Microsoft Intune Reviews

We use Microsoft Intune to manage our corporate devices such as mobile devices.

Microsoft Intune unifies all of our endpoints and security management tools.

Since Intune is part of Microsoft and managed under one umbrella, we don't need any third-party solutions and we can control everything from Intune which enhances our IT and security operations.

Microsoft Intune provides full endpoint visibility and IT control across device platforms ensuring our data is secure.

The user experience for Intune is good.

Microsoft's security signals within Intune improve our security posture.

Endpoint Privilege Management enables us to enforce least privilege access. We can assign different types of access based on each user.

Our attack surface is minimized because if there are any threats or suspicious activity, the affected device is automatically blocked and it becomes non-compliant. The application and company data become inaccessible until the issue has been resolved. These actions also trigger email notifications to inform us of the situation.

Implementing Microsoft Intune has significantly improved the efficiency of our IT team. Previously, managing our devices involved juggling Active Directory and SCCM, requiring multiple tools and a scattered approach. Now, with everything centralized in the cloud, we have a single portal, a single point of control, and a single subscription. This eliminates the need for dedicated servers and complex hardware setups, reducing the need for manual monitoring and update triggers. With Intune, everything is under one umbrella, offering a wide range of options with just a click. No more complicated settings or fragmented workflows. We simply choose the desired policy, perform a few clicks, and our machines are enrolled and updated seamlessly. This streamlined approach has not only boosted our IT team's productivity but also enhanced our overall security posture.

Intune has helped reduce the risk of security breaches by up to 70 percent.

Microsoft Intune has helped our organization save costs.

The many policies available in Microsoft Intune for managing our devices are valuable.

The policies we had in SCCM and AD offered features that are missing from Microsoft Intune.

I have been using Microsoft Intune for one year.

I would rate Microsoft Intune's stability a seven out of ten because it needs more granular policies.

The first level of support is not good but the higher levels are knowledgeable and they are available 24/7.

Neutral

We previously used Microsoft System Center Configuration Manager and switched to Microsoft Intune so we could better secure our personal and corporate devices.

The initial deployment was straightforward. We need a license to join the machines to Azure and then apply the policies we create.

One person is required for deployment.

The implementation was done in-house.

I am satisfied with the pricing.

I would rate Microsoft Intune a seven out of ten.

Intune has helped us consolidate vendors. The consolidation has saved us on licensing costs.

We have 100 plus customers and a team of 20 people using Microsoft Intune.

It's important that Intune's suite is integrated with Microsoft 365, and Microsoft Security for both cloud and co-managed devices.

Intune does not require maintenance but we do need to monitor the status of our devices.

I recommend trying Microsoft Intune.

My company has over 7,000 devices, including mobile devices, Windows, and Mac. The tool is only used to manage my team's mobile devices.

The solution's most valuable features are its ease of use and control of the MAM and MDM policies and configuration. The tool is straightforward and easy to use, while it also integrates with Azure. It has been a good product so far.

The tool has improved the way my team works as it is a cloud-based tool, so we don't have to manage on-prem servers. We also use apps on Microsoft Office 365, which is also one of the main reasons why we use Microsoft Intune.

I use the enterprise application management features of the tool, and my experience with it has been pretty good. Microsoft tells us that there are no bug issues with the updated versions or current versions, so there are no issues in the tool.

I use Microsoft Intune's Cloud PKI, and it helps manage the complexity of certificate management in infrastructure pretty well. There are no issues with certs or updating them.

Microsoft Intune has not affected my IT productivity, but it is not a very Android-friendly tool. We have had a lot of Android issues and compatibility problems with our VPN or tunnel. The tool is not very Android-friendly.

The maintenance of the tool is a lot less now for our company.

With the day to day device management tasks, the tool has been great, and there have rarely been any issues with it.

The mobile application management policies, specifically conditional access policies and app protection policies, are good features for managing diverse mobile environments. The DLP part is very strong.

The tool's tunnel gateway is not very good, making it an area where improvements are required. I wish it weren't so Azure's security group-based tool with which you can have local accounts. More personalization should be possible in the tool. One negative about Microsoft Intune is it acts too much as one of Azure's group-based products.

I have been using Microsoft Intune for half a year. I am just a customer of the solution.

I think the scalability is pretty easy and a lot easier to manage since we don't have to deal with the on-premises side. We use the cloud for extra storage, so it has been great.

My experience with the solution's technical support has been very good, but for other teams, it has not been very good. I rate the technical support a nine out of ten.

Positive

My company previously had some on-premises tools, but now it is cloud-based, so we save all the money on the network infrastructure and data centers. We don't need servers or storage, and it helps us save money.

When it comes to the product's deployment phase, I have taken part in the mobility side. In our company, we went through a migration, so there is always a lot of planning and testing and all that goes with it. Overall, it is fairly easy to use because it is deployed on a SaaS model.

The solution is deployed using a dedicated SaaS model. I think other teams have deployed it using an on-premises model.

The solution's deployment phase took a year and a half to test and set up everything. There was a lot of stuff involved.

In our company, prior to our migration, we already had Office 365 licenses, so it saved us around 4,00,000 for around a year.

I have seen a return on investment right from the start of the tool's usage.

I don't really know how much it costs, as my company pays for a bunch of licenses. The tool is cheaper than our company's other MDM tools.

My company has a few of Microsoft Intune's compliance policies that have helped us with some of the issues with sync interval with the compliance that we have noticed. The sync interval or the turnaround is not as quick as our company would like it to be currently. I understand that we can't control the sync interval.

I rate the tool a seven and a half out of ten.

Intune is a cloud-based platform for mobile application management and mobile device management. We can deploy applications on user devices and enroll user devices. We can enroll devices as per the organization's security policies. The devices comply with all the policies of the organization. We can also change the policies at the backend via Intune.

Intune helps with enrollments and securities. We can control the access to devices and users. We can specify what users can do. We can give role-based access. For example, a person working as a normal user does not require the same access as a manager. We can give access to users based on their roles. For example, a manager can add users to a particular group, but users cannot do that. We can restrict a user from doing certain activities. For example, we can restrict the user from using a camera or microphone. We can do such a configuration at the backend and deploy it to the user device.

Intune is very helpful for IT and security operations. If Intune is not there, we have to manually connect to user devices and deploy the changes. If we have thousands of devices, doing this manually on each and every device is very difficult. With Intune, we just configure the required settings and deploy them to a thousand devices in a single group. In a single step, we can add devices to a group. We can apply configuration easily. It is very helpful. It saves time. Adding or configuring devices manually takes a few months, whereas the same thing can be done with Intune within minutes.

We have had a very good experience. It is a Microsoft product. Everything related to a user is available. We have user names, user devices' names, and user licenses. We can also check the device compliance. We can see whether the device complies with the company policies or not.

Application updates and patching are available through Intune. We can also change group policy settings and registry settings of a device via Intune. We can change these settings without connecting the device. We can do that by deploying the PowerShell script or configuration profiles. For example, a kiosk device should stay up for hours and hours. It should not go to sleep. You can configure such devices to not go to sleep until 999 minutes. It is a very long time. If we enable such settings and add a particular user device group in the configuration, after the device starts syncing with the policy, no device will go to sleep.

With the Advanced Endpoint Analytics, we can see the application installation status. If we deploy a script to the user, we can see the status. We can see if it is a success or if there is a conflict. We can monitor the changes in user devices and check the compliance status. We can see if any app such as CrowdStrike is not updated.

With the help of Advanced Endpoint Analytics, we can proactively detect and remediate anomalies in endpoints. We can then reach out to users.

Intune saves us a lot of time. If we package an application using virtual packaging or physical packaging, it will take nearly two to three hours to package a single application. If we do this in Intune, it takes just minutes to add applications and deploy users. We can also monitor the particular application status in Intune.

The devices that are linked with Azure Active Directory are automatically linked with Intune. That makes the enrollment and management of BYO devices easy.

Intune has affected IT productivity in our organization. By saving time, it has automatically improved productivity.

Intune certainly saves costs. Without a cloud-based solution like Intune, we would require more IT staff.

Microsoft releases updates every second Tuesday. We can deploy those updates from Intune. We can also do patching through Intune. We can do quality updates and feature updates from Intune. We can also monitor the application status in Intune. We can see which applications are installed, pending, or available to install. We can see these things in Intune.

It is user-friendly. We can also troubleshoot any issues.

Intune saves time, and it is very easy to use. It allows us to manage applications completely.

If we could remote into a device, it would be great. Currently, we cannot directly connect to the user device. We have to use other tools such as VMware for connecting to devices.

If there are any issues, we should be able to connect through the Intune portal. The administrator should not have to go anywhere from the portal. He should be able to do everything from the portal.

Intune does not show whether a device is online or offline. It just shows the last login. It would be useful to know whether a device is online or offline.

We can see the issue related to updates in the Intune portal, but we cannot do anything from the Intune end. We have to connect to the user's device manually. We also need a better understanding of why the update is not happening on a particular device. It will decrease the time to troubleshoot the issues.

At times, there have been slowness issues with the company portal. It takes time to load and does not show the application status.

It would be great if there is a way to generate a PowerShell script to do certain things. Learning the PowerShell script is not easy, so such a feature would be helpful. Based on what we want, if it can automatically generate a script, it would be helpful.

It is not necessary, but it would be great if they added a messaging system in Intune. For example, when it is a shared device, a number of users log in to the device. In the case of any issue, it would be great to be able to directly message a user from Intune. Currently, there is no option for that, but if it could be done, it would be a very good thing.

I have been working with this solution for the last 18 months.

It is 100% stable.

It is very scalable.

We have about 12,000 devices and 20,000 users.

So far, I have not raised any questions with them.

I have worked with Microsoft SCCM. It is similar to Intune but not as user-friendly as Intune. Intune is very easy to understand. Its framework is very good. Microsoft SCCM is very old.

I have not worked with any other vendor. 

I am involved in the deployments, enrollments, troubleshooting errors, and monitoring in Intune. I take care of adding devices, users, and licenses, deploying policies, and configuring policies and scripts.

Its deployment does not require much. We just need a license to operate it. Our management takes care of that. There are a few licenses that are active only for nine hours. After nine hours, the roles are deactivated.

It does not require any maintenance from our end.

Intune is linked with Microsoft. We can deploy the Microsoft E365 license to users by Intune. There are different types of licenses, such as device administrator licenses, E5 licenses for device enrollment manually, and P1 and p2 licenses for device enrollment automatically. These are the licenses required for the administration.

I did not evaluate any other option. This was my first project, and I started as an Intune administrator.

It is a very good tool. It is easy to learn. You can expect quick assistance from Intune.

Before using Intune, I would recommend learning about Windows. Learn about the registry, configurations, and group policies. If you know these, it is easy to learn Intune.

You can face enrollment errors if the prerequisites are not met. For example, to upgrade from Windows 10 to Windows 11, you need to have some amount of free space or RAM. If you do not care about the prerequisites and just enroll the device, it causes issues. It will affect the device, and you need to enroll the device again.

I would rate Intune a nine out of ten.

Around 90 percent of our platforms are in the cloud, and our company uses them to manage access to various platforms. In our company, what we used to do when we were on an on-premises setup was to use group policy to basically manage access and authorizations to various services, which can be quite challenging because not everything you want to do on GPO even though it is available in it. You can use or manage VBScript and PowerShell, but it was a bit challenging. With Microsoft Intune, you already have specific processes and platforms that have several things you can do with it in terms of security and in terms of making everything standardized, sort of a standard desktop, or even a customized one based on the user's job title, ranging from executive management to basic back-end staff. Microsoft Intune allows you to customize everything, like security, the availability of some features, and even updating particular systems or where and which system can access which service from a geographical location, which we couldn't do with GPO. Microsoft Intune allows us to be very flexible.

Applications have a feature that allows you to deploy applications remotely to different systems. They can be Windows-built, some business applications, small scripts, or even custom applications. The tool can even deploy fixes, and it has been one of the features we use quite frequently to troubleshoot and fix issues.

The tool brings all of our company's endpoint and security management tools into one place.

Speaking about the impact of Microsoft Intune on our company's IT and security operations, I would say that the tool has done a good job in terms of centralized management, but there is still a lot it can do. Microsoft Intune is just a mobile device management platform. It doesn't really implement security, specifically in terms of endpoint security for ransomware and other attacks, so our company has to supplement with other solutions.

If I assess Intune's user experience, I would say it is perfect and simple. In general, the tool is very easy to use. Every feature or domain, ranging from compliance to security to DLP, integrates very well with Microsoft's other modules.

I am using certain aspects of Microsoft Intune Suite, which involves the new collection of advanced endpoint management and security tools.

If I assess Microsoft Intune for securing hybrid work and protecting the company data and the data on my own devices, I would say that it works very well in handling BYOD cases. For all the corporate business apps, you can't share data outside Microsoft Intune or the enrolled devices. It has to go through all the approved suites of Microsoft Project and then into OneDrive so that we can tell where that information passed, making it basically a DLP type of thing. You can't copy and paste anything into an external product since it must be within Microsoft's suite. The tool really helped our company keep certain information confidential within Microsoft Office Suite, and it doesn't go outside, which is helpful.

I use Intune's Endpoint Privilege Management feature in Microsoft Intune. Speaking about how Intune's Endpoint Privilege Management enables our company to enforce the least privileged access that affects user productivity in our organization, I would say that all our users are at the basic level. Depending on the function users need to do, privileged access might be required, and we can basically elevate them to do it, and then we don't have to do anything beyond that.

In terms of how important it is in the context of our company's journey to the cloud that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices, I would say that the integration part is the key since it has to follow everybody, whether they work on the company's premises or remotely with Microsoft Intune.

Improvements can be made by allowing server integrations since it is an area where the product currently has shortcomings. Currently, it is just endpoints, Windows, and mobile devices, but we would like to see the servers integrated into the tool as well so that the product covers everything.

The product currently lacks any features. For most of what we can't do with the features available in Microsoft Intune, we use PowerShell to address such areas.

I have been using Microsoft Intune for ten years. I work with one of the past versions of the tool.

My company hasn't faced any stability issues associated with the product since its deployment.

It scales up pretty much with ease. It reduces the work on the admin side. It is a very scalable tool.

With Microsoft Intune, my company covers more than 250 devices. I would probably say that it goes up to 300 devices. My company also has many remote staff members.

I have provided technical support for the solution once or twice, but all the information regarding the fixes is mentioned on the internet. I rate the technical support a ten out of ten. In my company, we haven't had any challenging situations that required a prolonged fixing process, and it was usually done in a day or two, within which it used to get resolved.

Positive

Before Microsoft Intune, I used a different solution for enterprise mobility management named VMware AirWatch. My company started using Microsoft Intune since it was bundled with the other services offered under Microsoft. I think my company moved to a new plan with Microsoft, and Microsoft Intune was present in it with Microsoft Enterprise Mobility + Security (EMS). My company thought about why we should pay for another service when we already have one.

VMware integrated with Microsoft like a connector, but every time there is a change or an upgrade to Microsoft's platform, it sort of disrupts VMware. My company then figured out that the closer we are to Microsoft's platforms, the better, which in turn helps us consolidate vendors.

My company involves two types of judgments to determine whether or not the consolidation of vendors my company deals with has affected our security posture. We have a Gartner evaluation, and we are trying to see if our current vendor is at least in the leadership quadrant. After that, we go for their products. Even if a tool is not at the top, it is a win-win situation for us as long as it is there. Gartner has been important in helping our company decide which vendor to consolidate products and services on.

The consolidation of affected vendors has not reduced our company's licensing costs. We recently discovered that Microsoft is basically unbundling several parts of its products. People can now choose Microsoft's models, but you cannot choose what you want as an add-on. In such a phase, we are going to have to compare apples with apples. If Microsoft unbundles Purview, for instance, we have to look for a similar DLP and compare it in terms of price and performance.

I was involved in the tool's initial setup process. Initially, my company faced some complexities with the product's initial setup phase, especially in terms of how to deploy it remotely. We basically had to have every device in front of us physically to do the deployment.

Considering that the deployment phase was an ongoing process, it took three months to be completed.

The product's deployment phase was carried out with the help of our in-house team with the help of the information in the tool's manuals.

The solution was deployed with the help of three people in our company.

From a cost-saving perspective, my company has no information associated with the tool. When we get the budget approved in our company, there is an additional buffer, causing us to have more of an overcapacity scenario rather than an undercapacity one.

My organization is still in the process of discovering several of the overall benefits that we have experienced from the use of the product. My company keeps discovering new features when we use Microsoft Intune's capabilities.

My company has not done any evaluations to figure out whether the product could generate any return on investment. It is something we should do in the future.

In my personal opinion, the product does offer value for money since it offers good security.

It is not difficult to maintain the product. Once the configurations are set at a basic level, the tool just keeps modifying itself and keeps on improving.

In terms of the product price and licensing costs, my company finds the product to be reasonably priced. As long as our budget is approved for it, everything is fine with the pricing part.

My company did not evaluate any other options against Microsoft Intune.

I am not using the enterprise application management features of Microsoft Intune Suite. For applications management, we are basically doing SaaS for most of our applications, so they are on the cloud. The least we do in our company is MFA or two-factor authentication and single sign-on into the enterprise applications, but they are basically on Amazon AWS or SAP.

I am not using the advanced endpoint analytics in the tool.

My company doesn't use Microsoft Copilot in Intune. I would say that my company is waiting for Microsoft Copilot to reach an advanced stage. When I say advanced stage, it means handling business cases that apply to our company's type of business. What we have seen in our company is that in areas like customer relationships and retail banking solutions, Microsoft Copilot works. With Microsoft Copilot, our company hasn't seen any business case related to our work. Microsoft Copilot is mostly for chatbots in CRM and other things, but that is not what my company wants. My company is waiting and hoping that we will see advanced features in Microsoft Copilot by next year. I am working with the basic capabilities of Microsoft Intune.

Intune's Endpoint Privilege Management's least privileged access doesn't affect our organization's attack surface since it is handled by a different platform named Symantec.

My company has not measured if Microsoft Intune has affected IT productivity in our organization, but I believe that it is something that we should do.

I would suggest those planning to implement Microsoft Intune in their company start with a pilot group and implement every aspect they want to implement with that group across different devices, ranging from Androids, iOS, Google, and everything else. In my company, when we did encryption, we found that Android already has an encryption feature, which is basically for Android, so we couldn't turn on the encryption feature. If we did turn on the encryption feature, we would lose information because it was already encrypted by Android.

I rate the tool a ten out of ten.

We use the product to enroll devices, install configurations, and manage apps across our infrastructure. We address issues related to app protection policies, conditional access, and custom policies with its help.

The solution has significantly improved managing a diverse range of devices. We have observed enhancements across Android, iOS, and Windows devices.

One of the product's best features is its ability to integrate company policies and configurations into applications directly.

There could be more competent processes and improvements in the policy space. If devices follow the rules, it will benefit the company. If they do not, it will lead to non-compliance. We have been able to implement some common policies, such as data sharing, handling rooted devices, and managing cyber-available data. We are working on latency and permissions, including PIN tests and direct access to information, to enhance the overall process.

I have four years of experience working with Microsoft Intune.

The product is stable. I rate the stability a ten.

I rate the platform scalability a ten.

The technical support services are satisfactory. 

Positive

The product can be deployed on the cloud or on-premises. 

First, we access the Azure portal by browsing the URL and searching for Intune. Later, we can directly log in to the endpoint management section.

We create and assign licenses to use these tools and then provide users with instructions. Users have to download the company portal and follow the setup steps, which include entering necessary personal information, accepting terms, and managing settings.

Next, we handle the installation process within the company. We need to trust the application by selecting the appropriate option. If applicable, we enable settings on mobile devices. Following that, users must log in and configure settings as required. These options and settings are available through the company portal. The process is straightforward, and it doesn't require maintenance.

The product has helped save money. I would estimate that it has saved around 20% of the investment.

The product is expensive. 

Microsoft Intune provides everything in one place and streamlines our security operations significantly. It has impacted IT productivity across different devices, including Android, AWS, and Windows.

We use application management within Intune Suite. For instance, on Windows devices, we create and manage applications through a structured process. It involves configuring firewall settings, managing OS types, and ensuring that PC applications are updated regularly. We typically make monthly changes and create and manage application packages to maintain quality and compliance.

Copilot has simplified our operations by streamlining the issue management process. For instance, we can efficiently address and resolve issues when we receive tickets. It assists with authentication and other Intune-related tasks, which helps us handle hardware-related issues more effectively.

Intune helps secure hybrid work environments by managing both company-owned and bring-your-own devices. You can enforce policies to convert personal devices into compliant company devices, ensuring that data is protected regardless of whether the device is company-owned or personal.

Endpoint privilege management is integrated into our endpoint management system. It helps us manage and control permissions for various applications and endpoints. It allows us to enforce least-privileged access, which helps minimize security risks. I use it in my organization to enforce the least privileged access. It involves managing access through various channels and ensuring users sign in and complete necessary audits. The process is designed to act as a mediator.

I recommend it to other users and rate it a ten.

We use Intune as the MDM platform, and we used to deploy some products connected to Intune. 

Intune has improved productivity somewhat by connecting the AD with Microsoft Defender and the MDM because we can identify the Internet server. That's the main application or port over which we can manage our infrastructure. It streamlines device management. 

I like how Intune deploys the policies and makes them customizable. You can deploy it through Intune and forget about it. 

You can connect Defender for Endpoint to Intune and assign the client to start porting detections and alerts, creating a little security operations center. The integration is easy but tricky for someone who doesn't know how to use it. Once you learn to use it, it's a powerful tool that can condense most of your administrative tasks into one place

Integration with Microsoft 365 and security is critical if you have a Microsoft infrastructure. You want all the tools to be connected and exchanging data so that when you make a change or deploy something, you can make an informed decision and log the errors. You can avoid having different types of configurations and strengthen your policies. 

We've been using what they call conditional access in which we set up policies and apply them based on certain conditions and attributes. For example, you can apply some policies to company-owned devices and a different set of policies to devices for personal use. 

Sometimes, it takes time to synchronize the policies between the portal and the devices, you don't have a way to estimate how long it will take to deploy. You have some kind of gray area, where it can deploy in 30 minutes or three days. 

I have two years of experience with Intune

I rate Microsoft support nine out of 10. When we raise a ticket, they respond with a solution or guidance on how to fix the problem within 24 hours. 

Positive

We used VMware Workspace ONE and one other MDM. Based on my experience, I think Intune is the most robust because of how easily it can integrate with the other Microsoft tools. You won't need to deal with the process of connecting the Active Directory to Intune. Once you have your account with a subscription and a license, it will connect automatically, and you won't have a big problem with it. 

Microsoft offers a license that lets you access all the tools. Purchasing that license will probably be the most cost-effective if you plan to implement a Microsoft-oriented infrastructure. It's cheaper than purchasing all the products separately. 

I rate Microsoft Intune eight out of 10. 

We are using it for the endpoint deployment piece.

By implementing Intune, we are trying to get everything off on-prem.

Because of the FedRAMP space and some of the pieces we are doing, such as the new policies for CMMC 2.0, we have more worries when we have anything physical. It just made sense to go for a cloud solution. Because we were already using Microsoft products and we were previously partially using Intune, it just made sense to use Intune.

Once you start getting things hosted in the cloud, rather than having to host the domain pieces yourself, they can be generally managed by Intune. One of the issues that we had when we had the hybrid or on-prem deployment set was that users would have to use a VPN to be able to change their user email or their password sets. Having to manage on-prem exchange was an issue as well. There were other things like that. As we are moving the pieces over, we are noticing a lot more availability and easier configuration of pieces for users.

Intune has helped us with compliance. We are using it for CMMC 2.0 compliance.

Intune provides full endpoint visibility and IT control across device platforms. You can individualize it for your company with the Intune Company Portal app. You can make applications and other things and have them deployed via scripts.

The user experience of Intune has been nice for other individuals from what I have seen.

A lot of security is achieved via Intune policy deployment cases. There is a baseline security set, and then a part of it was configured with some of the other things that we needed for CMMC 2.0 compliance. It is containerizing for cell phones in particular and not allowing specific connection sets. We have more cells than anything else. A lot of the users do not even need to touch a lot of the system sets that we use. We have not had any issues with user availability.

One of the things that you can do with Intune is that you can have approved app sets. As a corporation, you know that a user needs to use an application, so you can have it added to Intune Company Portal apps. You can have it pre-downloaded for the users without the need for an admin's intervention. For the apps that users could need or do need, you can either force installation or set it up for the user if they need it.

Intune certainly affects our organization's attack surface. We are utilizing DLP, domain policies, and things like that via Intune. It is nice to be able to make sure that the users can have their laptops, and there is also no need to have a VPN service for a lot of those. It makes it easier for each user's things to be isolated.

We started utilizing the app proxy service. If you have local applications that use a web URL, you can use the app proxy and have Microsoft handle the VPN connection set rather than needing a VPN yourself.

Intune has helped to reduce the risk of security breaches in our organization. Intune has saved us costs. It has helped us reduce our workloads. When doing the hybrid deployment, we have to manage our on-prem environment and have additional security for it. By moving into the cloud, we have reduced the electrical cost of the office. There is also a price difference. Hosting our own VM sets versus having them host in Azure are two different things. Doing cloud integrations with pieces is easier in Intune than on-prem. It has been a nice thing that we have been dealing with recently.

We are using it for its DM Hosting, user hosting, and end-to-end deployment as well. It is all very nice.

I would like them to stop making changes and not tell people they have already made the changes.

I know that their AI pieces are at the infancy stage, but allowing users to do more tagging for information would be an interesting thing because Intune also directly integrates with Azure. Because a lot of the devices are hosted with that, you also get a lot of tagging of user data and other things like that. Tagging is still at more of an infancy set. You get a lot of false flags.

There can also be a more simplified use case for app deployment. They leverage MSIs and WIN32. I am having a more washed-out EXE process. Rather than having to build the script sets yourself, having them autogenerated script based on you uploading in a default location would be nice.

We are still in phases. It is not simple to just do a hard cutover for a lot of it.

Even though it is a Microsoft product, Microsoft does not sell or support the product directly, so you have to talk to a third-party set that is considered their partner to be able to access support. Our partner is JourneyTEAM. After utilizing billable hours with them and other pieces like that, we have been getting a lot of nice support via them. I would rate JourneyTEAM a 10 out of 10. I really enjoy working with those individuals.

We were using Symantec, and we ended up using Intune. Symantec is a nice security piece, and it does some device management. There is a domain-joined service for laptops. Intune has a similar service set. You do what is called the hardware hash join into the Microsoft Intune to have the laptop cleaned by an organization rather than turning on a VPN and connecting to a domain service for a domain controller that an organization has. A lot of that is cloudly or natively handled by Intune. Especially if you go further with the Intune hardware hash joining process, there are some script sets that were put out. You can even do hardware hash harvesting from where you are purchasing, so you can have the OEMs give you the hardware hashes to be able to input that into your cloud environment. You then know that anyone cannot just walk away with the laptop because it is still joined to your Intune base.

In terms of differences between these two solutions, there is the domain service set. Intune manages the whole domain set, and then it also integrates into the other application sets. Intune is more of a product suite set. It also does the policy and detection pieces for devices, whereas Symantec is more strictly the policy sets and security.

Intune can bring all of your endpoint and security management tools into one place. For the use case that we are doing, we are leveraging additional security software as well, so there is a little bit of everything.

We are not using it for corporate assets. We are utilizing the M365 VM license set, which is a semi-part of Intune. That is how the users are reaching some of the remote corporate resources.

I would rate Intune a 9 out of 10. It is definitely a nice product, but there are nuances to it. Especially with them coming out with and changing name schemes for a lot of the features, you have to do digging to find the whole use case, but with all the options and different use cases, there is a lot to be gained.

I worked with Microsoft Intune in my level two support role. My tasks included license assignment and assisting users with configuration issues, especially in mobile device management for iOS and Android devices.

The features I found most valuable in Intune are its user visibility and troubleshooting options. With Intune, I can easily search for a user and see details about their devices and real-time activity. The advanced audit log is especially helpful for diagnosing login and communication issues. Another standout feature is Autopilot, which simplifies machine integration by automatically adding devices to the domain when they are logged in.

Areas for improvement in Intune include expanding support beyond Samsung devices to accommodate other Android manufacturers like Redmi and Motorola. Additionally, there is a need for better support for Linux operating systems, as patch management for Linux is currently not managed by Intune, unlike for Windows devices.

I have worked with Microsoft Intune for three years.

In terms of stability, Intune generally performs well, but there may be occasional bugs like the issue with Redmi devices. While bugs are addressed, the resolution process can be time-consuming.

Intune is a scalable tool with long-term viability. I think it is likely to remain stable and relevant in the market for at least the next decade, even as competition evolves.

I would rate the technical support team for Intune as a five out of ten. It could be improved a bit.

Neutral

The implementation of Intune follows a structured process, starting with a change activity managed by a dedicated team. This involves creating a ServiceNow ticket detailing the implementation plan, rollback options, and involvement of various teams. After approval, testing is conducted, followed by deployment in a phased manner, typically at the beginning of the month to avoid interfering with critical month-end activities.

In comparison to other vendors, Intune is reasonably priced because it offers a comprehensive package that includes email access, Outlook, Office, and OneDrive storage, with storage increasing based on the license. Other service providers may have limitations and additional storage charges, whereas Intune provides services within a single cost, making it attractive to many companies for its flexibility and included features.

We used Microsoft Intune to solve problems, such as ensuring device security and compliance. For instance, some Redmi devices weren't meeting encryption requirements. We addressed this by enabling developer options on those devices, specifically, Redmi models 5 and above. We documented this solution for reference and future troubleshooting.

The most effective feature for managing and securing our mobile workforce is multifactor authentication. It adds an extra layer of security by requiring additional authentication steps when logging into devices. Additionally, conditional access policies allow us to set specific rules, such as blocking downloads or file transfers from personal devices to company resources, ensuring compliance with security policies.

It took about six months to start seeing the benefits of Intune deployment, especially regarding application deployment and user machine management.

Intune integration with other Microsoft products has strengthened our device management strategy by incorporating in-house applications like Outlook, Wi-Fi, and others. Additionally, it provides a mechanism similar to the Google Play Store for adding required applications internally, including Microsoft products like Dropbox, Google Chrome, and others.

Intune is deployed across various locations and departments within our organization. Licenses are allocated based on department and employee roles by our Office 365 team. Users are added to Active Directory groups, and ServiceNow automates configuration and support requests.

Intune requires regular maintenance, typically provided by the IT team or architects. Microsoft releases service updates approximately every three to four months, during which maintenance downtime may occur. 

I would recommend Microsoft Intune to others, especially those working in the field of technology. Staying updated with new technologies is crucial, and Intune offers valuable features for device management and security. However, the decision to use Intune depends on individual needs and preferences, as well as company requirements.

Overall, I would give Microsoft Intune a seven out of ten. While it is a solid tool, there are other competitors in the market like AirWatch and BlackBerry UEM that offer similar functionalities.