Microsoft Intune Reviews

You can use Intune to manage devices for any size project, from a small business to an enterprise-level project. You can manage hundreds of thousands of devices. Intune can manage on-prem and cloud services. We are working with large enterprises mostly.

Intune encompasses all devices, applications, and policies that can be deployed within an organization through a single portal. In the event of an outage, it simplifies the management and resolution of issues or policy adjustments. It allows for the management of security profiles, applications, and devices from one portal across any operating system platform.

Consolidating everything in one location enhances the efficiency and productivity of IT administrators. Since adopting Intune, our IT team's productivity has increased by 20 to 30 percent. Additionally, the integration of Copilot has further improved our efficiency by 5 to 10 percent.

However, there are exceptions. Certain applications cannot be deployed easily via Intune. Win32 deployment is necessary for these, which can be challenging as it demands extensive testing to release a custom package from Intune. More innovation is needed to deploy custom applications, which would greatly benefit us. For most enterprise scenarios, application deployment is relatively straightforward.

Hybrid environments call for innovation, particularly with hybrid enrollments using GPO. While most autopilot hybrid scenarios and co-management run smoothly, I have encountered issues with hybrid GPO enrollments due to their complexity.

Intune is a leading secure solution in the Indian market. It allows the creation of any conceivable security policy. With the addition of Purview and DLP modules and integration with Microsoft Defender for Endpoint, security has never been a concern, and our security posture is nearly impeccable.

Intune has also facilitated vendor consolidation. It is our primary recommendation for an MDM solution because it offers the productivity and features that would otherwise require integration of multiple solutions from other vendors. The industry is now transitioning from on-premises Intune to cloud-based management.

Intune enables the deployment of any security solution. Although it does not integrate, it allows for the deployment of a wide range of security measures.

I appreciate how Intune consolidates everything in one location. For instance, it allows the setup of conditional access for applications and devices directly within Intune. The segregation feature within Intune devices is also beneficial. Devices can be categorized by Windows, iOS, iPadOS, macOS, and Android, and sorted by platform, eliminating the need to navigate the devices section.

The app management feature has seen significant improvements. Initially, navigating the app section was quite challenging, but now, all my concerns have been addressed. It's possible to deploy or manage any application, with reports and app-protection policies accessible in the same section, which is quite convenient.

I would rate the user experience at nine out of 10. Having utilized various MDM solutions from Microsoft, Cisco, and VMware, I find Intune to be superior. We employ Microsoft Defender for Endpoint and DLP policies in Purview, along with multiple security policies such as baselines and BitLocker for encryption. This integration simplifies the administration of security features from other tools in one place.

The most sophisticated analytics we've utilized are group policy analytics. As a consultant, I often handle multiple migrations, primarily from on-premises to the cloud. Group policy analytics are particularly useful in these scenarios as we migrate on-premises policies. If Intune lacks support, we must either start anew or seek alternatives.

Copilot is beneficial as it supports various CSPs or policies. Despite extensive use, one cannot be fully versed in everything about Intune. Whenever there's confusion, Copilot is a valuable resource to clarify and ensure the feasibility of creations within Intune. Copilot assists in profile creation and assignment considerations.

My perspective on tools like Copilot is that they are artificial; the intelligence aspect is still emerging in the AI industry. Nevertheless, Copilot is a well-maintained and informed tool.

Microsoft currently restricts deployment to PowerShell or XML scripts, so it would be beneficial to support additional scripts such as command scripts, C languages, or TypeScript to enhance systematic compliance.

While the UI has been updated, it could be made more accessible. Navigating to a specific section in Intune requires multiple clicks through different areas before arriving at the intended destination, indicating the UI could benefit from further improvement.

The process of application discovery and deployment is relatively seamless. Nonetheless, there is room for enhancement in the reporting aspect. Intune still lacks comprehensive reports, and notably, its failure reporting does not succinctly communicate the full extent of an error.

I have used Intune for more than six and a half years. 

I rate Intune 10 out of 10 for stability.

With Linux and Chrome OS now supported, the scalability has reached 100 percent. Every device or endpoint operating on our OS can be enrolled in Intune. 

I would rate Microsoft support as four out of ten. Support is an area where Microsoft could significantly improve. I had an issue with Microsoft Azure recently, and after raising a ticket, it took two and a half weeks to receive a response. There is a need for enhanced support across all their product offerings.

Neutral

We have utilized Cisco Meraki, VMware Workspace ONE, and Jamf for managing Apple devices. However, Intune stands out among these options because it overcomes application deployment limitations that others have. While some support only Apple or Windows devices, Intune excels in compatibility, supporting Android as well. Moreover, Intune can implement more security policies than any other MDM solution available.

Hybrid enrollment is typically complex, yet cloud autopilot simplifies the process considerably. It's possible for anyone to grasp cloud deployment within five to ten minutes. While the most intricate enrollments, involving thousands of devices, may take two to three weeks, a cloud-based deployment can be accomplished in approximately one week.

This was completely in-house.

Intune is considered moderately priced. It is available as part of a bundle with Microsoft 365 E3 or E5 licenses. While the E5 licenses are somewhat costly, Intune offers some more affordable solutions.

Yes, we evaluated Cisco Meraki and VMware workspace One.

I give Microsoft Intune a rating of nine out of ten. Intune stands out as one of the top solutions in the market, and its capabilities are expanding with the integration of cloud PCs, Chrome OS, and Linux systems. For any large enterprise, I endorse both Intune and Defender.

The recent CrowdStrike outage, which is the largest in IT history, affected only systems without Microsoft Defender but with CrowdStrike. This incident underscores the importance for enterprises to transition towards deploying Intune and Defender for enhanced security.

Public Cloud

Microsoft Azure

We are mainly using Microsoft Intune for the security of people who are working from home. It is being used for BYOD.

We enforce and push policies and enforce security requirements through Microsoft Intune. We also use it for deploying applications and monitoring the devices remotely.

Microsoft Intune has simplified our mobile application management a lot. Managing devices that are in users' homes is very tough without Microsoft Intune. Remote management is very easy because of Microsoft Intune.

For maintaining our device security, the best feature is that it works with Azure Active Directory Premium One license. There is conditional access, which is something very unique, so if a machine is compliant and Microsoft Intune is installed on it, only then users can access our Office 365 data. It is not just a feature of Microsoft Intune but also of AD P1.

Microsoft Intune brings all of our endpoint and security management tools into one place. It has made our IT and security operations easy. With a single console, we can manage our devices.

Microsoft Intune provides full endpoint visibility and IT control across device platforms.

Microsoft Intune is simple, and it does not interfere at all with users. Users do not even know that Microsoft Intune is installed on the machine.

Application deployment through Microsoft Intune has affected the IT productivity in our organization. Previously, our IT department used to take remote control of the machine using some software. They used to manually do the installation, whereas now, they can simultaneously push an application on all the machines through Microsoft Intune. That saves us a lot of time and manpower.

Microsoft Intune has been helpful for securing hybrid work and protecting data on company and BYO devices. We have deployed BitLocker policies through Microsoft Intune to ensure that the data is encrypted on those devices. We have also disabled USB pen drives and other things on remote machines.

Microsoft Intune has improved our IT productivity a lot because we have remote users. If our users were local, it would not help much, but because we have remote users across the country, it helps a lot.

The improvement in IT productivity has also saved us costs. Previously, we needed more people to do the installations, remote monitoring, and all that, whereas now, with the single console of Microsoft Intune, all these tasks are much easier. A single person can manage hundreds of computers. We need three people less now.

Microsoft Intune has helped to reduce the risk of security breaches in our organization.

Microsoft Intune has helped us to consolidate vendors. With Microsoft Intune, security management is there and mobile device management is also there. Both these things could have been from a different vendor.

Microsoft Intune integrates well with other Microsoft products. It works well with other Microsoft products. There is a seamless integration.

Being able to manage the devices remotely is most valuable. We can push security requirements through Microsoft Intune. We previously used to do this through group policy for Active Directory, and now, we use Microsoft Intune for managing devices. This is the best thing about Microsoft Intune.

Apart from Microsoft Windows, we can do remote device management of Android and iOS devices. We can enforce security policies for Android and iOS devices.

The user interface of Microsoft Intune is good. It is easy to use.

Cost is the biggest factor for us right now. Microsoft Intune and AD P1 together in a bundle is a good thing to have, but it is very costly compared to other products in the market. Otherwise, Microsoft Intune is the best.

Their support can also be better.

I have been using Microsoft Intune for the last two years.

It is very stable. I have not had any issues. I would rate it a 9 out of 10 for stability.

It is definitely scalable. I would rate it a 9 out of 10 for scalability.

Their response time is poor, and the resolution capability is not good. Even after having a call with their customer care, there is a 50/50 chance of them solving the problem.

I would rate their support a 6 out of 10.

Neutral

We did not buy any similar solution previously.

For some customers, it is a hybrid deployment, and for some customers, it is a pure cloud deployment. Our customers are medium and large enterprises. They are not small businesses.

Its deployment is of medium complexity. If it is a hybrid environment, it is fairly complex. If it is a pure cloud environment, it is easy.

The deployment duration depends on the number of users we have or the number of computers we have. For a setup with 100 users or 100 computers, it takes about two weeks. It may require some troubleshooting and tweaking.

One person is required for its deployment.

It does not require much maintenance from our side. It is normally always up to date. Once it is set, we do not need to touch it.

I recently got to know that the AD P1 license is compulsory to use Intune Autopilot, which was surprising for me. Earlier, this was not the case. It is the wrong thing to do. We now need to purchase AD P1 licenses for us and for our customers. I would rate it a 7 out of 10 for pricing.

We evaluated a few solutions.

I would recommend Microsoft Intune to others. If somebody has a Microsoft environment, Microsoft Intune is definitely the best solution for managing people who are working from home or remotely. 

It is improving day by day. New features are coming up.

I would rate Microsoft Intune a 7 out of 10.

My company has over 7,000 devices, including mobile devices, Windows, and Mac. The tool is only used to manage my team's mobile devices.

The solution's most valuable features are its ease of use and control of the MAM and MDM policies and configuration. The tool is straightforward and easy to use, while it also integrates with Azure. It has been a good product so far.

The tool has improved the way my team works as it is a cloud-based tool, so we don't have to manage on-prem servers. We also use apps on Microsoft Office 365, which is also one of the main reasons why we use Microsoft Intune.

I use the enterprise application management features of the tool, and my experience with it has been pretty good. Microsoft tells us that there are no bug issues with the updated versions or current versions, so there are no issues in the tool.

I use Microsoft Intune's Cloud PKI, and it helps manage the complexity of certificate management in infrastructure pretty well. There are no issues with certs or updating them.

Microsoft Intune has not affected my IT productivity, but it is not a very Android-friendly tool. We have had a lot of Android issues and compatibility problems with our VPN or tunnel. The tool is not very Android-friendly.

The maintenance of the tool is a lot less now for our company.

With the day to day device management tasks, the tool has been great, and there have rarely been any issues with it.

The mobile application management policies, specifically conditional access policies and app protection policies, are good features for managing diverse mobile environments. The DLP part is very strong.

The tool's tunnel gateway is not very good, making it an area where improvements are required. I wish it weren't so Azure's security group-based tool with which you can have local accounts. More personalization should be possible in the tool. One negative about Microsoft Intune is it acts too much as one of Azure's group-based products.

I have been using Microsoft Intune for half a year. I am just a customer of the solution.

I think the scalability is pretty easy and a lot easier to manage since we don't have to deal with the on-premises side. We use the cloud for extra storage, so it has been great.

My experience with the solution's technical support has been very good, but for other teams, it has not been very good. I rate the technical support a nine out of ten.

Positive

My company previously had some on-premises tools, but now it is cloud-based, so we save all the money on the network infrastructure and data centers. We don't need servers or storage, and it helps us save money.

When it comes to the product's deployment phase, I have taken part in the mobility side. In our company, we went through a migration, so there is always a lot of planning and testing and all that goes with it. Overall, it is fairly easy to use because it is deployed on a SaaS model.

The solution is deployed using a dedicated SaaS model. I think other teams have deployed it using an on-premises model.

The solution's deployment phase took a year and a half to test and set up everything. There was a lot of stuff involved.

In our company, prior to our migration, we already had Office 365 licenses, so it saved us around 4,00,000 for around a year.

I have seen a return on investment right from the start of the tool's usage.

I don't really know how much it costs, as my company pays for a bunch of licenses. The tool is cheaper than our company's other MDM tools.

My company has a few of Microsoft Intune's compliance policies that have helped us with some of the issues with sync interval with the compliance that we have noticed. The sync interval or the turnaround is not as quick as our company would like it to be currently. I understand that we can't control the sync interval.

I rate the tool a seven and a half out of ten.

Intune is a cloud-based platform for mobile application management and mobile device management. We can deploy applications on user devices and enroll user devices. We can enroll devices as per the organization's security policies. The devices comply with all the policies of the organization. We can also change the policies at the backend via Intune.

Intune helps with enrollments and securities. We can control the access to devices and users. We can specify what users can do. We can give role-based access. For example, a person working as a normal user does not require the same access as a manager. We can give access to users based on their roles. For example, a manager can add users to a particular group, but users cannot do that. We can restrict a user from doing certain activities. For example, we can restrict the user from using a camera or microphone. We can do such a configuration at the backend and deploy it to the user device.

Intune is very helpful for IT and security operations. If Intune is not there, we have to manually connect to user devices and deploy the changes. If we have thousands of devices, doing this manually on each and every device is very difficult. With Intune, we just configure the required settings and deploy them to a thousand devices in a single group. In a single step, we can add devices to a group. We can apply configuration easily. It is very helpful. It saves time. Adding or configuring devices manually takes a few months, whereas the same thing can be done with Intune within minutes.

We have had a very good experience. It is a Microsoft product. Everything related to a user is available. We have user names, user devices' names, and user licenses. We can also check the device compliance. We can see whether the device complies with the company policies or not.

Application updates and patching are available through Intune. We can also change group policy settings and registry settings of a device via Intune. We can change these settings without connecting the device. We can do that by deploying the PowerShell script or configuration profiles. For example, a kiosk device should stay up for hours and hours. It should not go to sleep. You can configure such devices to not go to sleep until 999 minutes. It is a very long time. If we enable such settings and add a particular user device group in the configuration, after the device starts syncing with the policy, no device will go to sleep.

With the Advanced Endpoint Analytics, we can see the application installation status. If we deploy a script to the user, we can see the status. We can see if it is a success or if there is a conflict. We can monitor the changes in user devices and check the compliance status. We can see if any app such as CrowdStrike is not updated.

With the help of Advanced Endpoint Analytics, we can proactively detect and remediate anomalies in endpoints. We can then reach out to users.

Intune saves us a lot of time. If we package an application using virtual packaging or physical packaging, it will take nearly two to three hours to package a single application. If we do this in Intune, it takes just minutes to add applications and deploy users. We can also monitor the particular application status in Intune.

The devices that are linked with Azure Active Directory are automatically linked with Intune. That makes the enrollment and management of BYO devices easy.

Intune has affected IT productivity in our organization. By saving time, it has automatically improved productivity.

Intune certainly saves costs. Without a cloud-based solution like Intune, we would require more IT staff.

Microsoft releases updates every second Tuesday. We can deploy those updates from Intune. We can also do patching through Intune. We can do quality updates and feature updates from Intune. We can also monitor the application status in Intune. We can see which applications are installed, pending, or available to install. We can see these things in Intune.

It is user-friendly. We can also troubleshoot any issues.

Intune saves time, and it is very easy to use. It allows us to manage applications completely.

If we could remote into a device, it would be great. Currently, we cannot directly connect to the user device. We have to use other tools such as VMware for connecting to devices.

If there are any issues, we should be able to connect through the Intune portal. The administrator should not have to go anywhere from the portal. He should be able to do everything from the portal.

Intune does not show whether a device is online or offline. It just shows the last login. It would be useful to know whether a device is online or offline.

We can see the issue related to updates in the Intune portal, but we cannot do anything from the Intune end. We have to connect to the user's device manually. We also need a better understanding of why the update is not happening on a particular device. It will decrease the time to troubleshoot the issues.

At times, there have been slowness issues with the company portal. It takes time to load and does not show the application status.

It would be great if there is a way to generate a PowerShell script to do certain things. Learning the PowerShell script is not easy, so such a feature would be helpful. Based on what we want, if it can automatically generate a script, it would be helpful.

It is not necessary, but it would be great if they added a messaging system in Intune. For example, when it is a shared device, a number of users log in to the device. In the case of any issue, it would be great to be able to directly message a user from Intune. Currently, there is no option for that, but if it could be done, it would be a very good thing.

I have been working with this solution for the last 18 months.

It is 100% stable.

It is very scalable.

We have about 12,000 devices and 20,000 users.

So far, I have not raised any questions with them.

I have worked with Microsoft SCCM. It is similar to Intune but not as user-friendly as Intune. Intune is very easy to understand. Its framework is very good. Microsoft SCCM is very old.

I have not worked with any other vendor. 

I am involved in the deployments, enrollments, troubleshooting errors, and monitoring in Intune. I take care of adding devices, users, and licenses, deploying policies, and configuring policies and scripts.

Its deployment does not require much. We just need a license to operate it. Our management takes care of that. There are a few licenses that are active only for nine hours. After nine hours, the roles are deactivated.

It does not require any maintenance from our end.

Intune is linked with Microsoft. We can deploy the Microsoft E365 license to users by Intune. There are different types of licenses, such as device administrator licenses, E5 licenses for device enrollment manually, and P1 and p2 licenses for device enrollment automatically. These are the licenses required for the administration.

I did not evaluate any other option. This was my first project, and I started as an Intune administrator.

It is a very good tool. It is easy to learn. You can expect quick assistance from Intune.

Before using Intune, I would recommend learning about Windows. Learn about the registry, configurations, and group policies. If you know these, it is easy to learn Intune.

You can face enrollment errors if the prerequisites are not met. For example, to upgrade from Windows 10 to Windows 11, you need to have some amount of free space or RAM. If you do not care about the prerequisites and just enroll the device, it causes issues. It will affect the device, and you need to enroll the device again.

I would rate Intune a nine out of ten.

We use the product to enroll devices, install configurations, and manage apps across our infrastructure. We address issues related to app protection policies, conditional access, and custom policies with its help.

The solution has significantly improved managing a diverse range of devices. We have observed enhancements across Android, iOS, and Windows devices.

One of the product's best features is its ability to integrate company policies and configurations into applications directly.

There could be more competent processes and improvements in the policy space. If devices follow the rules, it will benefit the company. If they do not, it will lead to non-compliance. We have been able to implement some common policies, such as data sharing, handling rooted devices, and managing cyber-available data. We are working on latency and permissions, including PIN tests and direct access to information, to enhance the overall process.

I have four years of experience working with Microsoft Intune.

The product is stable. I rate the stability a ten.

I rate the platform scalability a ten.

The technical support services are satisfactory. 

Positive

The product can be deployed on the cloud or on-premises. 

First, we access the Azure portal by browsing the URL and searching for Intune. Later, we can directly log in to the endpoint management section.

We create and assign licenses to use these tools and then provide users with instructions. Users have to download the company portal and follow the setup steps, which include entering necessary personal information, accepting terms, and managing settings.

Next, we handle the installation process within the company. We need to trust the application by selecting the appropriate option. If applicable, we enable settings on mobile devices. Following that, users must log in and configure settings as required. These options and settings are available through the company portal. The process is straightforward, and it doesn't require maintenance.

The product has helped save money. I would estimate that it has saved around 20% of the investment.

The product is expensive. 

Microsoft Intune provides everything in one place and streamlines our security operations significantly. It has impacted IT productivity across different devices, including Android, AWS, and Windows.

We use application management within Intune Suite. For instance, on Windows devices, we create and manage applications through a structured process. It involves configuring firewall settings, managing OS types, and ensuring that PC applications are updated regularly. We typically make monthly changes and create and manage application packages to maintain quality and compliance.

Copilot has simplified our operations by streamlining the issue management process. For instance, we can efficiently address and resolve issues when we receive tickets. It assists with authentication and other Intune-related tasks, which helps us handle hardware-related issues more effectively.

Intune helps secure hybrid work environments by managing both company-owned and bring-your-own devices. You can enforce policies to convert personal devices into compliant company devices, ensuring that data is protected regardless of whether the device is company-owned or personal.

Endpoint privilege management is integrated into our endpoint management system. It helps us manage and control permissions for various applications and endpoints. It allows us to enforce least-privileged access, which helps minimize security risks. I use it in my organization to enforce the least privileged access. It involves managing access through various channels and ensuring users sign in and complete necessary audits. The process is designed to act as a mediator.

I recommend it to other users and rate it a ten.

While Microsoft Intune offers centralized management and policy enforcement, it doesn't consolidate all endpoint and security management tools into a single platform. To comprehensively safeguard systems, additional solutions such as Microsoft Defender for Endpoint are necessary.

Achieving comprehensive endpoint visibility and IT control across various device platforms is a complex task, considering the diversity and freedom inherent in different systems. However, when it comes to deploying and managing devices like tablets, mobile phones, laptops, and specialized devices in Germany, a systematic and organized approach is crucial. Particularly noteworthy is the ability to configure IoT devices, such as numerous thermostats, water control systems, or sprinkler devices. Without a solution like Intune, scaling becomes a challenging issue, especially when dealing with thousands of such devices. Therefore, the use of a system like Intune becomes imperative in addressing these scaling challenges and ensuring effective device management.

On a scale of one to ten, I would rate my user experience with Intune as a six. The lack of intuitiveness makes it cumbersome to track and understand what needs configuration, especially when dealing with aspects like OneDrive and having to cross-reference settings across different areas of Intune.

In the context of securing hybrid work with Intune, our experience involved a two-day effort to configure the certificate for the Conditional Access server. However, once this initial setup was completed, we successfully configured VPN access for mobile phones. Despite the initial complexity, especially for a large company, Intune delivered on its advertised promises and proved effective in fulfilling the intended security functions.

Intune's effectiveness in securing data on company and BYOD devices is based on distributing security configuration data. While valuable, Intune has limitations, and comprehensive protection against cyber threats requires a sophisticated approach, including hybrid artificial intelligence solutions like Microsoft Defender for Endpoint. While Intune aids in system configuration, detecting and preventing attacks demands a more advanced defense strategy, comparable to sophisticated endpoint protection. Hybrid AI, with continuous human input, enhances threat evaluation, recognizing nuanced situations like suspicious timings in actions on developer endpoints.

It positively impacted IT productivity within the organization by enabling the secure addition of thousands of mobile phones to the VPN. In this regard, it performed effectively.

It played a crucial role in mitigating the risk of security breaches by securely distributing VPN certificates. While effective in this aspect, it's important to note that this alone is not sufficient. Endpoint security, such as developer endpoints, is analogous to having specialized tools for reading and managing complex systems.

It significantly contributed to cost savings. Manual configuration for each mobile phone would have taken approximately an hour per device per year, amounting to three or four thousand hours annually. However, with Intune, we accomplished the task in two days for five thousand devices, equivalent to around one hundred sixty hours. This resulted in substantial efficiency, reducing the effort from an ongoing five thousand hours per year to a one-time investment of a hundred sixty hours.

One of the most valuable aspects of Microsoft Intune is its seamless integration with Azure Active Directory, offering capabilities akin to Group Policy Objects. This integration provides a centralized platform for managing and enforcing policies, ensuring the stability of configuration data across devices, resembling the familiar functionalities of traditional group policies in an on-premises Active Directory environment.

In utilizing Intune's endpoint privilege management feature, I've primarily focused on configuring VPN access and certificates, although I'm not an Intune specialist. It's versatile enough for both configuring VPN access and managing large-scale IoT servers. For instance, in building management systems, especially in large structures like bank buildings, where numerous actuators are involved, configuring and securing them becomes a complex task. Intune proves valuable in this context. However, it's essential to recognize that while Intune serves as a powerful tool, relying solely on it is insufficient for comprehensive system security.

The integration of Intune capabilities with Microsoft 365 and Microsoft Security is crucial. As mentioned earlier, securing your machine requires tools like a developer endpoint, and relying solely on Intune may not be sufficient. While Intune allows configuration and deployment of Defender for Endpoints, having a dedicated tool is essential. The unique selling point of Microsoft lies in its seamless integration, especially notable for those working with Linux systems, where Microsoft's comprehensive integration sets it apart.

In terms of configuration, my experience with Intune is somewhat mixed. The configuration tool appears to be scattered throughout the Intune interface, requiring frequent navigation back and forth. The web interface, while functional, isn't particularly user-friendly, leading me to find PowerShell a preferable option. However, using PowerShell involves investing time in developing scripts. The challenge lies in the complexity of navigating between profiles and MDM configurations. Multiple windows need to be open simultaneously to grasp the overall configuration landscape.

I wish there was an improvement in the configuration process, as currently, it involves navigating through different locations with multiple windows open. Having a dedicated configuration server that assists in modifying the configuration service, and creating personalized structures, interfaces, and web services could enhance usability.

I have been working with it for three years. 

When evaluating stability, it's essential to consider the multitude of adversarial attempts, particularly from military opponents engaging in hacking activities. Microsoft has demonstrated its capability to withstand and defend against such sophisticated attacks, setting a high standard for security.

Considering the extensive number of support calls, I believe Microsoft handles them as effectively as possible. I would rate its customer service and support eight out of ten.

Positive

In the past, we utilized Windows services.

The number of people required for deployment depends on the specific tasks at hand. For instance, implementing the VPN solution involved five individuals, including specialists for firewalls and virtualization for the server endpoint. If the focus is solely on Intune-related tasks, one expert may be sufficient. However, in typical scenarios where Intune is used for onboarding machines or mobile device management, you'll need administrators with access to the relevant machines. It functions as a collaborative administration tool, and the required personnel would depend on the number of departments involved.

The pricing is inherently reasonable, as Microsoft leverages market insights to maintain the total cost of ownership at around ninety to ninety-five percent of what would be incurred in an on-premise scenario. Microsoft products inherently benefit from economies of scale and global reach, making them cost-effective.

It aids in vendor consolidation; otherwise, we would have had to manually configure around three thousand mobile phones.

It impacts the security posture positively when you are aware of what you configure and can update configurations promptly. However, as mentioned, the need for artificial intelligence in Endpoint Protection remains crucial.

I would recommend subscribing to reputable YouTube channels that focus on Intune or related topics. Building a strong foundation and gaining practical experience is crucial to understanding the intricacies of Intune. Overall, I would rate it eight out of ten.

We were using SCCM to build and manage our machines and to control the AV, and everybody left the offices for the pandemic. We did not have an external management point. Oh. And we realized we lacked a method of control. After hassling Microsoft over a question of semantics, we finally got our answer, and we quickly scrambled over two weeks to push out Defender while everybody was still in the office. The other part was to move toward Intune. 

We started testing that and went in both directions. We tried domain and nondomain. We eventually worked backward, redid it again, and took all of our workstations off the domain. Now, none of our workstations are running on the domain. We build everything from Intune. The company gets a list ahead of time from vendors like Dell or HP, so we can have a laptop sent directly to an individual without ever touching it. They sign in, and it simply asks for their password. 

The biggest benefits of Intune are the ability to push changes and the added security. When we moved forward with Defender, we onboarded all those machines automatically. That helps dramatically. For a while, we were left with machines that weren't protected. We could see where people had done things they shouldn't have done, and Defender saved our skins a few times. It didn't happen a lot, but it happened enough that it made us glad we made that decision. 

Intune has enabled us to manage our remote workers' devices, which has been especially helpful since the start of the pandemic. My guys spend less time troubleshooting. If they're going to spend more than about an hour on an issue, it's a little easier to just reset the machine and reinstall everything again. It saves a lot of time. 

We're a much smaller group, so it worked out better for us. We've been able to push out products that we hadn't planned on. We had to push out certificates because we decided to go with a Cloud RADIUS provider and moved to certificate-based authentication for wireless. We've leveraged that same certificate to turn on 802.1x in all our offices to secure the wired networks. And all of these things have made it possible to roll out DNS filtering. Once again, all through Intune. We could enable all these pieces that we would need to turn on one by one with Intune in place.  

The company needed something that could be agnostic, so it didn't matter where it was. Half our workforce doesn't work in the office. We've downsized our primary office, and leased over half of it to other companies with subleasing. We don't need as much space anymore. Our workers are still working, and they're not required to be in the office more than three days away. Intune ensures that everyone can work remotely and securely. You can't log into our Office 365 environment from a non-managed device. Almost everything is in Office 365. We use nearly every piece of it. We use Teams for communications and switched to Azure Virtual Desktop at the end of 2019. We were a Skype customer then, so it wasn't hard to switch. 

We continued to shrink our footprint as we adopted more and more SaaS offerings. Unfortunately, finance and some other use cases cannot be in the cloud. You still need on-premise Bloomberg terminals, and other companies require you to have circuits to run them. We have to redirect certain things, which is why we have the VDI in place for a handful of users who require those internal resources when they work remotely. Intune is what made all that easy and possible. I don't think we would ever change that. My guys like it. It has simplified things. 

At the end of the day, we do touch the machines, but we don't need to. And we know if we didn't have to. Previously, a machine got left in an office, and we just walked through somebody wiping it, where you assign it to them, and they log back into it. In the worst-case scenario, we can just pull something off a shelf like that.

We had to learn the hard way which machines work in our environment. It's nothing against the company, but we will no longer buy Dell because their business platforms only use Intel chips, and we can no longer afford to use Intel chips. It doesn't work for our needs. I can get AMD chipsets that are generally cheaper and perform better. They aren't throttled for some of our applications the way Intel chips do. People have been happier since we made that migration a little over a year ago. 

We replaced many machines and onboarded people after acquiring a couple of other companies, and they were shocked at the difference between the machines we gave them and what they were used to working with. They just had always put up with that, and so had we. With Intune, it didn't matter what we purchased because it already had Windows loaded on. It was simple and easy to move forward.

Intune has reduced our build time from four hours per build to an hour or an hour and a half on a slow day. That's getting the Office 365 stuff to download and install. The other apps are secondary. When somebody logs in to a machine, the apps start downloading. We could give somebody a machine they've never seen before, have them sign in, and they're ready to work in an hour and a half. That's a tremendous amount of time saved, and there's nothing left for us to do.  We just make sure everybody who's supposed to be in a group has the assigned apps that the group needs to have. They're installed automatically.

The biggest problem we ever have is when something goes out of date after 30 days when nobody has logged into it. We do have a problem trying to get those back online. We've been working with Microsoft to resolve that problem, but that's been the only issue that we've had in the last few years.

Out of the box, Intune works reasonably well. They will continue to think of new ways to improve. Some of the policies could use some work to align more with what people are used to, but it's getting there. It's coming along, and I'd like to see how Security Copilot comes into play. You could have Copilot build things based on what you request. It could help put policies in place and look at your current policies. 

Unfortunately, we've had stuff out there for four years, and it's not working properly. A tool like Copilot could assess my policies, find weaknesses, and tell me where to make changes. That would be a great benefit.

I've had a constant battle with the DLP component, and no they're not going to have a choice. If they want to go with Copilot, we will need to start classifying documentation whether we want it or not. There will be a big fight when I get back of it. There's a fight. If you want you want you say you want copilot when it comes out, but if we have a classified stuff, it's not gonna work the way you wanna too. I heard so. Yeah. That's a problem. I heard someone talking about

We started testing Intune at the start of the pandemic, and at the time, it didn't seem to be quite as ready as they claimed it was. It was still being pieced together when we adopted it. However, it worked out well. While everybody else was scrambling during the pandemic to get on Teams and Azure Virtual Desktop, we had done that in the previous December, so by pure luck, we were ready to walk out the door. 

And I think it's scalable, honestly, but it's it's also about mentality, whether you believe it's you wanna spend the time to make sure that it's scalable. You know, I I I don't think I've been a big fan of getting away from domain services for the longest time. Think I don't see the point anymore. It's we use it very rarely. I so, you know, everything should be cloud based. It's a way to go. I mean, if you can run it that way,

We don't usually deal with Microsoft much. We have a CSP in place. However, sometimes we're dealing with a backend problem, and the CSP will take longer, so we'll go straight to Microsoft. When that occurs, Microsoft typically handles those issues reasonably quickly. When I contact Microsoft, I usually go through several engineers before I get to someone who can help. That's normal, but it doesn't drag out.  

Years ago, when we paid for enterprise support, I felt it dragged on forever because I went through the same process. I'd talk to a first-level engineer, and we had to escalate to tier three before we finally got somebody who understood what was going on. They would see the problem but not know how to fix it. They never had a resolution half the time.

The initial setup was easy, but we had lots of time during the pandemic. I had that all set up in my living room that first summer, working on it remotely. There were some pains because it wasn't all there yet. It wasn't until about July 2020 that most of the pieces were in place. It took another year before the rest was solid. However, to be fair, people adopting Intune now will get a mostly finished product.

Intune has a cost advantage if you get it with a bundled Microsoft license. If you have E3 licenses, you already have access to Intune, so you're not paying anything extra. That's a huge savings right there. Back in the day, people always wanted Office, but they didn't wanna pay for it, so you would use Open Office. That was my go-to 10 years ago. Now, I recommend the opposite. You need an Office 365 account. Don't think it is as paying for Office. That's not what you're buying.

For $7 dollars a month, you're getting a terabyte of storage in OneDrive and all the apps. You won't get that from Google. It's about cost, and it's even better if you get those bonuses with it. 

I rate Intune eight out of 10. I've never seen anything perfect, but it is an excellent fit for our environment. This is the smallest company I've ever worked for in my professional career, so it works well for us.

The primary use case for Intune is to enable user access to authorized data and applications like Outlook and Microsoft Teams, whether they are using corporate devices or their personal ones. By enrolling these devices in Microsoft Intune, users gain access to organization data, effectively turning their device into a mobile office laptop.

In our work, we have experienced the advantages of using Microsoft's services, particularly when it comes to handling certificates and inventories. Microsoft's capabilities in these areas have prompted many people to transition their operations to Microsoft.

One of the standout features of Intune is its seamless accessibility to work data, eliminating the need to be tied to an office or a desktop. Whether on iOS, Android, or other mobile devices like tablets, users can effortlessly access essential tools such as email, Microsoft Teams, and custom business applications, enhancing productivity. This capability became especially crucial during the COVID-19 pandemic, when remote work setups became the norm, making Intune a prominent solution for remote access to corporate resources.

Intune's areas for improvement, especially since its implementation in June, revolve around security and certificate management, primarily related to personal devices known as BYOD. While there are policies in place to prevent data transfer between corporate and personal apps, there is room for further enhancing security measures for devices that aren't corporate-owned but are enrolled to access organization data. Tightening security in this context is a key area in which Intune can continue to evolve.

I have been using Microsoft Intune for six years.

In terms of stability, it largely depends on how well security measures are implemented. Ensuring that devices are properly secured and monitored is crucial for stability, especially in situations like a lost device where sensitive data is at risk. Security awareness and access controls play a significant role in maintaining a stable environment. Multi-factor authentication and additional conditional access measures, such as fingerprint access, are used to verify the user's identity and protect data. I would rate the stability of the solution as a nine out of ten.

The scalability of Intune is highly rated by engineers for its flexibility. It is easy to scale, primarily due to the licensing options. You can start with a smaller scope, say, with 40-50,000 employees, who want to use corporate devices with Intune. As your organization grows, you can easily expand, going up to more than 100,000 users, and incrementally add licenses as needed, be it on a quarterly or monthly basis. This makes Intune a versatile solution for businesses of various sizes. At our company, for mobile devices and laptops, we have 30,000 users. I would rate the scalability of the solution as a ten out of ten.

The experience with Intune support has been generally positive, although there has been a learning curve for support staff. Initially, there were some challenges, with different teams involved, which sometimes resulted in less than optimal solutions. However, the situation has improved over time. On a scale of one to ten, I would give an eight out of ten rating for Intune support. It is a generally positive experience with room for further enhancement.

I would rate the complexity of the initial setup as a seven out of ten. However, if you have prior experience with MDM solutions or other MDM platforms like MobileIron, AirWatch, or IBM's MaaS360, the process may be more straightforward. Intune deployment typically takes a few weeks. The deployment involved a team of over 35 people to cater to a user base of around 30,000 in an automobile company based in Canada. The process began with testing and policy configuration over a month, focusing on aspects like data restrictions and copy limitations. After the pilot phase, Microsoft provided a pricing model, and a migration process took place over two to three months. This involved transitioning users from BlackBerry to iOS and Android and incorporating Windows Autopilot for Windows laptops, both new and existing. The onboarding process also extended to HP and other vendors.

I find the pricing for Microsoft Intune to be quite reasonable. It is available through various licensing options, including E5 Enterprise, E3 Enterprise, and as a standalone product. E5 Enterprise provides Intune as part of a bundled package, while E3 Enterprise offers it separately. Microsoft offers several licensing options, allowing organizations to choose the one that suits their specific needs. Before deploying, there is a free trial period of one month where you can test it with up to 50 devices. Once you have an understanding of your needs and Microsoft's pricing, you can choose the right model and device enrollment numbers. After the trial period, they offer a budget of around $120 for you to allocate according to your requirements. The pricing is then converted into a pro-rated monthly basis, depending on the volume of devices you need to manage, whether it is beyond fifty or a hundred. This flexible approach is advantageous for users. Overall, I would rate it as a seven out of ten in terms of costliness.

In comparison to earlier vendors like IBM, AirWatch, MobileIron, and SOTC, Microsoft Intune stands out as more flexible and user-friendly. These earlier systems were rigid and required IMEI numbers, making them less adaptable. Intune, on the other hand, is simple, similar to Azure, and excels in terms of scalability and versatility. Creating device-switching policies in Intune is straightforward and visually intuitive. It involves selecting the appropriate profile and specifying the device type (iOS, Android, or Windows). The options are readily accessible, making Intune an easy-to-use solution for managing mobile devices and endpoint management tasks.

I highly recommend using Microsoft Intune, especially in today's remote work scenario driven by the COVID-19 pandemic. It is a robust solution for managing corporate and BYOD devices, ensuring that they are properly configured and secure. Intune simplifies end-to-end device management, from pushing policies to implementing multifactor authentication, and it's the best option in the market right now. While VMware Workspace ONE and AirWatch are good, Microsoft Intune stands out, as evidenced by its popularity among clients, with more than 80% opting for it. It is definitely worth considering and conducting a proof of concept to see how it can benefit your organization. Overall, I would rate the solution as a nine out of ten.

Public Cloud

Microsoft Azure