Microsoft Intune Reviews

We do use Microsoft Intune internally in our company. We handle the distribution software, collect metrics for app usage, and create policies to make the device compliant for Microsoft Intune.

The features that we use very frequently include collecting information about the software installed and determining which software is allowed from our company or not. This is our main feature for now.

We have different departments in our company, and the configuration and distribution of Copilot is another team's responsibility. We use it, but we do not have any part of that process.

We handle the distribution software, collect metrics for app usage, and create policies to make the device compliant for Microsoft Intune.

The features that we use very frequently include collecting information about the software installed and determining which software is allowed from our company or not. This is our main feature for now.

The interface is easy, but it is not user-friendly when evaluating the overall user experience of Microsoft Intune.

The settings are confusing, and it is not always clear where I apply the configuration because we have to open various pages to see where we are applying the settings that we have configured.

We are using Microsoft Intune for about two years.

Microsoft Intune is acceptable and adapts well. I give it an eight regarding scalability.

The technical support of Microsoft Intune rates as an eight when rated from one to ten, where ten would be the best support.

We have addressed other questions and other possible customization, and it is satisfactory because our company also has support from Microsoft directly in our company. This makes it easy for us to ask questions and request features that can be useful in our company.

Before choosing Microsoft Intune, we did not evaluate other options other than BigFix.

The initial setup and deployment of Microsoft Intune is easy to participate in.

We actually used service technicians from Microsoft to deploy Microsoft Intune. We hired Microsoft technicians to do that.

The technical team from Microsoft are good technicians, and we can see that they are comfortable with the process.

Before choosing Microsoft Intune, we did not evaluate other options other than BigFix.

I am involved in solutions, and we have Microsoft Intune and BigFix in our company.

We are administrators and end users of this solution. However, it is not the priority application because our priority is BigFix.

We are separated into different areas in Microsoft Intune. We have many solutions in Microsoft Intune, but for now, we are only creating policies, managing devices, and installing software because other teams handle other configurations.

We are using Microsoft Copilot in Microsoft Intune. I cannot make any comments about whether Copilot in Microsoft Intune helped protect our environment because Copilot is another department's responsibility.

We had the BigFix platform before Microsoft Intune. We chose Microsoft Intune in the first place because most of our components and services are moving to Microsoft. Microsoft Intune is adding to all the services that we now have from Microsoft.

My overall review rating for Microsoft Intune is eight.

Our use case for Microsoft Intune is managing end-user endpoints, specifically Windows desktops. It is not limited to Windows desktops as it can also manage Mac OS desktops, laptops, and mobile devices for both Android and Apple iOS. 

In terms of needing Microsoft Intune to manage devices, first, there is a requirement that devices must be joined to an Azure domain, either hybrid joined or purely joined. 

From my perspective, purely joined is really the only viable way of setting up an environment. Once devices are joined to Azure, access to Microsoft group policy is no longer available. Because group policy is not accessible in Azure, another way to manage and control devices is necessary. This alternative method uses Microsoft Intune Windows profiles. 

When setting up devices using Microsoft Intune, Windows profiles can be established which perform most of the same functions that Microsoft Group Policy did in a local Windows Active Directory environment. Microsoft Intune can manage and control machines and install software. It allows for Windows provisioning on machines and enables autopilot deployment with pre-packaged installations. When a user receives the machine, sets it up, and turns it on, it connects to the domain and begins installing software, becoming ready within approximately half an hour, which represents a significant time savings for IT departments.

Companies using Microsoft Intune are much better at managing their endpoints with far more visibility. The endpoint inventory is far more accurate and up to date. The Windows versioning for the endpoints is much better, and Windows stays current. Companies not using Microsoft Intune still rely on manual or prior methods of updating and inventorying, which are subject to gaps and inaccurate information.

The Microsoft Intune management console provides visibility into the current status of machines and deployed software. It can automatically update components within its capability, primarily Microsoft products. Third-party software updates, such as VLC media player, are not within Microsoft Intune's update capabilities. Some companies, such as Adobe, have packaged their software to be updatable in Microsoft Intune, though this is more the exception than the rule. Installing software in Microsoft Intune can be challenging if it is not already prepackaged.

The stability and reliability of Microsoft Intune is good. Microsoft takes everything in, and if users stay with Microsoft, everything works together effectively.

Microsoft support for Microsoft Intune is good. In my own use of Microsoft Intune, I did not spend significant time with support because the Microsoft documentation was adequate for our needs.

In a prior environment, when setting up Microsoft Intune, we utilized a third party for assistance. They contacted Microsoft on several occasions, and their needs were answered sufficiently.

We have a couple of companies using other options besides Microsoft Intune. One company is using Avanti Neurons.

I rate the documentation for Microsoft Intune very highly, approximately nine or ten out of ten. One of our companies is beginning to provision and establish a Cloud PK to replace their legacy on-prem ADCS server. 

I used Microsoft Intune extensively in setting up, running, and managing it for several years. In my current role, I don't have hands-on management responsibility for Microsoft Intune as much as responsibility for ensuring it secures the environment from a cybersecurity perspective. 

From an IT infrastructure team perspective, the experience with Microsoft Intune is good, although somewhat complex to navigate initially. From an end-user perspective, the experience is good as long as the infrastructure team has done their due diligence in setting it up to remove any obstacles from the user's setup of their own machine. 

I rate Microsoft Intune a ten out of ten.

My use case for Microsoft Intune is to deploy applications and enroll devices, pushing the apps to the devices.

Microsoft Intune brings all of our endpoint and security management tools into one place.

The integration of Microsoft Intune with Microsoft 365 and Microsoft security for cloud and co-managed devices is flawless.

Microsoft Intune works smoothly for discovery, deployment, and automatic updates.

Microsoft Intune helps simplify our IT and security operations as it takes less time, and it's easier to use than SCCM.

Microsoft Intune is flawless for securing hybrid work and protecting data on company and BYO devices.

We are using Microsoft Intune's endpoint privilege management feature. For enforcing least privilege access with Microsoft Intune, we use Entra ID. It restricts unauthorized access, requiring roles to be activated to proceed with necessary tasks, enhancing security.

Microsoft Intune has positively affected my IT productivity, as the decisions made at the enterprise level show it to be a more efficient way than SCCM.

In Microsoft Intune, everything is great. The interface is user-friendly, and the reporting tool works in real-time. Uploading the content is fine as well.

There is room for improvement in server patch management and allowing direct uploads of EXE applications instead of needing to convert them to Intune format, which would save time.

I have been using Microsoft Intune for more than one and a half years.

We have not experienced any issues. I would rate the stability of Microsoft Intune a nine out of ten. 

We have approximately 90,000 devices in our organization. We have multiple locations across various regions of the world. In our IT team, there are about ten people working with Intune, with plans to add more.

I would rate the technical support for Microsoft Intune an eight out of ten.

Positive

Previously, we were using MECM. The reason for the switch to Microsoft Intune is that the organization I work for has migrated to Intune. Microsoft Intune is far more efficient and faster than MECM. The deployment would take a lot of time in MECM; Intune is quite faster.

We are still using SCCM for cloud PKI as it hasn't been migrated.

Deploying Microsoft Intune in the cloud was complex as the previous work needed to be deleted and recreated, which wasted time.

Microsoft Intune saves about 10% to 15% of time. For example, deploying a 2 to 3 GB application at an enterprise level typically takes around one hour to one and a half hours, but with Microsoft Intune deployment, it gets completed in 30 to 40 minutes.

Microsoft Intune saves us around 10% to 15% in resources.

We are using Microsoft Copilot in Intune as an AI tool; it doesn't protect much, but it is handy for our users.

I would recommend Microsoft Intune to other users, especially those using MECM or SCCM, because Microsoft is ending support for older solutions.

Overall, I would rate Microsoft Intune an eight out of ten.

Our primary use case of Microsoft Intune was initially to provide a more cohesive update platform. Our organization was trying to move away from SCCM as far as updating our device platforms across Windows devices. We chose Intune because it had a simplified way to configure Windows Update, view reports, and manage devices for updates. We expanded its use for configurations, moving from a hybrid join scenario to CloudJoin, which offers advantages for hybrid work and on-premise settings.

Everything has worked better since we started using Intune. Our devices use Intune for their authentication SSO process, which is also something that Intune integrates with, so we get fewer SSO prompts for our devices. There's more consistency in the configuration. 

Our configuration profiles used to be all over the place. For example, there's a lot of legacy in Active Directory. Going through Intune has helped us enforce settings, which has improved device security and functionality. When you apply something through Intune, you know it works. You don't have to worry about a legacy setting from Active Directory that was uploaded by somebody seven years ago. With Intune, you can see that a device has a setting, and you can be confident that the device is configured how you want.

The most valuable feature of Microsoft Intune is the extensive reporting that is available. The platform's transparency allows us to see when a device has been configured correctly and what it is receiving. 

We haven't implemented it yet, but Intune provides a cohesive platform for passwordless authentication. The single pane of glass is also huge. We were using SCCM with a third-party management platform. We took down five servers and consolidated everything into Intune. The ability to migrate everything into one platform greatly reduced our server footprint. It was effortless. We onboarded all 12,000 of our devices to Intune in a week.

Our users don't notice it, which is probably a good thing. If you don't notice something interacting with your computer, that's good from a user perspective. When we deploy stuff through Intune, it's silent. We recently deployed a bunch of potentially impactful settings to our users and tried to align devices with Microsoft's best practices. Nobody noticed.

Sometimes the syncing is inconsistent. I'm confident that the devices are checking in every eight hours, but sometimes the devices aren't picking up the settings as quickly as I would expect. Some features haven't been updated in a while, and Microsoft doesn't seem interested in developing them. Unless you talk to an engineer, you don't know whether there will be an update.

There are communication issues, so you might start working with a feature without knowing if it will be deprecated six months from now. Some reporting areas still need development. For example, I noticed that the reporting for driver updates is still confusing. 

We have been using Microsoft Teams since the middle of 2022 when we started rolling it out to our Windows devices.

Microsoft Intune has been very stable. There has been only one incident with an outage on the Microsoft side, but it is rare to have significant outages.

Microsoft Intune is a scalable platform with room for growth. Over the past year, it has significantly developed, with onboarding Mac OS devices now an option. Microsoft has put effort into making Intune manage macOS effectively, surpassing some other providers.

I rate Microsoft support eight out of 10. Microsoft Intune's customer service is generally efficient. When a support ticket is submitted, it directly reaches someone with Intune support expertise, unlike other Microsoft products where assistance may be delayed. Elevation to the right person is swift, though I haven't needed to submit many tickets because Intune functions well.

Positive

We previously used SCCM and a device management platform called Remedy in tandem. We switched to unify our mobile device management under one platform and eliminate internal servers. Intune functioned as that single pane of glass for us. Additionally, Intune is more functional and user-friendly than SCCM or Remedy, making it an obvious choice.

The ease of setup depends on your scenario because there are many ways to deploy Intune. Our setup was straightforward because our devices were already in Active Directory, so we could add them using a GPO. After that, we had to do some fine-tuning. We first onboarded our mobile devices and moved our Windows devices to it once the Windows management side matured a little. It took about a week to deploy the solution.

We did not engage a reseller or consultant for our migration. The migration was handled internally without external help.

I can't speak to specific ROI numbers, but there is a noticeable reduction in man-hours spent on support and troubleshooting. Applications are deployed through Intune, and we see fewer tickets for common issues because we can resolve them through the solution.

We did not incur additional setup costs for Intune, as it was already included in our E5 license.

We didn't evaluate other solutions; choosing Intune was obvious as the next step.

I rate Microsoft Intune eight out of 10.

I used troubleshooting steps while working on enrollment, deployment, and policy configuration regarding Microsoft Intune.

The best features of Microsoft Intune include continuous implementation of new capabilities each year, covering almost everything. They recently added Linux operating system enrollment. Multiple options have been streamlined. Previously, configurations were split between Endpoint Security and configuration settings. Microsoft Intune has now merged these into unified configuration settings.

Microsoft Intune continues to implement numerous improvements. It effectively secures data and manages organizational devices.

Based on my experience with Microsoft Intune, most features are already implemented. However, Autopilot enrollment is not available for Mac devices yet, which would be a great addition if implemented.

Instead of using Win32 apps, having direct application support for MSI store and LOB apps would be beneficial. Currently, converting applications to Win32 format adds an extra layer of complexity. When problems occur with Win32 applications, it requires involvement from the application team. Having direct application support would simplify the deployment process.

I have used Microsoft Intune for almost three years.

We experienced downtime, but it originated from organizational issues rather than the cloud infrastructure of Microsoft Intune.

Microsoft Intune scales effectively with the growing needs of the organization.

The support is excellent for Indian organizations, with multiple levels of support teams. For critical cases, Microsoft engineers become directly involved to assist customers. In my previous role at Concentrix, we had two to three sessions weekly with the Microsoft team.

We had separate sessions for Windows, Android, Mac OS, application deployment, and enrollment. These sessions allowed us to discuss challenging cases and review logs with Microsoft engineers for solutions. When needed, direct engineer support from Microsoft was available.

I did not consider any other solutions before selecting Microsoft Intune.

With nine years of experience in technical terms and Microsoft products, I have compared Microsoft Intune with other MDM solutions such as Jamf, which is also good. SCCM is reportedly being discontinued. Microsoft Intune has high demand in the market, with many organizations purchasing this plan.

I recently joined Capgemini in a project role, transitioning from a support role. Microsoft Intune is a delivery mechanism for applications and configurations. In my technical support role, I handled app protection policy cases and Autopilot cases, troubleshooting various issues based on error messages.

On a scale of 1-10, I rate Microsoft Intune an 8 out of 10.

In our organization, we use Microsoft Intune for enrolling our end user devices. We handle enrollment and de-enrollment and BitLocker recovery. We manage conditional access policies, configuration profiles, MDM, MAM, and managed endpoint devices such as Android phones, iOS devices, and tablet devices. 

We use Copilot in Microsoft Intune as it is premium-based with licensing. In our organization, we have over 1000 licenses for our end users. If there is any requirement from our end users, we check their approval from their manager and provide Microsoft Copilot licenses. 

We also manage and protect our apps through Microsoft Intune and have protection tools such as DLP, Netscope, and Zscaler. We utilize monitoring features in Microsoft Intune through conditional access policy.

The best features in Microsoft Intune that I appreciate most are its centralized features. There is no concern about managing end user devices. We enroll the user devices through Microsoft Intune and can manage them from anywhere. For instance, if I am in India, I can manage a user device that is available in the USA, Dubai, or any other country. 

I assess the user experience of Microsoft Intune as a very positive experience from our user end because it is user-friendly and manageable, resulting in great reviews from our users.

We use advanced endpoint analytics, which is very useful and protective. That is the benefit of advanced analytics. We use Microsoft Enterprise features. The Enterprise Application Management feature is very useful because we simply configure through policy and do not need to worry about any disturbance or further monitoring. We check the monitor or report sheet, and everything works perfectly and smoothly.

We could benefit from some AI features in Microsoft Intune, and it would be helpful to have some automation features available.

For macOS devices, we use the Jamf portal. I understand that the Jamf portal and server are more secure than Microsoft Intune for macOS. It would be beneficial if there were ways to improve and make it more user-friendly for managing macOS devices.

I have approximately 1.5 years of experience managing and supporting Microsoft Intune.

I would rate it a ten out of ten for stability.

For scalability, I would rate it a nine out of ten.

We are using it at multiple locations. In India, we have about seven offices, and we have multiple offices in UAE and the USA.

Approximately, we have 10,000 users, but at my location, I manage and support about 1,000 users.

Their technical support deserves a rating of ten out of ten.

Positive

It's not complex. It's very user-friendly. It generally takes 24 to 48 hours.

It's a hybrid environment. We use the cloud and on-prem environments.

It doesn't require any maintenance from our side.

It's cheap. It's not expensive. 

As compared to other products, Microsoft Intune is more secure, reliable, and user-friendly. 

I would rate Microsoft Intune a ten out of ten.

We use Microsoft Intune for managing devices. We deploy our devices to users using Microsoft Intune Autopilot, which enables us to set up the device for the user and then ship it to them. When they log in, everything is there for them, including all the applications they need. We push applications through Microsoft Intune; for example, we install Zoom through it. 

We do not allow users to install their own apps. We use AppLocker, which prevents users from installing their apps. We can use remediation scripts. One script uninstalls Google Chrome if someone installs it because it hasn't been set up in AppLocker yet. If it were, AppLocker would prevent the user from installing Google Chrome. We use Microsoft Edge because it's easier to manage using Microsoft Intune and Microsoft Endpoint Manager. We can prevent users from installing extensions, which is beneficial because password and session token theft often occurs through malicious extensions. We can have a whitelist of extensions that users can install or push an extension to be installed using Microsoft Endpoint Manager. I'm using Microsoft Endpoint Manager and Microsoft Intune interchangeably here because they're practically the same product.

The best feature in Microsoft Intune is the ability to wipe a device if it gets lost or stolen. Even if the device goes offline, if you send the command to wipe the device and it appears online, you can still wipe it. If the device breaks or ruins the storage, it doesn't matter because the goal is to ensure they don't have the data. You can also keep the device locked to your tenant if desired. If someone steals the device and tries to install Windows again, it will display 'Welcome to X company' and they cannot proceed past that point.

Another notable feature of Microsoft Intune is application supersedence. For example, if we were using Microsoft Paint and we don't want it on the device but want another paint program, we can specify that Microsoft Paint will be superseded by this new application. It finds the application on the device, uninstalls it, and then installs the new application, providing two actions for the price of one.

Regarding the Enterprise Application Management feature for app discovery, deployment, and automatic updating, we utilize that functionality. We use advanced endpoint analytics with Microsoft Intune. Only one of the global admins needs the license, and the rest of the admins can manage without individual licenses.

I’m not sure if Microsoft can do anything to improve this situation. The most frustrating part for me is when we make changes to a device, particularly with our virtual machine setups and test users. These test users need an intern license, so we usually provide them with what the other users have, which is a business premium license—it's the best value for our needs. When we push an application, it’s usually manageable. However, when it comes to configuration changes, the waiting game can be tedious. Sometimes the change takes effect in just two minutes, but other times it can take up to two hours. It’s difficult to be patient while waiting to see if the change works. We could try restarting the Intune management service to prompt it to check for updates, but that’s hit or miss too. I really don’t know how the changes are pushed to devices—whether our changes go into a larger queue with others or not. What frustrates me the most is just waiting and tapping my fingers, uncertain about whether my changes will take effect. I honestly don’t know how they could improve this process, as I’m not familiar with the inner workings. But this delay is the most annoying part for me.

Sometimes, the menu system isn't very user-friendly. You'll find yourself digging through various sections, and the changes to the menu can be frustrating. For example, when you ask Copilot, "Where is this?" it might respond with a sequence of steps to follow, saying you need to go here, here, and then there. However, either Copilot is misunderstanding the situation, or the option has been moved, as it might no longer be where it used to be or it could have a different name. This is something that seems to change frequently. Microsoft tends to update things consistently; they do it with Windows and other products as well.

The most important thing is to stay patient while waiting for these changes to take effect. Additionally, not only do we need to wait for the changes, but we also need access to logs that detail what has changed. It's frustrating when you see the changes happening on the device, and maybe they fail, but then it takes twenty minutes to an hour for that information to be reflected in Intune. This delay hinders your ability to troubleshoot effectively. From Intune's perspective, while I can check the event logs to see why an application might not have installed, I'm more concerned about understanding why Intune itself failed. So, the two main issues are the time it takes for changes to be implemented and the time it takes to report on the effectiveness of those changes.

I have been using Microsoft Intune for approximately five years now.

There has only ever been one issue with Microsoft Intune, which they fixed quickly in less than a day. That issue concerned displaying incorrect access rights to users. It did not disrupt operations significantly; we simply couldn't test anything for a while.

It's a very scalable solution. You can have thousands of devices connected if you want. It allows you to manage numerous aspects effectively. This system has greatly benefited my company, as we were previously reliant on an inadequate VPN for connecting to our network infrastructure. Now, we have the flexibility to hire employees from places like Arizona and Washington, which wasn’t possible before due to the need for onsite presence. Using Intune has enabled our workforce to operate remotely. Since implementing this solution, our company has grown substantially, and our talent pool has significantly expanded. Although we only hire within the United States, we now have the ability to recruit from virtually anywhere in the country.

Our company has approximately 100 users working with Microsoft Intune, with a more complex setup due to our structure of five separate companies.

We contact our cloud service provider first, who escalates us to level two tech support if needed. Microsoft support can be very inconsistent, warranting a rating of seven out of ten.

Neutral

My last use of SCCM was about eight years ago. Microsoft Intune's interface is superior; SCCM appeared outdated at that time. While I cannot extensively comment on SCCM due to dated experience, Microsoft Intune remains a strong product despite its regularly changing interface.

Our deployment is entirely in the cloud. We used to operate on-premises, but I migrated everyone to use Entra ID instead of Active Directory on-site. I had to accomplish this while everyone was working remotely, which made the process more challenging since using Entra Connect or AD Connect was not feasible for many users. Currently, everyone is fully in the cloud. We do have an office, but people are rarely there. They only come in for meetings and such; most of the time, they are working remotely.

The deployment of Microsoft Intune is relatively straightforward to set up. It's more straightforward than SCCM, though SCCM lacks certain features that Microsoft Intune has, and vice versa. For beginners, completing Microsoft SC-900 provides a foundation, which is more oriented towards Entra. However, MS-900 might be more suitable as it focuses on the admin center.

For new companies implementing Microsoft Intune, setup can be quick with experienced personnel. Transitioning from on-premises to a hybrid solution depends on the number of users. It's crucial to ensure proper ID transfer and appropriate Entra licenses, particularly for write-back functionality. Without write-back enabled, users changing passwords outside the office might end up with two different passwords.

One essential step is onboarding computers to Microsoft Autopilot. A script pushed through Microsoft Intune can accomplish this, though it becomes more complex without automatic enrollment settings. Autopilot facilitates device building and shipping, ensuring everything is set up when users log in. For organizations with small footprints using Microsoft Office and minimal apps such as Zoom and SharePoint, the process is streamlined. When moving to the cloud, consideration must be given to migrating SharePoint from on-premises, for which Microsoft provides migration tools.

Maintenance involves running reports and managing stale devices. Setting up automatic removal of inactive devices helps maintain a healthy Microsoft Defender secure score. When reassigning devices, running an offboarding script ensures proper device management in Microsoft Defender.

Regarding return on investment, Microsoft Intune's value becomes apparent when comparing it to licensing costs of other management tools. Since it comes bundled with Microsoft Business Premium, it serves as a powerful tool that proved more valuable than initially anticipated. The overall ROI is positive, and the solution effectively meets our needs. Additionally, we can now deploy Global Secure Access, a VPN solution that protects remote workers and filters internet traffic, adding further value.

The pricing of Microsoft Intune rates around four or five out of ten. The cost structure varies based on requirements. We utilize licensing bundles such as Microsoft 365 Business Premium, which includes the Microsoft Intune license and provides good value. Microsoft Intune alone costs approximately $6 monthly, but considering its device management capabilities, application installation features, and Microsoft Autopilot deployment functionality, the price is reasonable.

The user experience has been good. There is some crossover with Microsoft Entra ID. You can access groups and users from Microsoft Endpoint Manager when onboarding a device. This can be set up using Microsoft Endpoint Manager. If someone receives a new device, they can sign in for work purposes, and if you are familiar with Microsoft Windows, they will have the option to choose whether the device is for home or work use. Once we see the device in Microsoft Endpoint Manager, we can begin assigning profiles and encrypting the drive, making it easier for us to remain compliant. We utilize the CIS framework for compliance, which provides guidelines on tasks such as drive encryption and ensuring all settings are appropriately configured.

Additionally, we implement conditional access policies. For instance, if someone is outside the United States, we can require them to re-authenticate using Microsoft Authenticator for security verification. This measure ensures that if an unauthorized person managed to steal someone’s MFA token and attempted to sign in from outside the country, they would be prompted to complete another MFA session, which adds an extra layer of protection. Furthermore, we can restrict actions on mobile devices. For example, we can prevent users from copying and pasting content from Word documents into applications like Apple Notes. This feature is particularly useful for maintaining security.

If you are a Microsoft shop, these processes streamline operations significantly. However, for larger enterprises, costs may escalate. In such cases, it would be necessary to contact Microsoft to establish a suitable arrangement, similar to agreements made with Microsoft Azure for their resources. For small to medium-sized businesses, getting set up with these systems is straightforward and can assist in achieving compliance. It's important to note that this information pertains to Microsoft Purview and is distinct from Intune, which I will not discuss further.

We do use Copilot, but we have it turned off for email due to a current exploit. There are hidden Copilot commands that can pull data from sources a user might have access to and then email it to someone else, which is why it's disabled for mail. We only have a handful of licenses, and they are primarily for people who have limited time during the day and receive a lot of emails. It's a time-saving feature for them. Sometimes, they use it to write scripts quickly, like in PowerShell, which I then review to understand what it does. You can trust it, but you should always verify its output. Copilot is also helpful for creating a basic outline for documents, such as policies, where you can simply fill in the blanks. However, the pricing is not great. Additionally, you are locked into a one-year subscription with no month-to-month option. The cost is around $360 a year per person, which adds up quickly, so you have to be sure the person really wants it. Consider purchasing one license first to let someone try it out. If they find it beneficial, they can keep it, and we can buy additional licenses for others who express interest. Currently, we have very limited licenses due to the high cost. If they were half the price, I believe everyone would have access to it.

For those implementing Microsoft Intune, if you plan to have remote workers, consider whether you want to provide them with actual physical devices or if you can offer cloud PCs instead. Cloud PCs can be managed through Intune, and anyone with access to a Chrome-based web browser can use a desktop from anywhere with an internet connection. This approach also helps you avoid issues with retrieving physical devices from users, as they are not legally obligated to return them, potentially leading to a loss of significant investment.

Additionally, there are compliance issues to consider when providing devices. For instance, if you give a physical device to a contractor, they may be legally considered your employee under laws in certain states, such as California. Therefore, think carefully about your deployment strategy. Decide whether you'll be using physical devices, which may require more effort to manage, or cloud PCs, which might save you headaches in the long run. You also need to be proficient in PowerShell, as you may have to write remediation scripts. If you're not comfortable with PowerShell and prefer a simpler solution, be aware that there may not be many alternatives. This also aligns well with Microsoft Windows.

If you prefer to use Apple products, keep in mind that you can't just purchase a MacBook from a store. You'll need an Apple business account to obtain a certificate required for managing the device through Microsoft Intune. This rule applies to iPhones and iPads as well. In contrast, with Android devices, you don’t have these management restrictions. So, before making any decisions, consider your deployment strategy and the existing device ecosystem you have in place. I'm not familiar with using SCCM or other management tools, but be sure that with Microsoft Intune, simply buying a MacBook will not allow you to manage it without following the necessary procedures.

I would rate Microsoft Intune overall as an eight out of ten.

Its price is reasonable. It is a part of our M365 suite.

I have not been satisfied with it, and I am planning to change it soon. There are a lot of updates coming from Microsoft that suddenly affect our security policies. With each update, a new feature is introduced. However, there's often no clear advice regarding these changes. If we encounter a problem, we have to rely on the Microsoft Community to discover that a new feature has impacted our security policy, at which point we need to make adjustments. That's why I plan to position our operations around an agnostic tool.

Overall, Intune is quite complex, especially if you have conditional access associated.

They can cover Apple iOS in the future to enhance its functionality.

I have been working with Microsoft Intune for more than 5 years.

The kind of issues I face include a lot of updates coming from Microsoft that all of a sudden affect our security policies.

Technical support by Microsoft is okay.

Neutral

We are not using Microsoft Intune for patch management. We are looking into Kaseya. I am satisfied with Kaseya, which is why I would like to further evaluate standardizing Kaseya across the organization. I don't want to utilize Microsoft Intune because I prefer an agnostic solution rather than one that is heavily reliant on a specific brand.

Its deployment was neither easy nor difficult.

I don't have any problem as far as cost is concerned. It is bundled with our license. 

I would rate Microsoft Intune a seven out of ten.