Microsoft Intune Reviews

You can use Intune to manage devices for any size project, from a small business to an enterprise-level project. You can manage hundreds of thousands of devices. Intune can manage on-prem and cloud services. We are working with large enterprises mostly.

Intune encompasses all devices, applications, and policies that can be deployed within an organization through a single portal. In the event of an outage, it simplifies the management and resolution of issues or policy adjustments. It allows for the management of security profiles, applications, and devices from one portal across any operating system platform.

Consolidating everything in one location enhances the efficiency and productivity of IT administrators. Since adopting Intune, our IT team's productivity has increased by 20 to 30 percent. Additionally, the integration of Copilot has further improved our efficiency by 5 to 10 percent.

However, there are exceptions. Certain applications cannot be deployed easily via Intune. Win32 deployment is necessary for these, which can be challenging as it demands extensive testing to release a custom package from Intune. More innovation is needed to deploy custom applications, which would greatly benefit us. For most enterprise scenarios, application deployment is relatively straightforward.

Hybrid environments call for innovation, particularly with hybrid enrollments using GPO. While most autopilot hybrid scenarios and co-management run smoothly, I have encountered issues with hybrid GPO enrollments due to their complexity.

Intune is a leading secure solution in the Indian market. It allows the creation of any conceivable security policy. With the addition of Purview and DLP modules and integration with Microsoft Defender for Endpoint, security has never been a concern, and our security posture is nearly impeccable.

Intune has also facilitated vendor consolidation. It is our primary recommendation for an MDM solution because it offers the productivity and features that would otherwise require integration of multiple solutions from other vendors. The industry is now transitioning from on-premises Intune to cloud-based management.

Intune enables the deployment of any security solution. Although it does not integrate, it allows for the deployment of a wide range of security measures.

I appreciate how Intune consolidates everything in one location. For instance, it allows the setup of conditional access for applications and devices directly within Intune. The segregation feature within Intune devices is also beneficial. Devices can be categorized by Windows, iOS, iPadOS, macOS, and Android, and sorted by platform, eliminating the need to navigate the devices section.

The app management feature has seen significant improvements. Initially, navigating the app section was quite challenging, but now, all my concerns have been addressed. It's possible to deploy or manage any application, with reports and app-protection policies accessible in the same section, which is quite convenient.

I would rate the user experience at nine out of 10. Having utilized various MDM solutions from Microsoft, Cisco, and VMware, I find Intune to be superior. We employ Microsoft Defender for Endpoint and DLP policies in Purview, along with multiple security policies such as baselines and BitLocker for encryption. This integration simplifies the administration of security features from other tools in one place.

The most sophisticated analytics we've utilized are group policy analytics. As a consultant, I often handle multiple migrations, primarily from on-premises to the cloud. Group policy analytics are particularly useful in these scenarios as we migrate on-premises policies. If Intune lacks support, we must either start anew or seek alternatives.

Copilot is beneficial as it supports various CSPs or policies. Despite extensive use, one cannot be fully versed in everything about Intune. Whenever there's confusion, Copilot is a valuable resource to clarify and ensure the feasibility of creations within Intune. Copilot assists in profile creation and assignment considerations.

My perspective on tools like Copilot is that they are artificial; the intelligence aspect is still emerging in the AI industry. Nevertheless, Copilot is a well-maintained and informed tool.

Microsoft currently restricts deployment to PowerShell or XML scripts, so it would be beneficial to support additional scripts such as command scripts, C languages, or TypeScript to enhance systematic compliance.

While the UI has been updated, it could be made more accessible. Navigating to a specific section in Intune requires multiple clicks through different areas before arriving at the intended destination, indicating the UI could benefit from further improvement.

The process of application discovery and deployment is relatively seamless. Nonetheless, there is room for enhancement in the reporting aspect. Intune still lacks comprehensive reports, and notably, its failure reporting does not succinctly communicate the full extent of an error.

I have used Intune for more than six and a half years. 

I rate Intune 10 out of 10 for stability.

With Linux and Chrome OS now supported, the scalability has reached 100 percent. Every device or endpoint operating on our OS can be enrolled in Intune. 

I would rate Microsoft support as four out of ten. Support is an area where Microsoft could significantly improve. I had an issue with Microsoft Azure recently, and after raising a ticket, it took two and a half weeks to receive a response. There is a need for enhanced support across all their product offerings.

Neutral

We have utilized Cisco Meraki, VMware Workspace ONE, and Jamf for managing Apple devices. However, Intune stands out among these options because it overcomes application deployment limitations that others have. While some support only Apple or Windows devices, Intune excels in compatibility, supporting Android as well. Moreover, Intune can implement more security policies than any other MDM solution available.

Hybrid enrollment is typically complex, yet cloud autopilot simplifies the process considerably. It's possible for anyone to grasp cloud deployment within five to ten minutes. While the most intricate enrollments, involving thousands of devices, may take two to three weeks, a cloud-based deployment can be accomplished in approximately one week.

This was completely in-house.

Intune is considered moderately priced. It is available as part of a bundle with Microsoft 365 E3 or E5 licenses. While the E5 licenses are somewhat costly, Intune offers some more affordable solutions.

Yes, we evaluated Cisco Meraki and VMware workspace One.

I give Microsoft Intune a rating of nine out of ten. Intune stands out as one of the top solutions in the market, and its capabilities are expanding with the integration of cloud PCs, Chrome OS, and Linux systems. For any large enterprise, I endorse both Intune and Defender.

The recent CrowdStrike outage, which is the largest in IT history, affected only systems without Microsoft Defender but with CrowdStrike. This incident underscores the importance for enterprises to transition towards deploying Intune and Defender for enhanced security.

Public Cloud

Microsoft Azure

We are mainly using Microsoft Intune for the security of people who are working from home. It is being used for BYOD.

We enforce and push policies and enforce security requirements through Microsoft Intune. We also use it for deploying applications and monitoring the devices remotely.

Microsoft Intune has simplified our mobile application management a lot. Managing devices that are in users' homes is very tough without Microsoft Intune. Remote management is very easy because of Microsoft Intune.

For maintaining our device security, the best feature is that it works with Azure Active Directory Premium One license. There is conditional access, which is something very unique, so if a machine is compliant and Microsoft Intune is installed on it, only then users can access our Office 365 data. It is not just a feature of Microsoft Intune but also of AD P1.

Microsoft Intune brings all of our endpoint and security management tools into one place. It has made our IT and security operations easy. With a single console, we can manage our devices.

Microsoft Intune provides full endpoint visibility and IT control across device platforms.

Microsoft Intune is simple, and it does not interfere at all with users. Users do not even know that Microsoft Intune is installed on the machine.

Application deployment through Microsoft Intune has affected the IT productivity in our organization. Previously, our IT department used to take remote control of the machine using some software. They used to manually do the installation, whereas now, they can simultaneously push an application on all the machines through Microsoft Intune. That saves us a lot of time and manpower.

Microsoft Intune has been helpful for securing hybrid work and protecting data on company and BYO devices. We have deployed BitLocker policies through Microsoft Intune to ensure that the data is encrypted on those devices. We have also disabled USB pen drives and other things on remote machines.

Microsoft Intune has improved our IT productivity a lot because we have remote users. If our users were local, it would not help much, but because we have remote users across the country, it helps a lot.

The improvement in IT productivity has also saved us costs. Previously, we needed more people to do the installations, remote monitoring, and all that, whereas now, with the single console of Microsoft Intune, all these tasks are much easier. A single person can manage hundreds of computers. We need three people less now.

Microsoft Intune has helped to reduce the risk of security breaches in our organization.

Microsoft Intune has helped us to consolidate vendors. With Microsoft Intune, security management is there and mobile device management is also there. Both these things could have been from a different vendor.

Microsoft Intune integrates well with other Microsoft products. It works well with other Microsoft products. There is a seamless integration.

Being able to manage the devices remotely is most valuable. We can push security requirements through Microsoft Intune. We previously used to do this through group policy for Active Directory, and now, we use Microsoft Intune for managing devices. This is the best thing about Microsoft Intune.

Apart from Microsoft Windows, we can do remote device management of Android and iOS devices. We can enforce security policies for Android and iOS devices.

The user interface of Microsoft Intune is good. It is easy to use.

Cost is the biggest factor for us right now. Microsoft Intune and AD P1 together in a bundle is a good thing to have, but it is very costly compared to other products in the market. Otherwise, Microsoft Intune is the best.

Their support can also be better.

I have been using Microsoft Intune for the last two years.

It is very stable. I have not had any issues. I would rate it a 9 out of 10 for stability.

It is definitely scalable. I would rate it a 9 out of 10 for scalability.

Their response time is poor, and the resolution capability is not good. Even after having a call with their customer care, there is a 50/50 chance of them solving the problem.

I would rate their support a 6 out of 10.

Neutral

We did not buy any similar solution previously.

For some customers, it is a hybrid deployment, and for some customers, it is a pure cloud deployment. Our customers are medium and large enterprises. They are not small businesses.

Its deployment is of medium complexity. If it is a hybrid environment, it is fairly complex. If it is a pure cloud environment, it is easy.

The deployment duration depends on the number of users we have or the number of computers we have. For a setup with 100 users or 100 computers, it takes about two weeks. It may require some troubleshooting and tweaking.

One person is required for its deployment.

It does not require much maintenance from our side. It is normally always up to date. Once it is set, we do not need to touch it.

I recently got to know that the AD P1 license is compulsory to use Intune Autopilot, which was surprising for me. Earlier, this was not the case. It is the wrong thing to do. We now need to purchase AD P1 licenses for us and for our customers. I would rate it a 7 out of 10 for pricing.

We evaluated a few solutions.

I would recommend Microsoft Intune to others. If somebody has a Microsoft environment, Microsoft Intune is definitely the best solution for managing people who are working from home or remotely. 

It is improving day by day. New features are coming up.

I would rate Microsoft Intune a 7 out of 10.

Microsoft Intune is used mainly for employee environments where we deploy patches, apply hardening on assets, and ensure compliance of assets with the internal compliance baseline.

The compliance view is interesting, and the facility to keep Microsoft Windows and the rest of the suite up-to-date without having any third-party software is definitely valuable. Microsoft Intune is integrated for Windows updates and related functions.

The main value of Microsoft Intune is better asset management from a security perspective, ensuring that the security baseline is enforced on all devices, including mobile devices. It allows us to avoid manually deploying and checking the security baseline on new assets as it's enforced by Microsoft Intune by design.

Software or patch management solutions must be complemented with something beyond Microsoft Intune because it doesn't upgrade or manage a list of integrated packages and lacks the capacity to upgrade all kinds of software on computers. Improvement can be made by better integration with the full landscape of software lifecycle management on assets, rather than requiring a third party that connects to Microsoft Intune for deployment.

In terms of deployment experience in the company, I have been deploying it for approximately five or six years, though I haven't been involved in administration.

The stability is very good.

The scalability is very good, and we don't have any issues with it.

The support is good, rating approximately eight or nine out of ten.

The cost depends on the package with Microsoft, but with the premium package, it's good. With the E5 license I've implemented in the past, it's all-inclusive.

We don't use Copilot in Microsoft Intune. We are globally a Microsoft shop, so it's the key software we use for security, deployment, and related functions. I rate Microsoft Intune 8 out of 10.

Public Cloud

Other

We use Microsoft Intune for both application management and deployment for new users. Applications are packaged within Intune and then deployed to the end user's machines or devices, specifically targeting designated user groups.

Intune allows us to manage all our devices from one location.

The ability to manage all our devices from a single platform has significantly enhanced our security and IT operations. Previously, we relied on multiple applications, such as Ivanti and SCCM, to manage devices and security.

Intune is easier to use than SCCM. As a SaaS application, its services are GUI-based, simplifying its overall complexity.

We use Intune's advanced endpoint analytics to report the number of compliant devices, apply remediation, see the reasons for non-compliance, and track the number of BYOD devices. We can integrate third-party tools like ServiceNow if we need reporting or analytics that are unavailable through Intune.

Copilot's integration with our teams and Outlook has streamlined our workflow. It simplifies tasks like drafting emails and creating Word documents or PowerPoint presentations by providing helpful suggestions. Additionally, Copilot's independent profile allows us to reference documents from our OneDrive and seamlessly incorporate them into our emails. We can even leverage Copilot to reference Intune and integrate it into our various cloud data. Although Copilot is still in its early stages, its potential is evident. As we continue to use it, it will gather more data and refine its capabilities, offering even more features and benefits to end-users. Currently, we primarily use Copilot for drafting emails, creating presentations, and similar tasks, but its future applications are promising.

Intune helps protect data on both corporate-owned and BYOD devices in hybrid work environments. Devices can be registered through the company portal, and Intune can restrict their access to local storage, preventing unauthorized data downloads.

The endpoint privilege management feature helps restrict users' access. For instance, if they are accessing Outlook, they should not be able to access their local drives, preventing them from uploading or downloading anything from their corporate email. This feature enables those types of security settings.

Intune has significantly improved our productivity. Thanks to Intune and Autopilot, tasks that previously required four to five hours of IT effort can now be completed in just one hour. This translates to a 75 percent increase in IT productivity.

Intune has significantly reduced costs from a resource perspective. Thanks to Autopilot, scripting, and automation within Intune, a junior person can now complete tasks that previously required two engineers. This efficiency has resulted in a 50 percent cost reduction.

Intune has allowed us to consolidate other tools, such as SCCM and Jamf, reducing the need for additional licenses.  

The automatic patch management feature in the Intune Suite is helpful.

Intune has all the features enabled for Windows devices but needs to be improved on iOS and Apple devices. 

I have been using Microsoft Intune for one and a half years.

The response time from technical support has increased over time. Contacting their support remains straightforward, but while we used to receive a response within one hour, it now takes three to four hours for a Microsoft engineer to respond. The quality of their response has stayed the same.

Positive

Before implementing Intune, we used SCCM. We switched to Intune because of their advancements. We still use SCCM exclusively for server-related deployments, managing server-related applications, and patching. Everything for end-user devices has been moved to Intune. As for other similar tools, Jamf, which we used for iOS device management, can now be retired or decommissioned from our infrastructure since we can also manage iOS devices through Intune.

The deployment of Intune is straightforward, as it's a SaaS-based application. We set up our Intune connector and Azure Active Directory or the Azure AD Connect server to synchronize objects to Azure. Once that's done, we can manage our devices through Intune.

I rate Microsoft Intune nine out of ten.

The integration of Intune Suite with Microsoft 365 and Microsoft Security is included in our E5 license, providing us with the Intune license at no additional cost. This eliminates the need to purchase a separate Intune license, saving us money and streamlining our licensing.

Public Cloud

Microsoft Azure

Before working with Microsoft Intune, I was not using another solution for the same needs. I decided to give it a try with Microsoft Intune because it provides me with the ability to manage devices properly.

I have been using the Enterprise Application Management feature of Microsoft Intune, which enhances abilities when it comes to app discovery, deployment, and automatic updating.

They should improve Microsoft Intune to make this tool better and simpler. Less development and moving things around would be beneficial. There may be room for improvement on the feature side, particularly with some integrations.

I have been using Microsoft Intune for six months.

I assess the stability of the product as low. I have faced downtime crashes and performance issues with Microsoft Intune.

Microsoft Intune is adequately scalable for thousands of users in my environment.

I have not contacted tech support yet.

I was not using another solution before Microsoft Intune. I decided to implement it because it provides me with the ability to manage devices properly.

Microsoft Intune has reasonable costs for me.

I am currently using Sophos MDR.

My user experience with Microsoft Intune is acceptable, though it can be irritating at times. It still accomplishes its intended purpose.

My total rating for Microsoft Intune is seven out of ten.

Public Cloud

Microsoft Azure

A subset of our staff works remotely. We ship laptops directly to them from our vendor, and they complete the setup process using Microsoft Intune. This process has been working seamlessly.

Microsoft Intune has been a time saver and reduces the time and effort IT admins have to invest.

The user experience with Intune has generally improved since the retirement of the old Silverlight-based legacy portal.

Microsoft Intune's Autopilot has been nice to have. It provides a cloud deployment process where we don't even have to touch the equipment—it arrives provisioned and ready to go.

Historically, Group Policy has simplified the management of various items, such as printer and drive mappings and while Intune offers workarounds, it lacks native support for these functionalities. This is an area I believe needs improvement.

I have been using Microsoft Intune for about five years.

It is nice that we don't have to manage any local on-prem servers. Intune just runs itself.

It's nice that we can provision a bunch of equipment almost immediately without any hands-on involvement.

Microsoft support has significantly improved since we obtained the Enterprise Agreement. Previously, the support we received was not as satisfactory.

Neutral

We previously used SCCM to manage our devices but switched to Microsoft Intune to simplify cloud management when we transitioned to a remote workforce during the pandemic. We are pleased with the transition to Intune.

The initial deployment went smoothly thanks to our Microsoft Enterprise Agreement, which provided access to support and Software Assurance Training hours. The documentation was clear, concise, and easy to implement.

We implemented Microsoft Intune in-house.

Microsoft Intune's Autopatch feature has significantly reduced the time and effort required by IT administrators, resulting in a positive return on investment by streamlining patching processes and increasing efficiency.

Intune is included with our F3 and E5 licenses. However, some suite features should be accessible without additional cost, a sentiment widely echoed online.

We evaluated several solutions, including ManageEngine and Meraki, before ultimately selecting Intune, which was conveniently included in our existing licensing agreement.

There were some aspects that were easier in some of the competitive solutions, but we would have had to pay extra. It wasn't included, so we decided to go with Intune. And overall, as the years progressed, Intune improved some of that functionality.

I would rate Microsoft Intune an eight out of ten for scalability.

Public Cloud

Microsoft Azure

Our company has consistently used Microsoft products. As the mobile device administrator, I oversaw the transition from Workspace ONE to Microsoft Intune. This decision stemmed from a desire to reduce licensing costs by leveraging existing Microsoft licenses held by all employees, ultimately leading to significant financial savings.

Intune consolidates endpoint and security management tools into a single platform. This centralized approach allows for specialized roles while maintaining a shared understanding of the complete security solution.

Intune's overall user experience is good.

Intune's most valuable feature is its centralized management capability.

The enterprise application management system for mobile devices is effective for app discovery, deployment, and automatic updates. The automatic update feature functions well, eliminating the need for manual updates and individual prompts, which is convenient for both administrators and users.

Intune has made things easier for us because we are using Autopilot to build our laptops.

We've saved a lot of money by moving from Workspace ONE to Microsoft Intune for mobiles.

I've recently started using Microsoft Intune, specifically its mobile device management features. While both Intune and Workspace ONE offer similar functionality, I've noticed that Workspace ONE operates in real-time, whereas Intune has a noticeable delay when deploying policies or apps. The time we have to wait to deploy policies has room for improvement.

People using Intune for Windows deployment, etcetera, can get annoyed because of the Windows updates.

I have been using Microsoft Intune for three months because we've just moved over.

From a mobile perspective, Microsoft Intune has been stable.

From a mobile perspective, Microsoft Intune is easily scalable.

I have contacted technical support only once, and it was very helpful.

Positive

We used VMware Workspace ONE previously. The decision to switch and save on costs was made by the higher-ups.

I would rate Microsoft Intune nine out of ten.

I would definitely recommend Intune to a colleague. It provides a centralized platform for managing various devices, including laptops, desktops, and mobile devices, and seamlessly integrates with other Microsoft solutions like Azure and Active Directory.

We have a team that continuously works on solutions to make workflows smooth, like building laptops and ensuring deployments work smoothly.

Microsoft Intune is deployed across various departments and locations within our local government council. We have different physical sites and departments, and Intune is managed and implemented at the departmental level.

Our team is continuously developing solutions to streamline the laptop production workflow, including assembly, traffic management, and deployment. We also have a separate team dedicated to ensuring the process runs smoothly.

Hybrid Cloud

Microsoft Azure

We are using Microsoft Intune for mobile device management (MDM) to provide context-aware access to the users. Mobile device management is what we predominantly use Microsoft Intune for.

Initially, the scope of Microsoft Intune was not too good because it could only manage certain endpoints such as laptops, desktops, and mobile devices. We initially had a problem with the servers, but they started supporting servers in the last three or four years, so now, it is good. It manages virtual machines and servers, both on-premises and in the cloud. It has improved and is still improving in a lot of areas. 

It provides group policies that we had in the early days of Active Directory. That is good when it comes to applying the policies to endpoints and servers from Microsoft Intune. Initially, we did not have all group policy settings inside Microsoft Intune, whereas now, we have patching and the ability to push the policies for antiviruses, etc. We can also handle mobile device management policies. Everything can be done via a single console. It is easily manageable, and we can have a single administrator to manage all the policies. We can have one or two administrators for backup. Traditionally, we had multiple administrators for each and every console. When you are a big Microsoft shop, it is easy to manage everything.

Microsoft Intune is good for a hybrid workplace. The conditional access policy is one thing that we can use for devices. For example, we can allow access to critical data only from corporate devices and not from personal devices even if someone is using the company account. We can go even more granular where someone can access the data but cannot download it to his or her personal device. Microsoft Intune is good for handling BYO devices.

It has had a good effect on our organization's attack surface. I would rate it an eight out of ten for that. We can implement rules for attack surface reduction. That is possible when devices are managed by Microsoft Intune. 

The IT productivity in our organization is far better. I would rate it nine out of ten for that.

Mobile device management is good. I am easily able to manage devices and assets, especially laptops and desktops. 

An important feature in Microsoft Intune is the Conditional Access policy, where I can provide specific access to a specific user based on geolocations, and there are multiple options inside it. Conditional Access is its best feature.

Its user experience is very good. I would rate it a nine out of ten for that.

For Windows machines, all the features are available within Microsoft Intune, but when it comes to Mac machines, it is still improving. It is not as good as Jamf. When it comes to customizable policies and other things in Mac machines, it is a little bit difficult. It is not as good as Jamf, but for Windows, Microsoft Intune is good if you have a good budget.

Its integration with Mac and Linux devices can be better. They should provide more features similar to Windows. We should be able to manage policies within Linux and Mac machines. If we can have more granular controls for these two operating systems, it will be really helpful. That is one area where they can improve.

When it comes to automatic updates, none of the vendors are doing it so well. The expectation right now is to have everything automated and automatically upgraded to the latest version of the software. The discovery capability of Intune is good because it is Microsoft. They can do discoveries based on their internal commands and other things and pull all the information into Intune. That is easy, but doing the upgrade of third-party software is a little difficult. It is evolving, but we cannot do the upgrades of all third-party applications. A financial or banking organization allows a limited set of applications to be used. For them, Microsoft Intune is better because when you have only 15 to 20 applications, you can easily upgrade them through an automated platform like this.

It is not similar to any of the PAM solutions. It is still in the starting phase. Other PAM solutions, such as CyberArk, can do remote session management. They can handle vaulting and other things. When it comes to EPM within Microsoft Intune, I do not know whether they are planning to go with the PAM or Privileged Access Management platform, but with the current solution, we can do user account management. We can do password rotations. We can add a new user, remove a user, and provide access to a particular resource for a user. All these steps are manageable and possible, but for Privileged Session Management and Access Management, it still needs improvement.

It is very important that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices. The integration with the M365 platform, especially with Microsoft Defender for Cloud, Cloud Apps, and Endpoints, plays a big role. Intune can discover and find out the devices. The integration is still happening. It is not yet over. There is room for improvement.

I have been using Microsoft Intune for about seven years. I have been a customer for four years and then became a partner because I joined a new organization. This new organization is a partner of Microsoft. I have been with this organization for three years.

If there are any issues with Microsoft Azure Cloud, we may have issues or downtime, but they are rare. It is 99.99% available. Only if Microsoft Azure Cloud goes down, we have a problem. Otherwise, it is okay.

There are no issues with scalability because it is a cloud solution. It is automatically scalable.

If you are paying for support, you get good support. If you are not paying for support, you do not get support.

Technical support can be a bit of a problem when it comes to costs. They have a professional service and a normal service. With the normal service, it is difficult to find out answers from them because they are not experts. We only get experts with the professional service, so if we pay, we get support. This is something difficult for a small organization because they cannot always pay for support for every issue.

When you give a product, you should always provide good support. If you do not have technical people, what is the purpose of having a support team? It is useless. They should have at least one or two people who can technically help an organization.

We use different tools. We use Jamf for Mac and Ansible for Linux machines. We have not yet fully switched to Microsoft Intune for Mac and Linux. Very few Mac machines are with Microsoft Intune. Most of our Mac machines are still with Jamf.

Companies that are using Microsoft products go for Microsoft Intune. However, when people have more Linux or Mac machines, they do not choose Microsoft Intune for their organization. We recommend a solution only after knowing the expectations and use cases of a client. Small companies do not prefer Intune because they can have JumpCloud. Small companies with less than 500 users can also go for Google Workspace. For companies that already have a Microsoft license such as E5 or O365, going for Microsoft Intune makes sense.

Microsoft Intune improves the security posture, but because of the budget and other constraints, organizations can start looking at other vendors.

It is not complex when it comes to Windows machines. It is straightforward, but when it comes to the other operating systems, it is complex. It is not easy.

The number of people involved depends on the users. If you have 1,000 devices, for Windows machines, you do not need more than three or four people. However, for 1,000 Linux or Mac machines, you would need a ten-member team.

The maintenance is easy. You do not need extra people to manage Microsoft Intune because it is a cloud service.

I am using E5 security and compliance. It has all the Intune options and security and compliance subscriptions, so I use the full suite of Intune except the EPM module. We have not yet started using the Endpoint Privilege Management module. It is a small add-on that we have to use. Other than that, we are using everything.

There are other tools that give a similar approach but are not as good as Microsoft Intune. In terms of cost, it is more expensive than other tools like JumpCloud, Google Workspace, etc. There are multiple tools like this. Only if you are a Microsoft shop, I would recommend going for Intune. Otherwise, use some other tool and manage the organization.

Its licensing model is not complex, but it is very expensive compared to other solutions. They can bring more models and reduce the pricing. They should allow customers to select the features they want and price it accordingly. That would be a better option because not every organization needs conditional access or an antivirus solution. Some organizations that use Intune might use CrowdStrike, so they do not need Intune policies for antivirus. It would be better if they could bring more plans.

I would advise to not look at the cost first. Instead of the cost, look at the features and then list down the use cases for your organization, and then go for the consolidation of the tools. Microsoft Intune can give you a lot of features, but whether it is suitable for your organization or not is the main question. List down the use cases and then assess Microsoft Intune because it can give a lot of features that you do not want, but you cannot omit them while buying it.

We are not using Advanced Endpoint Analytics because we have Sentinel and Chronicle SIEMs in our organization. We also use SDR platforms, so we are not using Microsoft Intune for any of the analytics. We are also not using Microsoft Intune Suite's Cloud PKI.

We started using Microsoft Copilot for a small organization. It has only been two months. We are building the use cases for that organization. They have purchased the licenses, but we are building the solution design and use cases for that particular organization. They want to automate most of the things, identify the non-compliant devices, and automate whatever they find non-compliant. Our aim is to identify non-compliant devices, do some automation, and block them from accessing any of the critical data inside the organization, but we do not know if Microsoft Copilot can do that.

Overall, I would rate Microsoft Intune a nine out of ten.