such as SCCM or image deployment.

Overall, Intune has helped reduce the risk of security breaches in our organization. Reducing privileges on accounts limits the impact of potential breaches. Additionally, with real-time data provided through Intune and Defender, we have better endpoint protection, further enhancing our security posture.

Intune has helped our organization save costs by being cheaper than purchasing SCCM licenses and other licenses. We estimated it to be at least 50% cheaper than our previous budget for similar solutions.

By using Intune, we have consolidated vendors by removing SCCM and Endpoint Protection from our portfolio. Defender now serves as our primary endpoint protection solution, streamlining our vendor management. The consolidation of vendors by using Microsoft Intune has not affected our security posture negatively. It has improved effectiveness, although we removed two security vendors from our portfolio, our footprint with Microsoft increased, balancing the impact. It didn't affect our licensing costs. In fact, we saved money as the cost of Intune was lower than what we were paying for the mobile line and SCCM.

The integration of Intune suite capabilities with Microsoft 365 and Microsoft Security is crucial in our journey to the cloud. Both aspects, cloud management, and security, are equally important in our strategy.

Overall, I would rate Microsoft Intune as a nine out of ten.

We use Microsoft Intune to deploy applications, check Autopilot status, and deploy Autopilot applications. We also use it to manage user profiles, assess compliance, and define compliance and configuration profiles, among other Intune configurations.

We implemented Intune to improve our compliance.

Intune consolidates all our endpoint and security management tools into a single platform. Intune allows us to securely manage Windows, macOS, iOS, Linux, and Android devices, both corporate-owned and personally owned, in one centralized location.

The user-friendly enterprise application management system allows easy app discovery, deployment, and automatic updates without IT assistance.

Microsoft Intune Suite is a great tool for MDM.

We use Copilot whenever we encounter difficulties or receive error messages while working on a solution.

Copilot is beneficial for environmental protection as it assists in finding solutions by providing necessary information.

Copilot helped simplify our IT and security operations overall.

Microsoft Intune has significantly improved how we manage our devices, applications, and security regulations.

Intune enables us to easily manage and secure hybrid work environments, safeguarding company and personal device data.

Intune's endpoint privilege management improves user productivity because we can create temporary privileged accounts.

Endpoint privilege management, through its implementation of least privileged access, helps to reduce our organization's attack surface by limiting potential vulnerabilities related to security and authentication.

Intune has improved our IT productivity. Auto patching has freed up their time because it requires no administrative support.

Microsoft Intune has helped save us costs by consolidating multiple tools into Intune.

Microsoft Intune Suite's integration with Microsoft 365 and Microsoft Security is great for both cloud and co-managed devices because we can use it to form a single dashboard for enabling and managing licenses and creating accounts. 

The most valuable feature of Intune is the user-friendly portal for end users.

One drawback of Intune is that we cannot find devices based on a user's region or location. As a global organization, having this ability would be helpful.

I have been using Microsoft Intune for four years.

Intune is stable. We have not encountered any downtime.

Intune scales to our needs.

The prolonged response time from technical support for Intune is unacceptable, as this tool is critical to our organization's operations.

Neutral

We previously utilized Microsoft System Center Configuration Manager but transitioned to Intune due to its advanced capabilities and cloud-based architecture, enabling centralized management and accessibility.

Intune reduces the need for administrators, resulting in time and cost savings by eliminating the on-premises hardware and personnel.

I would rate Microsoft Intune eight out of ten.

We manage over 5,000 devices using Intune, which requires a team of two to three people for maintenance.

Microsoft Intune is a good tool for large organizations. I recommend using the trial version and conducting a POC.

While Microsoft Intune offers centralized management and policy enforcement, it doesn't consolidate all endpoint and security management tools into a single platform. To comprehensively safeguard systems, additional solutions such as Microsoft Defender for Endpoint are necessary.

Achieving comprehensive endpoint visibility and IT control across various device platforms is a complex task, considering the diversity and freedom inherent in different systems. However, when it comes to deploying and managing devices like tablets, mobile phones, laptops, and specialized devices in Germany, a systematic and organized approach is crucial. Particularly noteworthy is the ability to configure IoT devices, such as numerous thermostats, water control systems, or sprinkler devices. Without a solution like Intune, scaling becomes a challenging issue, especially when dealing with thousands of such devices. Therefore, the use of a system like Intune becomes imperative in addressing these scaling challenges and ensuring effective device management.

On a scale of one to ten, I would rate my user experience with Intune as a six. The lack of intuitiveness makes it cumbersome to track and understand what needs configuration, especially when dealing with aspects like OneDrive and having to cross-reference settings across different areas of Intune.

In the context of securing hybrid work with Intune, our experience involved a two-day effort to configure the certificate for the Conditional Access server. However, once this initial setup was completed, we successfully configured VPN access for mobile phones. Despite the initial complexity, especially for a large company, Intune delivered on its advertised promises and proved effective in fulfilling the intended security functions.

Intune's effectiveness in securing data on company and BYOD devices is based on distributing security configuration data. While valuable, Intune has limitations, and comprehensive protection against cyber threats requires a sophisticated approach, including hybrid artificial intelligence solutions like Microsoft Defender for Endpoint. While Intune aids in system configuration, detecting and preventing attacks demands a more advanced defense strategy, comparable to sophisticated endpoint protection. Hybrid AI, with continuous human input, enhances threat evaluation, recognizing nuanced situations like suspicious timings in actions on developer endpoints.

It positively impacted IT productivity within the organization by enabling the secure addition of thousands of mobile phones to the VPN. In this regard, it performed effectively.

It played a crucial role in mitigating the risk of security breaches by securely distributing VPN certificates. While effective in this aspect, it's important to note that this alone is not sufficient. Endpoint security, such as developer endpoints, is analogous to having specialized tools for reading and managing complex systems.

It significantly contributed to cost savings. Manual configuration for each mobile phone would have taken approximately an hour per device per year, amounting to three or four thousand hours annually. However, with Intune, we accomplished the task in two days for five thousand devices, equivalent to around one hundred sixty hours. This resulted in substantial efficiency, reducing the effort from an ongoing five thousand hours per year to a one-time investment of a hundred sixty hours.

One of the most valuable aspects of Microsoft Intune is its seamless integration with Azure Active Directory, offering capabilities akin to Group Policy Objects. This integration provides a centralized platform for managing and enforcing policies, ensuring the stability of configuration data across devices, resembling the familiar functionalities of traditional group policies in an on-premises Active Directory environment.

In utilizing Intune's endpoint privilege management feature, I've primarily focused on configuring VPN access and certificates, although I'm not an Intune specialist. It's versatile enough for both configuring VPN access and managing large-scale IoT servers. For instance, in building management systems, especially in large structures like bank buildings, where numerous actuators are involved, configuring and securing them becomes a complex task. Intune proves valuable in this context. However, it's essential to recognize that while Intune serves as a powerful tool, relying solely on it is insufficient for comprehensive system security.

The integration of Intune capabilities with Microsoft 365 and Microsoft Security is crucial. As mentioned earlier, securing your machine requires tools like a developer endpoint, and relying solely on Intune may not be sufficient. While Intune allows configuration and deployment of Defender for Endpoints, having a dedicated tool is essential. The unique selling point of Microsoft lies in its seamless integration, especially notable for those working with Linux systems, where Microsoft's comprehensive integration sets it apart.

In terms of configuration, my experience with Intune is somewhat mixed. The configuration tool appears to be scattered throughout the Intune interface, requiring frequent navigation back and forth. The web interface, while functional, isn't particularly user-friendly, leading me to find PowerShell a preferable option. However, using PowerShell involves investing time in developing scripts. The challenge lies in the complexity of navigating between profiles and MDM configurations. Multiple windows need to be open simultaneously to grasp the overall configuration landscape.

I wish there was an improvement in the configuration process, as currently, it involves navigating through different locations with multiple windows open. Having a dedicated configuration server that assists in modifying the configuration service, and creating personalized structures, interfaces, and web services could enhance usability.

I have been working with it for three years. 

When evaluating stability, it's essential to consider the multitude of adversarial attempts, particularly from military opponents engaging in hacking activities. Microsoft has demonstrated its capability to withstand and defend against such sophisticated attacks, setting a high standard for security.

Considering the extensive number of support calls, I believe Microsoft handles them as effectively as possible. I would rate its customer service and support eight out of ten.

Positive

In the past, we utilized Windows services.

The number of people required for deployment depends on the specific tasks at hand. For instance, implementing the VPN solution involved five individuals, including specialists for firewalls and virtualization for the server endpoint. If the focus is solely on Intune-related tasks, one expert may be sufficient. However, in typical scenarios where Intune is used for onboarding machines or mobile device management, you'll need administrators with access to the relevant machines. It functions as a collaborative administration tool, and the required personnel would depend on the number of departments involved.

The pricing is inherently reasonable, as Microsoft leverages market insights to maintain the total cost of ownership at around ninety to ninety-five percent of what would be incurred in an on-premise scenario. Microsoft products inherently benefit from economies of scale and global reach, making them cost-effective.

It aids in vendor consolidation; otherwise, we would have had to manually configure around three thousand mobile phones.

It impacts the security posture positively when you are aware of what you configure and can update configurations promptly. However, as mentioned, the need for artificial intelligence in Endpoint Protection remains crucial.

I would recommend subscribing to reputable YouTube channels that focus on Intune or related topics. Building a strong foundation and gaining practical experience is crucial to understanding the intricacies of Intune. Overall, I would rate it eight out of ten.

I'm using all the services that Intune provides, including managing Windows 10 devices and mobile devices, with both the mobile application management and without enrolling the devices. I use it for deploying configuration profiles, compliance and app protection policies, as well as onboarding Windows 10 devices to the Defender portal.

I haven't used other mobile device management solutions, but compared to SCCM, we eliminate a lot of on-premises infrastructure and maintenance by using Intune.

For mobile device management, especially for the Windows operating system, it's quite impressive. But it would really be helpful to have the option to manage server operating systems as well, like Windows Server, at least. That way, we could scrap the use of SCCM, which requires a lot of on-premises infrastructure.

Another area for improvement is the reporting structure. For example, currently, when deploying Windows 10 or Windows 11 updates, I don't get any detail or structured reports showing which updates are installed on the devices. It only gives me information on whether the update policy has been successfully deployed on the device or not. That type of installed-updates detail would be helpful.

I've been working with Intune for more than four years. I'm part of a support operations team managing clients' infrastructures on Intune.

The product is very stable. If you have to think about managing devices securely, go with Intune. Although I have not used any other mobile device management solutions, Intune is very reliable and it's hardly out of service at all.

From the start of my career, I have been managing clients in Europe but Microsoft has no boundaries when it comes to using Intune. There are certain services that are restricted to specific regions, but that is not the case with Intune. It can be used in any region and with any number of users. I have managed environments with 5,000 to 10,000 devices enrolled in Intune.

If there is a service outage, that is made very clear on Microsoft's service portal in the admin center. But if an issue comes up where, for example, a policy deployed from Intune has not been received on a device, it is very difficult to evaluate whether the issue is with Intune or the device. In that scenario, Microsoft itself is confused about whether the situation has to be escalated to the desktop support team or the Intune team.

Other than that, everything is good.

Neutral

The initial deployment process is very straightforward. It's software as a service. You just buy the subscription and start using it. It's not the case that there are very complex configurations or prerequisites to start off.

It does not require any maintenance on the customer's side. Microsoft takes care of all the maintenance.

Having devices managed at scale and maintaining security posture are, of course, value-adds, in comparison with the cost our clients pay to purchase the service. It is worth it.

Microsoft offers different licensing structures. It offers standalone licensing for Intune, but Intune is also included in other licenses, such as for Microsoft 365, E3, and E5, Business Premium, and Business Standard.

There are other MDM solutions, like Workspace One from VMware, which has support for server operating systems as well. I've never used it but I did a quick comparison of the supported operating systems.

We use it to a small extent for approximately 1,100 devices. The biggest portion of it is used in the Aviation department, which is one of our departments. They have invested heavily in some customized software that they've developed in-house. It is put on the devices, and the devices are primarily used by field staff. It's basically a mixture of work order assignment and work order management, as well as record keeping. For example, I could have a technician who is assigned to go and do a preventive maintenance inspection on an HVAC component in one of the terminals. That request or work order is submitted to his device. When he gets there, he scans barcodes for the room he is in and for the piece of equipment that he is working on. So, they track their actual work order, work order status, workloads, and equipment life cycle, and that's all done through Intune.

It helps us in securing devices. It has eliminated a lot of paperwork. It has simplified record-keeping and maintenance of equipment, life cycle management, staff workload, work hours, et cetera. That's the biggest impact on us, and that's also where most of the devices are used.

Its security is most valuable. It gives us a way to secure devices, not only those that are steady. We do have a few tablets and other devices, and it is a way for us to secure these devices and manage them. We know they're out there and what's their status. We can manage their life cycle and verify that they're updated properly.

It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution.

It has been years since it was implemented.

Its stability has been fine. We've had no issues at all.

I don't see any issues with it. We currently have only about 1,100 users and licenses for the Intune product. The largest portion or over 50% of usage is by our Aviation department for tracking and managing their work order, workload,  equipment life cycle, etc. Other users are scattered in small numbers throughout a number of departments. 

Our Parts department also uses it. One thing that's a little bit unique is that they also have these assigned to temporary workers. So, we provide the licenses for a number of temporary workers for the summer or for the winter, and then we take them back and reassign them to somebody else. 

The other departments mostly use it for educational or small use cases where they think this will be a good fit, and it is the product that is available to them. I've heard nothing bad about it, and I have no problem at all with Intune.

In terms of future growth, we're currently looking at another product, but that doesn't mean we're going to go with that other product. We're working with a vendor on another solution, and that vendor also has a mobile device management product, but we're not yet ready to go there.

I've no direct input on it. Right now, we're on unified support, but we've always had their premier support. If we ever have a problem with any of our Microsoft products, including Intune, we do have a way to reach out and get additional assistance.

I'm not aware of any other solution being used. I know there were one or possibly two failed mobile device management project implementations. I was not a member of the department then, so I don't know the details. I only know that both of the deployments failed. In other words, either the vendor promises were not met, or we found a function that was supposed to exist but did not exist. 

It was pretty straightforward. It was not a very long, complex, and involved process. It was fairly easy to set up.

It was done in-house. For its maintenance, we have no one dedicated to it. Our client computing side takes care of that.

I've never tried to quantify an ROI for the program. We have just a small number of devices. At some point, we will look at implementing large-scale mobile device management, and that'll be a different case where we may look at Intune, Workspace ONE, or another product.

It is not a cheap solution. The price for a device when you start using it at a large scale can be improved.

It is covered under our enterprise agreement. We pay once a year. I am not aware of any additional costs.

It meets the basic security needs and management needs for most organizations. It allows you to monitor the security of devices and manage those devices if they're organization-owned. It is fairly easy and straightforward to manage. It is not difficult. Some of the other solutions are a little bit more difficult.

I would rate it an eight out of 10. It meets all the basic needs that most organizations will have for device management and device security. I am not sure if it can provide the required level of security for different business scenarios that require additional security, which means you'd have to run two systems in tandem.

I have worked in various roles with Intune. In my previous organization, I supported Intune on a job board. Currently, I am in a consulting role, responsible for development, deployment, and other aspects of Intune. This experience has given me a well-rounded understanding of Intune's support and implementation aspects.

We implemented Intune to manage devices across multiple operating systems, including Windows, Mac, iOS, and Android. My expertise lies in device enrollment, compliance enforcement, configuration management, Autopatch, Autopilot for Windows, and application provisioning through Apple Business Manager for Mac devices.

We have clients who have deployed Intune on a hybrid platform and others who are fully cloud-based.

Intune's security management capabilities effectively meet our compliance requirements. While there may be a few unique instances where our needs are particularly complex and don't perfectly align with Intune's design, it's clear that Intune comprehensively addresses the compliance standards and policies necessary for any organization.

Intune serves as a unified platform for managing endpoint and security tools. As a comprehensive management solution, Intune allows for centralized control of various aspects of device and security management. In terms of Microsoft Defender, Intune seamlessly integrates certain features of this advanced security product, providing an additional layer of protection. This integration streamlines incident management by centralizing relevant information and tools within a single platform.

With the advancements in Intune automation, the role of IT administrators has become significantly less complex than in previous years. Tasks that once required extensive manual configuration and monitoring, such as deploying security updates to Windows machines, are now streamlined through features like Windows Autopatch. This service automates the entire process, including policy creation, deployment, and monitoring. Additionally, Autopatch offers flexible deployment options, allowing for gradual rollout to pilot groups, IT staff, and the general workforce. As a result, IT teams can focus on higher-level tasks and reduce the time spent on routine maintenance.

Intune's user experience is generally seamless, with minimal user interaction required. While some applications might occasionally conflict, causing minor disruptions, Intune's compliance and configuration policies are typically applied in the background without significant user input. As a result, the user experience is generally straightforward, with few interruptions from Intune's administrative tasks.

If implemented, Intune can significantly enhance data protection, compliance, and security. By implementing security codes, we can control user-level access to applications and ensure that only authorized individuals can access company data. In case of device loss, we can remotely wipe the device to prevent data compromise. Intune also plays a crucial role in productivity. Deploying and managing applications through Intune is straightforward, and it supports a wide range of applications, including built-in ones. These features make Intune a valuable tool for organizations seeking to improve data protection, security, compliance, and overall productivity.

Intune effectively secures hybrid work and protects data on both company-owned and BYOD devices. For company-provided devices, MDM enrollment ensures robust security. However, BYOD devices rely on MAM, requiring user interaction through the company portal or Authenticator. While most users comply, there are instances of resistance to installing the company portal app, making MAM management challenging. To address this, Microsoft could explore alternative solutions that avoid the necessity of the company portal on personal devices, accommodating user preferences.

Intune enhances IT efficiency by streamlining application deployment. Applications developed for Intune are directly accessible within the application list, eliminating the need for separate provisioning from third-party vendors. Microsoft's extensive collaborations with numerous applications ensure that features and upgrades are managed seamlessly through Intune. Overall, Intune offers a promising solution for current IT productivity needs.

Intune offers comprehensive compliance features, covering even the intricate registry aspects of Windows security. Through the settings catalog, we can configure virtually all desired settings. Existing templates can be customized, and we can delve deeper into the same settings previously configured in our on-premises environment. For those transitioning to hybrid or cloud environments, Intune provides numerous features that can be customized or replicated from on-premises, offering a seamless transition.

As an IT administrator, I appreciate Intune's ability to implement granular device-level policies for our organization's employees. This allows us to enforce company-wide regulations and ensure compliance while minimizing the risk of data breaches. Intune's user-friendly interface and straightforward accessibility make it a valuable tool for IT staff and employees.

The enterprise application management feature in Intune Suite for app discovery, deployment, and automatic updating is well-suited for Windows devices but is premature for Android and iOS. From an administrator's perspective, managing Windows apps with Intune is relatively straightforward. However, for Android and iOS, the feature requires further refinement due to their third-party operating system nature. While Android devices pose fewer challenges, iOS devices often necessitate using Apple Business Manager as an intermediary, complicating the management process. This is particularly evident when considering Apple's role as the primary manager of iOS devices.

Intune could be enhanced by automating application upgrades, similar to how it automates operating system upgrades. This would streamline the process and reduce manual effort, especially for organizations with multiple applications requiring regular updates. Additionally, the tenant dashboard could be more user-friendly by providing more customizable options and charts for monitoring various aspects of the Intune environment. This would allow administrators to easily access and track key metrics without navigating through multiple menus.

I have been using Microsoft Intune for three years.

I would rate the stability of Intune eight out of ten.

I would rate the scalability of Intune eight out of ten.

Regarding the frontline support we contact, they could be more responsive. While the support is essentially the same for all users, Intune customers' response times, reservation times, and overall service are influenced by their license agreement. There is room for improvement in this area. Ultimately, we use the same product and license, but premium customer service comes with an additional cost. For instance, clients with premium licenses and support add-ons typically have issues resolved within three to four days, compared to seven to eight days for those without premium or unlimited customer service.

Neutral

I have experience with Jamf and NBF solutions. While Jamf offers robust capabilities for managing iOS devices online and is user-friendly, it surpasses Microsoft Intune in its features for Mac devices. However, Intune remains a better choice for Windows devices.

The initial deployment of Intune can be improved by automating enrollment processes for Windows Autopilot. This would streamline the process and reduce the number of options IT admins need to manage. Additionally, automating the initial Intune procedures performed by IT would further simplify Windows Autopilot deployment.

The deployment time varies depending on the operating system. For Windows, it can take around ten hours. Android deployment takes 15 to 20 minutes. iOS deployment requires more time due to intermediaries between the device and Apple Business Manager. Setting up a connector between Apple Business Manager and Microsoft Intune, creating profiles on both platforms, and procuring licenses for the device on both ends are necessary steps for Mac deployment. Windows deployment is simpler, and methods like Windows Autopilot are less time-consuming.

The cost of the license and the features are justified for myself as a technical person.

I would rate Microsoft Intune eight out of ten.

The Microsoft Intune Suite is a valuable tool for companies seeking a reliable MDM solution. Given the current structural and developmental trends in businesses, Intune has become essential for ensuring data security, protection, and compliance. It's a user-friendly platform that's relatively easy to learn, even for those with limited IT experience, such as support staff. For individuals aiming to enhance their skills and explore cloud technology, Intune offers a solid starting point before delving into Azure. By beginning with Intune and gradually expanding their capabilities, users can effectively leverage the Microsoft cloud ecosystem.

Our clients are medium size organizations.

Intune necessitates regular maintenance. To ensure optimal performance, we generate quarterly reports that inform our planning for the following quarter. These reports enable us to identify areas for improvement in compliance, non-compliant devices, configuration issues, and security and application upgrades. By addressing these concerns proactively, we can enhance Intune's overall effectiveness.

With co-managed devices, integrating the Intune Suite can be challenging due to the interplay of on-premises and cloud environments. Determining which controls have precedence—cloud-based or on-premises Active Directory features like organizational units or first levels—is crucial. Cloud-based management simplifies this process as Microsoft handles many aspects automatically, reducing the need for extensive customization. Creating user-level profiles in Azure Active Directory is essential for backend operations. On-premises management often requires more manual tasks compared to cloud-based solutions.

Intune is a viable solution for those seeking a mobile device management tool, especially if they primarily use Windows devices. However, if a Mac environment is the primary focus, Jamf offers more comprehensive capabilities and features. For organizations with a mixed device environment, including Windows, Mac, Android, and iOS, Intune is a strong recommendation. Additionally, individuals aiming to enhance their skills in cloud technology can consider Intune as a valuable starting point.

Our customers primarily use Microsoft Intune for core management tasks, often in conjunction with System Center Configuration Manager, especially for Apache-related matters. Intune is also crucial for mobile device management, policy deployment, and ensuring robust security, particularly when activating and deploying security features like Defender to endpoints.

Some of our customers implemented Microsoft Intune because of integration issues and old legacy operating systems.

We use Intune in on-premises, cloud, and hybrid environments.

Intune brings all of the endpoint and security management tools into one place. They have also integrated it with non-Microsoft operating systems, which is a huge plus.

Consolidating endpoint and security management tools into a single platform offers significant benefits for our IT and security operations teams. With centralized visibility, they can gain better control over their systems, identify potential vulnerabilities, and take proactive measures to protect customer data. This enhanced oversight empowers them to address security gaps effectively and ensure a more secure environment.

From the user perspective, the Intune experience is exceptional for those familiar with it. However, for those still learning the technology, it suggests that Intune is user-friendly and straightforward to comprehend.

Intune offers administrators enhanced visibility, control, and ease of management. Patching and updating devices is streamlined, while end users benefit from simplified onboarding, intuitive usage, and robust security features like conditional access.

Intune is essential for safeguarding data on company and BYOD devices, especially in hybrid environments.

Intune significantly enhances IT productivity within our customers' organizations. Before Intune, administrators often struggled with visibility and management, particularly for mobile devices and laptops. They wasted time searching for assets and deploying numerous tools to achieve visibility and enforce management policies. Intune streamlines this process by eliminating the need for hundreds of agents. Simply implementing Intune provides the necessary visibility and management capabilities.

Intune offers significant cost savings. By comparing its licensing model to third-party solutions, we can easily see the return on investment in terms of reduced business expenses. Intune can help businesses save between 35 and 45 percent.

Intune simplifies vendor management by providing visibility into end-of-life dates for most hardware, especially laptops. This makes it easier for administrators to monitor the support status of both software and hardware. By tracking updates and end-of-life information from various vendors, administrators can easily view this data in a consolidated summary.

Before implementing Intune, their security posture was significantly lacking, with most organizations scoring below 20 percent. However, after Intune deployment, especially for banks, compliance became a crucial factor. Intune’s recommendations on improving security scores, particularly Secure Scores, have been instrumental in boosting their ratings to between 75 and 85 percent.

The consolidation has impacted licensing costs due to centralized oversight and dashboards. This raises questions about whether we should continue with the current approach or explore alternative options like Microsoft or a more standardized solution. There is a significant cost advantage to vendor consolidation and visibility.

The core management feature in Intune is invaluable to us, especially considering the challenges we often face with System Center when pushing external updates. Intune has proven to be a game-changer for me in this regard.

Intune's privilege management feature, while beneficial, is less intuitive than other Intune features, making it challenging to use. To improve this, more demonstrations and technical sessions would be helpful.

If Microsoft offered a standard license trial that allowed customers to experience its capabilities, customers would be more likely to purchase Intune.

The technical support has room for improvement.

I have been using Microsoft Intune for six years.

I've never encountered any performance problems with Intune. The largest deployment I've undertaken was for ten thousand devices, and even then, I experienced no issues with the Intune platform.

Microsoft Intune is highly scalable.

We encountered an issue once, but unfortunately, we had to seek support on our own. Therefore, Intune support is particularly challenging.

Neutral

We use VMware, Citrix, and various other third-party tools for MDM. These tools include Qualys, GFI, Managed Engines, and others, each offering different functionalities and service levels.

Intune offers a more straightforward licensing process than other vendors. Additionally, its integration capabilities, especially with Microsoft products, are generally smoother and less problematic than many third-party solutions. This allows for a more direct and measurable path to success, enabling users to assess their progress even in the early stages of implementation. 

I have been familiar with Microsoft products for some time, making the initial deployment of Intune relatively straightforward. We begin with a customer immersion session, where we sit with the client to conduct a workshop. This workshop ensures they fully understand the Intune solution's capabilities and limitations. We then establish clear objectives and goals for successful deployment. Our engineers work closely with the customer on-site, deploying the solution and training designated champions to assist user adoption. Following this, we provide comprehensive training and a transition period for the entire organization.

The number of users in an organization determines the number of people needed for a deployment. For organizations with fewer than 500 users, a team of five to six people would suffice. However, organizations with more than 1000 users may require a team of ten.

I would rate Microsoft Intune eight out of ten.

Intune's low maintenance requirements make it a valuable asset for our clients. Once implemented, Intune typically requires minimal ongoing maintenance, ensuring a smooth and efficient experience.

The integration of Intune's capabilities with Microsoft 365 and security for both cloud and co-managed devices is crucial as we transition to the cloud. Intune's visibility into devices provides significant value, and neglecting this integration would be a disadvantage for administrators as cloud-based management becomes the norm. Therefore, incorporating Intune into your cloud migration and strategy is essential for effective device and mobile phone management.

I highly recommend Intune to others. Its visibility feature is imposing. With visibility comes control, and a quick demo can showcase the potential benefits. By highlighting the need for more visibility in their current setup, it's easier to convince them of Intune's value. This also simplifies discussions and makes the decision-making process smoother.

Microsoft Intune has improved our organization a lot. Previously, we had concerns about device security and compliance. We now do not have those concerns, and we also have productivity and efficiency. It enables remote work.

It is very easy for us to pull the applications for security updates. Everything is done at the backend. It is very easy for us to configure for all the users because we are currently using Microsoft E5 and E3 licenses for all the users. We have created separate groups for all the users. We have more than 7,000 users across more than 60 countries. We have created separate groups for all the countries. After the onboarding is over, we add a user to a particular group and Intune. Once we enroll a user's PC, all the applications, security updates, and other things are pulled from the back end.

It helps with security enhancement. We can remotely manage the devices. It helps with productivity. We can have reports. We can download all monthly reports and enable compliance policies. Its cost efficiency is also good.

It is integrated with Microsoft 365. Everything is integrated in terms of security and endpoint solutions. Every feature is in one space or license, which is Microsoft 365. We only need to be concerned about the license because, under Microsoft 365, they have a lot of licenses. That is the only thing we need to focus on.

It is very easy for me to monitor and configure everything. It is a one-time process. Once I have done all the work at the back end, it is very easy for me to configure everything. At times, requirements come from IT managers from some countries where they need to add some applications, policies, or VPN networks, and I take care of that from time to time. They usually come in the middle of every month.

Nowadays, more and more companies are implementing Intune for their users. I see a lot of companies moving to endpoint management. It is a good move to integrate all the systems and bring them under one roof. You do not need to look for other solutions or third-party applications. Once you have the Microsoft enterprise license, it is a one-time process. You do not need to go to all the users to install everything and do the updates. It is not necessary. It requires only a one-time configuration. It is very useful for all companies. It is very user-friendly, and it is very easy to pull the data and reports on updates and applications. Everything is possible in Intune nowadays.

Microsoft Intune is very useful for us because we do not need any extra people. It reduces the manpower required. Previously, for every country, we had to recruit more IT technicians for things like installation and user support. Nowadays, in a single window, I can do all the work in the back end. For example, in the case of a laptop theft, I can wipe the laptop remotely. It is a very useful tool.

Microsoft Intune is a cloud platform. It is integrated with Azure. It protects and checks the identity at the backend. We can also configure some extra layers of protection, such as MFA or passwordless sign-ins. We can enforce all this for all the users. Our devices are more secure.

Microsoft Intune is already integrated with all the things. We have created some alerts for all the users in the case of any unusual activity or travel activity. If they click on a malicious link, it is automatically detected. We have already configured all this in Office 365. The tickets are automatically generated in Jira. We have to verify with the IT managers of the representative countries whether these user activities are valid or not. According to that, we are taking some precautions and remediation such as blocking some users. Security-wise, it is very useful for us.

It is a one-time configuration. It is very easy for me to configure all the things. Once I create policies and applications in Intune, it is very easy for us to enroll users. It is a one-time process. We do not need to spend a lot of time because all the setup is done in the initial phases. Its interface is a little bit complicated, but I know where to configure all the things in the portal. It is very easy for me. Before the user enrollment, I have a call with the IT managers of the respective countries and collect the requirements from their end. I configure all the groups accordingly. For example, we have some inbuilt applications that we need to allow for all the users. We also have some in-house applications. For every country, the policies are different. I can take care of all that.

We are facing issues with Apple products. With macOS and iOS, there are some difficulties with the updates because we cannot get full control of Apple products. In the case of Windows, it is fine, but in the case of Apple, we have some difficulties. We cannot control everything through Intune.

It can be improved in terms of UI, user productivity, ease of use, performance, customization, and flexibility. It has all of these capabilities, but they can be better. Reporting, analytics, and integration with third-party solutions can also be better.

I have been using Microsoft Intune since 2022.

It is a stable solution, but when a lot of users are facing the same issue, it can take us some time to find a solution. I would rate it a seven out of ten for stability.

It is scalable. I would rate it a seven out of ten for scalability.

We have premium support. If I am not able to find a solution for an issue at my end, I raise a ticket with them. I get a response or callback according to the priority level. They try to resolve the issue as soon as possible. I have faced some challenges on Saturdays and Sundays and at night time. 

Their support is not always very fast. Sometimes, they take a day or two and they can also take one or two weeks. In a few cases, they took one month. If level 1 support is not able to resolve the issue, the ticket is moved to the next level. If level 2 is also not able to resolve the issue, they move to level 3. Their support needs some improvements.

Neutral

We were not using any similar solution previously. We had some software for remote access and admin control.

I have some experience with Meraki MDM. I am not very familiar with it. I worked with it only for a year. When I joined the organization, all the systems were in domains. It was very difficult to manage everything because one of the engineers had to go to the user systems and install whatever the users wanted. All the systems were protected with the administrator accounts. Nowadays, it is very easy for me to pull all the applications.

For all the updates, we are using a separate third-party tool from Qualys. It is integrated with Azure. Every month, we initiate software updates. It is mandatory for all the users, and it is automatically done. Once I pull the updates, they automatically run in the backend on every user system.

We are using a third-party solution for our servers. We have about 150 servers for application development, UAT, and production. We cannot use Intune for the servers. It is not effective for servers. That is why we are using a third-party application for servers.

For the initial setup, we needed some help from the Microsoft team. As a new organization, we had to know all the features. We had different requirements for different countries in terms of applications and compliance.

We had a session with Microsoft, and they explained all the processes in Intune and showed us how to configure and implement everything. We had done some PoCs. We started with a few users, and after everything worked fine, we started with small groups and implemented it for them.

Its setup is easy, but we had requirements from IT managers regarding excluding some devices from the administrator level and allowing some users to directly install some applications. In such cases, we had to create separate groups for them.

It was a long process. It took me around one month for each country. I had to set up a meeting with IT managers, discuss the license part, and tell them the main advantages and disadvantages. Convincing them was a bit difficult because their systems were connected with domains. Different users required different permissions. We cannot give global admin permissions to all IT managers. 

We are a team of 20 people. We are the ones dealing with the global admin access. We take care of many things. For example, for application configuration or policy configuration, people need to raise a ticket with us. We schedule a meeting and take the requirements from them. We accordingly make the changes.

We also have an operations and infrastructure team. Our company is a logistics and shipping company. Here in Dubai, I am working in the global hub. It is the group IT hub. We are developing all the on-premises applications here. We have more than 20 in-house applications.

In terms of maintenance, I have not got any feedback. It is working very smoothly so far. I have not faced any challenges.

We have saved resources and time. We do not need that much manpower and time. It is a very effective solution.

It is expensive. The cost depends on the license that we choose.

The enterprise license is expensive. It is recommended only if the organization has the budget. It is not recommended for all companies because of the licensing part.

We ensure that the selected solution integrates smoothly within our IT infrastructure, including Active Directory, Azure AD, cloud platforms, and network equipment. Compatibility and integration are the key factors in achieving seamless deployment and operational efficiency. We also need to consider the security and compliance requirements and plan for scalability and future growth.

We just started using Microsoft Copilot in Intune. We have some testing going on. We assigned the license to some of our help desk IDs. We are using it for some meetings and documentation purposes. It will automatically capture the key points when we are in the meeting. We have tested only a few features in Copilot. We need to explore it more.

I would recommend Microsoft Intune. It is a very useful product. It is very helpful to monitor the devices and implement compliance policies. You can also get monthly reports and alerts about user activities. Security-wise and configuration-wise, it is a very useful product.

I would rate Microsoft Intune an eight out of ten.