Microsoft Intune Reviews

Intune is a cloud-based platform for mobile application management and mobile device management. We can deploy applications on user devices and enroll user devices. We can enroll devices as per the organization's security policies. The devices comply with all the policies of the organization. We can also change the policies at the backend via Intune.

Intune helps with enrollments and securities. We can control the access to devices and users. We can specify what users can do. We can give role-based access. For example, a person working as a normal user does not require the same access as a manager. We can give access to users based on their roles. For example, a manager can add users to a particular group, but users cannot do that. We can restrict a user from doing certain activities. For example, we can restrict the user from using a camera or microphone. We can do such a configuration at the backend and deploy it to the user device.

Intune is very helpful for IT and security operations. If Intune is not there, we have to manually connect to user devices and deploy the changes. If we have thousands of devices, doing this manually on each and every device is very difficult. With Intune, we just configure the required settings and deploy them to a thousand devices in a single group. In a single step, we can add devices to a group. We can apply configuration easily. It is very helpful. It saves time. Adding or configuring devices manually takes a few months, whereas the same thing can be done with Intune within minutes.

We have had a very good experience. It is a Microsoft product. Everything related to a user is available. We have user names, user devices' names, and user licenses. We can also check the device compliance. We can see whether the device complies with the company policies or not.

Application updates and patching are available through Intune. We can also change group policy settings and registry settings of a device via Intune. We can change these settings without connecting the device. We can do that by deploying the PowerShell script or configuration profiles. For example, a kiosk device should stay up for hours and hours. It should not go to sleep. You can configure such devices to not go to sleep until 999 minutes. It is a very long time. If we enable such settings and add a particular user device group in the configuration, after the device starts syncing with the policy, no device will go to sleep.

With the Advanced Endpoint Analytics, we can see the application installation status. If we deploy a script to the user, we can see the status. We can see if it is a success or if there is a conflict. We can monitor the changes in user devices and check the compliance status. We can see if any app such as CrowdStrike is not updated.

With the help of Advanced Endpoint Analytics, we can proactively detect and remediate anomalies in endpoints. We can then reach out to users.

Intune saves us a lot of time. If we package an application using virtual packaging or physical packaging, it will take nearly two to three hours to package a single application. If we do this in Intune, it takes just minutes to add applications and deploy users. We can also monitor the particular application status in Intune.

The devices that are linked with Azure Active Directory are automatically linked with Intune. That makes the enrollment and management of BYO devices easy.

Intune has affected IT productivity in our organization. By saving time, it has automatically improved productivity.

Intune certainly saves costs. Without a cloud-based solution like Intune, we would require more IT staff.

Microsoft releases updates every second Tuesday. We can deploy those updates from Intune. We can also do patching through Intune. We can do quality updates and feature updates from Intune. We can also monitor the application status in Intune. We can see which applications are installed, pending, or available to install. We can see these things in Intune.

It is user-friendly. We can also troubleshoot any issues.

Intune saves time, and it is very easy to use. It allows us to manage applications completely.

If we could remote into a device, it would be great. Currently, we cannot directly connect to the user device. We have to use other tools such as VMware for connecting to devices.

If there are any issues, we should be able to connect through the Intune portal. The administrator should not have to go anywhere from the portal. He should be able to do everything from the portal.

Intune does not show whether a device is online or offline. It just shows the last login. It would be useful to know whether a device is online or offline.

We can see the issue related to updates in the Intune portal, but we cannot do anything from the Intune end. We have to connect to the user's device manually. We also need a better understanding of why the update is not happening on a particular device. It will decrease the time to troubleshoot the issues.

At times, there have been slowness issues with the company portal. It takes time to load and does not show the application status.

It would be great if there is a way to generate a PowerShell script to do certain things. Learning the PowerShell script is not easy, so such a feature would be helpful. Based on what we want, if it can automatically generate a script, it would be helpful.

It is not necessary, but it would be great if they added a messaging system in Intune. For example, when it is a shared device, a number of users log in to the device. In the case of any issue, it would be great to be able to directly message a user from Intune. Currently, there is no option for that, but if it could be done, it would be a very good thing.

I have been working with this solution for the last 18 months.

It is 100% stable.

It is very scalable.

We have about 12,000 devices and 20,000 users.

So far, I have not raised any questions with them.

I have worked with Microsoft SCCM. It is similar to Intune but not as user-friendly as Intune. Intune is very easy to understand. Its framework is very good. Microsoft SCCM is very old.

I have not worked with any other vendor. 

I am involved in the deployments, enrollments, troubleshooting errors, and monitoring in Intune. I take care of adding devices, users, and licenses, deploying policies, and configuring policies and scripts.

Its deployment does not require much. We just need a license to operate it. Our management takes care of that. There are a few licenses that are active only for nine hours. After nine hours, the roles are deactivated.

It does not require any maintenance from our end.

Intune is linked with Microsoft. We can deploy the Microsoft E365 license to users by Intune. There are different types of licenses, such as device administrator licenses, E5 licenses for device enrollment manually, and P1 and p2 licenses for device enrollment automatically. These are the licenses required for the administration.

I did not evaluate any other option. This was my first project, and I started as an Intune administrator.

It is a very good tool. It is easy to learn. You can expect quick assistance from Intune.

Before using Intune, I would recommend learning about Windows. Learn about the registry, configurations, and group policies. If you know these, it is easy to learn Intune.

You can face enrollment errors if the prerequisites are not met. For example, to upgrade from Windows 10 to Windows 11, you need to have some amount of free space or RAM. If you do not care about the prerequisites and just enroll the device, it causes issues. It will affect the device, and you need to enroll the device again.

I would rate Intune a nine out of ten.

Around 90 percent of our platforms are in the cloud, and our company uses them to manage access to various platforms. In our company, what we used to do when we were on an on-premises setup was to use group policy to basically manage access and authorizations to various services, which can be quite challenging because not everything you want to do on GPO even though it is available in it. You can use or manage VBScript and PowerShell, but it was a bit challenging. With Microsoft Intune, you already have specific processes and platforms that have several things you can do with it in terms of security and in terms of making everything standardized, sort of a standard desktop, or even a customized one based on the user's job title, ranging from executive management to basic back-end staff. Microsoft Intune allows you to customize everything, like security, the availability of some features, and even updating particular systems or where and which system can access which service from a geographical location, which we couldn't do with GPO. Microsoft Intune allows us to be very flexible.

Applications have a feature that allows you to deploy applications remotely to different systems. They can be Windows-built, some business applications, small scripts, or even custom applications. The tool can even deploy fixes, and it has been one of the features we use quite frequently to troubleshoot and fix issues.

The tool brings all of our company's endpoint and security management tools into one place.

Speaking about the impact of Microsoft Intune on our company's IT and security operations, I would say that the tool has done a good job in terms of centralized management, but there is still a lot it can do. Microsoft Intune is just a mobile device management platform. It doesn't really implement security, specifically in terms of endpoint security for ransomware and other attacks, so our company has to supplement with other solutions.

If I assess Intune's user experience, I would say it is perfect and simple. In general, the tool is very easy to use. Every feature or domain, ranging from compliance to security to DLP, integrates very well with Microsoft's other modules.

I am using certain aspects of Microsoft Intune Suite, which involves the new collection of advanced endpoint management and security tools.

If I assess Microsoft Intune for securing hybrid work and protecting the company data and the data on my own devices, I would say that it works very well in handling BYOD cases. For all the corporate business apps, you can't share data outside Microsoft Intune or the enrolled devices. It has to go through all the approved suites of Microsoft Project and then into OneDrive so that we can tell where that information passed, making it basically a DLP type of thing. You can't copy and paste anything into an external product since it must be within Microsoft's suite. The tool really helped our company keep certain information confidential within Microsoft Office Suite, and it doesn't go outside, which is helpful.

I use Intune's Endpoint Privilege Management feature in Microsoft Intune. Speaking about how Intune's Endpoint Privilege Management enables our company to enforce the least privileged access that affects user productivity in our organization, I would say that all our users are at the basic level. Depending on the function users need to do, privileged access might be required, and we can basically elevate them to do it, and then we don't have to do anything beyond that.

In terms of how important it is in the context of our company's journey to the cloud that the capabilities of the Intune Suite are integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices, I would say that the integration part is the key since it has to follow everybody, whether they work on the company's premises or remotely with Microsoft Intune.

Improvements can be made by allowing server integrations since it is an area where the product currently has shortcomings. Currently, it is just endpoints, Windows, and mobile devices, but we would like to see the servers integrated into the tool as well so that the product covers everything.

The product currently lacks any features. For most of what we can't do with the features available in Microsoft Intune, we use PowerShell to address such areas.

I have been using Microsoft Intune for ten years. I work with one of the past versions of the tool.

My company hasn't faced any stability issues associated with the product since its deployment.

It scales up pretty much with ease. It reduces the work on the admin side. It is a very scalable tool.

With Microsoft Intune, my company covers more than 250 devices. I would probably say that it goes up to 300 devices. My company also has many remote staff members.

I have provided technical support for the solution once or twice, but all the information regarding the fixes is mentioned on the internet. I rate the technical support a ten out of ten. In my company, we haven't had any challenging situations that required a prolonged fixing process, and it was usually done in a day or two, within which it used to get resolved.

Positive

Before Microsoft Intune, I used a different solution for enterprise mobility management named VMware AirWatch. My company started using Microsoft Intune since it was bundled with the other services offered under Microsoft. I think my company moved to a new plan with Microsoft, and Microsoft Intune was present in it with Microsoft Enterprise Mobility + Security (EMS). My company thought about why we should pay for another service when we already have one.

VMware integrated with Microsoft like a connector, but every time there is a change or an upgrade to Microsoft's platform, it sort of disrupts VMware. My company then figured out that the closer we are to Microsoft's platforms, the better, which in turn helps us consolidate vendors.

My company involves two types of judgments to determine whether or not the consolidation of vendors my company deals with has affected our security posture. We have a Gartner evaluation, and we are trying to see if our current vendor is at least in the leadership quadrant. After that, we go for their products. Even if a tool is not at the top, it is a win-win situation for us as long as it is there. Gartner has been important in helping our company decide which vendor to consolidate products and services on.

The consolidation of affected vendors has not reduced our company's licensing costs. We recently discovered that Microsoft is basically unbundling several parts of its products. People can now choose Microsoft's models, but you cannot choose what you want as an add-on. In such a phase, we are going to have to compare apples with apples. If Microsoft unbundles Purview, for instance, we have to look for a similar DLP and compare it in terms of price and performance.

I was involved in the tool's initial setup process. Initially, my company faced some complexities with the product's initial setup phase, especially in terms of how to deploy it remotely. We basically had to have every device in front of us physically to do the deployment.

Considering that the deployment phase was an ongoing process, it took three months to be completed.

The product's deployment phase was carried out with the help of our in-house team with the help of the information in the tool's manuals.

The solution was deployed with the help of three people in our company.

From a cost-saving perspective, my company has no information associated with the tool. When we get the budget approved in our company, there is an additional buffer, causing us to have more of an overcapacity scenario rather than an undercapacity one.

My organization is still in the process of discovering several of the overall benefits that we have experienced from the use of the product. My company keeps discovering new features when we use Microsoft Intune's capabilities.

My company has not done any evaluations to figure out whether the product could generate any return on investment. It is something we should do in the future.

In my personal opinion, the product does offer value for money since it offers good security.

It is not difficult to maintain the product. Once the configurations are set at a basic level, the tool just keeps modifying itself and keeps on improving.

In terms of the product price and licensing costs, my company finds the product to be reasonably priced. As long as our budget is approved for it, everything is fine with the pricing part.

My company did not evaluate any other options against Microsoft Intune.

I am not using the enterprise application management features of Microsoft Intune Suite. For applications management, we are basically doing SaaS for most of our applications, so they are on the cloud. The least we do in our company is MFA or two-factor authentication and single sign-on into the enterprise applications, but they are basically on Amazon AWS or SAP.

I am not using the advanced endpoint analytics in the tool.

My company doesn't use Microsoft Copilot in Intune. I would say that my company is waiting for Microsoft Copilot to reach an advanced stage. When I say advanced stage, it means handling business cases that apply to our company's type of business. What we have seen in our company is that in areas like customer relationships and retail banking solutions, Microsoft Copilot works. With Microsoft Copilot, our company hasn't seen any business case related to our work. Microsoft Copilot is mostly for chatbots in CRM and other things, but that is not what my company wants. My company is waiting and hoping that we will see advanced features in Microsoft Copilot by next year. I am working with the basic capabilities of Microsoft Intune.

Intune's Endpoint Privilege Management's least privileged access doesn't affect our organization's attack surface since it is handled by a different platform named Symantec.

My company has not measured if Microsoft Intune has affected IT productivity in our organization, but I believe that it is something that we should do.

I would suggest those planning to implement Microsoft Intune in their company start with a pilot group and implement every aspect they want to implement with that group across different devices, ranging from Androids, iOS, Google, and everything else. In my company, when we did encryption, we found that Android already has an encryption feature, which is basically for Android, so we couldn't turn on the encryption feature. If we did turn on the encryption feature, we would lose information because it was already encrypted by Android.

I rate the tool a ten out of ten.

We use the product to enroll devices, install configurations, and manage apps across our infrastructure. We address issues related to app protection policies, conditional access, and custom policies with its help.

The solution has significantly improved managing a diverse range of devices. We have observed enhancements across Android, iOS, and Windows devices.

One of the product's best features is its ability to integrate company policies and configurations into applications directly.

There could be more competent processes and improvements in the policy space. If devices follow the rules, it will benefit the company. If they do not, it will lead to non-compliance. We have been able to implement some common policies, such as data sharing, handling rooted devices, and managing cyber-available data. We are working on latency and permissions, including PIN tests and direct access to information, to enhance the overall process.

I have four years of experience working with Microsoft Intune.

The product is stable. I rate the stability a ten.

I rate the platform scalability a ten.

The technical support services are satisfactory. 

Positive

The product can be deployed on the cloud or on-premises. 

First, we access the Azure portal by browsing the URL and searching for Intune. Later, we can directly log in to the endpoint management section.

We create and assign licenses to use these tools and then provide users with instructions. Users have to download the company portal and follow the setup steps, which include entering necessary personal information, accepting terms, and managing settings.

Next, we handle the installation process within the company. We need to trust the application by selecting the appropriate option. If applicable, we enable settings on mobile devices. Following that, users must log in and configure settings as required. These options and settings are available through the company portal. The process is straightforward, and it doesn't require maintenance.

The product has helped save money. I would estimate that it has saved around 20% of the investment.

The product is expensive. 

Microsoft Intune provides everything in one place and streamlines our security operations significantly. It has impacted IT productivity across different devices, including Android, AWS, and Windows.

We use application management within Intune Suite. For instance, on Windows devices, we create and manage applications through a structured process. It involves configuring firewall settings, managing OS types, and ensuring that PC applications are updated regularly. We typically make monthly changes and create and manage application packages to maintain quality and compliance.

Copilot has simplified our operations by streamlining the issue management process. For instance, we can efficiently address and resolve issues when we receive tickets. It assists with authentication and other Intune-related tasks, which helps us handle hardware-related issues more effectively.

Intune helps secure hybrid work environments by managing both company-owned and bring-your-own devices. You can enforce policies to convert personal devices into compliant company devices, ensuring that data is protected regardless of whether the device is company-owned or personal.

Endpoint privilege management is integrated into our endpoint management system. It helps us manage and control permissions for various applications and endpoints. It allows us to enforce least-privileged access, which helps minimize security risks. I use it in my organization to enforce the least privileged access. It involves managing access through various channels and ensuring users sign in and complete necessary audits. The process is designed to act as a mediator.

I recommend it to other users and rate it a ten.

We use Microsoft Intune to manage our computers and users and enforce organizational policies on the computers. We wanted to remove our in-house service and move device management from on-premise to the tool. This helped us manage devices for staff who don't come to the office across locations. Before, when we had policy changes, they weren't always applied or enforced for remote staff in time. We needed a better solution, and Microsoft Intune worked well for our needs.

What I like most about the tool is that it's now very easy to set up a device for someone to use. It also helps us tremendously in managing security.

Before, we used on-premise management with a domain controller. It was difficult to manage security comprehensively. For example, it was hard to know which computers were updated. We weren't able to do that easily with our previous solution.

Having all our endpoint and security management tools in one place with the product has made things very easy and efficient for us. Before, it was sometimes difficult to know what problems a device had. But now, we can see any issues or vulnerabilities on a device. We can also easily apply any needed updates.

I find the tool's user experience very good for the admin side. It's easy to use—you only need a browser and can work from anywhere. This makes it very convenient for us admins to provide support from any location.

It's now much easier for end users to provision a device. Wherever the person is, we can get them to sign in to their account for the first time. This is a big improvement because previously, the person would have had to be physically in the office to use the organization's domain for the first time. Now, it's become much simpler for them to get set up.

The main benefit of using Microsoft Intune is that we can now provide support from anywhere. One major problem we had before was when we needed to give someone an admin password. Now, we can give the password to the person and then change it immediately. This has been very helpful, especially since we have many people working remotely. 

We have situations where people have to use their devices to access organizational resources. One of our issues was when someone had to use a personal device to access organizational resources. How are we sure that the right person is using it? How can we control the resource? Now, if you want to use your device, we don't have any issues. We enroll it, and if we need to wipe our resources, we can do it. So it helps us in that area.

The solution's impact on productivity has been tremendous because now we can manage everything. Before, with the old solution, sometimes our server would give us problems. Now, Microsoft handles all that, so we don't have to spend time fixing server issues. This allows us to focus on specific issues for individual users.

Maintaining servers, backups, and related costs was a huge cost for a small organization. Now, with Microsoft Intune, you scale as needed. We don't need to spend too much on servers and their associated costs, which has been very good for us.

Applying security recommendations can be difficult in Microsoft Intune. Sometimes, they give you recommendations, but you need a different server to manage the pieces, or you have to go to each device individually. However, it has been improving. Before, there were certain policies you could not implement directly in Intune, but now I see progress. I would like to see more improvement in policy management, similar to how we used group policies on-premises.

I have been using the product for five to seven years. 

I rate the solution's stability an eight out of ten. 

The solution is used in two regions. In Ghana, we have about 100 users; in the second location, we have another 70. It is scalable. 

The solution's support is not straightforward. They do not provide the solutions that we expect them to provide. 

Neutral

Before using Microsoft Intune, we used Google for Business. We switched because Microsoft provided us with almost everything in one place, making it easier to manage everything centrally. Using Microsoft alone was more efficient than bringing in Microsoft at some points while using Google.

The tool's deployment is straightforward. We conducted a two-month pilot and then completed the device migration in two weeks with the help of three resources. 

One person came with the license, and two resources were in-house. 

The solution helps to save costs by 20 percent. Implementing Microsoft Intune has made us use less IT software for security. Before, we had to rely on expensive third-party security solutions that didn't consider our size. With the product, we can manage everything at a fraction of the cost, focusing on user licenses. We've seen a return on investment with it, especially during the COVID period, as we could get everything done without issues. Overall, Intune has saved us about 50% in time and resources.

The solution is cost-efficient. 

We're not using Microsoft Intune Suite's enterprise application management feature. We're using the business line version, which doesn't have all the features of the enterprise version. However, it provides us with updates on vulnerabilities and recommendations on the security side. 

For anyone considering the product, I would tell them to consider it if they want to have peace of mind and be able to give their best. Microsoft Copilot is on our roadmap for next year. 

Microsoft 365 and Microsoft security must be integrated for cloud and co-managed devices. This integration makes it easy to apply solutions from one point and have them work across the system. If we were using different systems, we would need to grant permission for them to communicate, which could cause issues. It helps to spend less time getting the work done. As for maintenance, I haven't noticed anything required on my part.

I would recommend Intune, especially if you're not a large enterprise that can afford various tools from various vendors. Microsoft products make it very easy to run your business and have control and visibility. Sometimes, you don't know what's happening in your environment, and Microsoft Intune helps you understand what is happening. Overall, I would rate it a seven out of ten.

We use the solution for endpoint management for about 15,000 devices. It helps us ensure compliance and security for our devices according to standards. We also use it for application management, security and compliance, and centralized management from a single point. So, it covers endpoint management, app management, and compliance management and provides centralized control.

We were trying to solve many issues, mainly the lack of centralized management. Before Microsoft Intune, we had to manually support devices one by one, installing applications and configuring policies individually. When we implemented the tool, it became much easier to manage our devices. We enroll them in Microsoft Intune and can manage all devices with a few clicks. For application management, it's the same process. If we want to deploy applications to hundreds or thousands of devices, we can do it easily with just a few clicks. This also applies to policies. 

I have been using Microsoft Intune and another solution for endpoint management. What I like the most about IT is that it's a cloud-based solution. We don't need any on-premises infrastructure to manage it. It's easy to access the portal from anywhere securely. This setup reduces our workload because Microsoft handles everything related to the infrastructure, including notifications about any downtime. This way, we can inform our customers in advance.

We are currently using different solutions, but all from Microsoft. We use Microsoft Defender for Endpoint Security. it also includes Microsoft Defender. In the future, we might use these tools for security purposes.

The solution's user experience is very good. Compared with on-premises solutions, it deploys applications and policies faster, resolving user queries in less time. Configuring anything is easier; users only need to follow a few basic steps, such as installing the company portal app and logging in with their ID and password, to integrate their device. Unlike on-premises solutions, which can be confusing, the solution allows us to manage various devices, including Linux, mobile devices, and Windows. 

It functions similarly to on-premises but offers additional features. For example, we can maintain applications downloaded from the Microsoft Store and onboard them as a solution for user-based deployment. This reduces the need to create manual packages, as most applications are available on the Microsoft resource.

The solution needs to improve reporting. Sometimes, it shows double or triple entries of the same thing, which affects the count's accuracy. Also, some applications onboarded in Microsoft Intune do not get updated. When we look for solutions online, there is often no clear answer.

Microsoft Intune has no automatic cleanup option for devices that haven't been used for over 90 days. It would be beneficial for Microsoft to add such a feature.

I have been using the product for two years and six months. 

The solution is stable, but there was one incident where we faced an issue with a security patch. We didn't receive any notification about this problem, which caused significant issues in our infrastructure. Regarding SLA, we now receive multiple notifications from Microsoft about planned downtimes. 

The tool is used by users in our environment across various locations, including RU, APAC, China, India, Pakistan, and Germany. It is scalable. 

Microsoft support takes time to respond. 

Neutral

The installation and implementation were very easy compared to on-premises solutions. We just needed one Azure account to create a tenant and log in to endpoint management. The setup required only a full subscription. On-premises setups, by contrast, need multiple servers, VPNs, and IP configurations, which is much more complicated. Configuring the tool took around 10-20 minutes, and only one person was needed.

The solution has reduced manual labor by approximately 15%. Many business applications, such as Google Chrome and VLC Media Player, are available in the Microsoft Store. We still need to manually create packages for a few custom applications used by our organization that aren't available in the Microsoft Store. However, we can onboard the majority of applications without creating manual packages. Being a cloud-based solution, it eliminates the need for multiple on-premises servers and the associated infrastructure. We only need a cloud subscription to manage everything. We can save around 40 percent on costs with Microsoft Intune. It has also helped us save money, time, and resources by 50-60 percent. 

We use the workbook to describe data on device compliance. It helps us generate reports and analytics about how many devices are compliant and how many are below the patch compliance deadline for updates. We do use some of the reporting features. For endpoint security, we can check how many devices have been affected by malware and how many have an updated Defender platform.

Microsoft Intune is a cloud solution, so there's no need to maintain servers, patch networks, or configure network info. It provides EDR capabilities. The solution also allows for mobility management, meaning we can manage mobile devices. Additionally, it can manage Chrome OS and Linux devices, though we aren't currently using that feature. The tool offers a centralized solution for deploying policies, compliance policies, application management, and patching servers and workstations.

The product has reduced our costs and centralized management. We can manage all our devices from a single console, which is very effective for reporting.

It simplifies deploying applications. We can push policies to ensure only certain users can access specific applications. Additionally, Intune allows us to create user and device groups.

Currently, we manage privileges through Azure AD. We have groups set up with specific group policies and restrictions. For example, we've assigned certain licenses, such as E5 and Office 365 Copilot licenses, to users through these groups, granting them the necessary privileges to access these features.

The solution supports logging, which helps us easily trace and identify issues. It also provides many reports on device compliance and configuration. This capability helps us reduce the time required to reach out to Azure. 

It centralizes the management of users, groups, and applications. In an on-premises setup, we would need multiple teams, such as an AD and application packaging team. With Microsoft Intune, we don't need to create packages for many applications, as they are already available in the line of business.

I would recommend it to other users because it's a cloud solution that centralizes the management of endpoint devices, security, and Azure products. However, I would mention that reporting is an area where the tool could improve, as it's crucial for some organizations. If reporting is a critical need, Microsoft Intune might not fully meet those requirements.

I rate it an eight out of ten. 

We use Intune as the MDM platform, and we used to deploy some products connected to Intune. 

Intune has improved productivity somewhat by connecting the AD with Microsoft Defender and the MDM because we can identify the Internet server. That's the main application or port over which we can manage our infrastructure. It streamlines device management. 

I like how Intune deploys the policies and makes them customizable. You can deploy it through Intune and forget about it. 

You can connect Defender for Endpoint to Intune and assign the client to start porting detections and alerts, creating a little security operations center. The integration is easy but tricky for someone who doesn't know how to use it. Once you learn to use it, it's a powerful tool that can condense most of your administrative tasks into one place

Integration with Microsoft 365 and security is critical if you have a Microsoft infrastructure. You want all the tools to be connected and exchanging data so that when you make a change or deploy something, you can make an informed decision and log the errors. You can avoid having different types of configurations and strengthen your policies. 

We've been using what they call conditional access in which we set up policies and apply them based on certain conditions and attributes. For example, you can apply some policies to company-owned devices and a different set of policies to devices for personal use. 

Sometimes, it takes time to synchronize the policies between the portal and the devices, you don't have a way to estimate how long it will take to deploy. You have some kind of gray area, where it can deploy in 30 minutes or three days. 

I have two years of experience with Intune

I rate Microsoft support nine out of 10. When we raise a ticket, they respond with a solution or guidance on how to fix the problem within 24 hours. 

Positive

We used VMware Workspace ONE and one other MDM. Based on my experience, I think Intune is the most robust because of how easily it can integrate with the other Microsoft tools. You won't need to deal with the process of connecting the Active Directory to Intune. Once you have your account with a subscription and a license, it will connect automatically, and you won't have a big problem with it. 

Microsoft offers a license that lets you access all the tools. Purchasing that license will probably be the most cost-effective if you plan to implement a Microsoft-oriented infrastructure. It's cheaper than purchasing all the products separately. 

I rate Microsoft Intune eight out of 10. 

We use Microsoft Intune for managing mobile devices. We considered purchasing another solution but ultimately decided to leverage the tools already available within our Microsoft product portfolio.

Microsoft Intune helps us achieve better predictability and a more secure mobile device environment.

Intune consolidates all our endpoint management tools into a single platform. This simplifies our software footprint. We began with mobile devices and are now expanding to personal computers and beyond. While the process may seem ongoing, it reflects the continuous growth of our endpoint management needs.

Intune is user-friendly. Supporting users doesn't require a huge effort. We've even created a self-service portal and instructions to help them install and manage their devices independently. We centrally manage policies and other configurations. This approach eliminates the need for users to bring their devices to service for initial setup, even for mobile devices. It's all about centralized management. When we provide company devices, everything is managed in one place with consistent policies. Software updates are also streamlined. Compared to older Microsoft tools, Intune offers a significant improvement. Updating software and maintaining the system is much easier with Intune.

Our overall security posture is good. We have implemented all of Microsoft's recommended security baselines. As a result, we use Microsoft Defender for Endpoint to protect both our desktops and mobile devices.

Overall, Microsoft Intune has positively impacted productivity within our organization. Several routine tasks that previously required manual intervention are now automated. This includes administrative functions, monitoring processes for functionality, and even interacting with processes that previously demanded significant manual effort.

By integrating Azure Active Directory Conditional Access with Microsoft Intune, we achieved full visibility of our devices, even when disconnected from the company network. This enhanced security posture is particularly beneficial for our remote workforce.

We can securely manage both company-owned devices and personal devices enrolled in our BYOD program. Intune allows us to create different profiles with varying security settings. This enables us to enforce strong security policies while maintaining flexibility. In case of a compromised device, Intune allows us to remotely wipe it, ensuring our data remains secure.

Intune does not provide real-time visibility. Since it's an online tool, it can take a few hours for the records to update.

I have been using Microsoft Intune for two years.

Microsoft Intune is stable.

Intune reduces the number of people needed for routine tasks, freeing them up for higher-value projects. This reallocation of resources delivers a clear return on investment.

Our enterprise agreement includes Microsoft Intune at no additional cost. To add advanced endpoint protection, we need a separate, but relatively inexpensive plan. This makes it a much more cost-effective solution compared to buying these capabilities as separate products.

We considered other mobile device management solutions, such as Davenport and a VMware product, but ultimately chose to stay with Intune due to its rapid development pace.

I would rate Microsoft Intune 8 out of 10. Microsoft Intune excels in environments with standardized devices, but organizations with a mix of models and devices may require significant manual configuration to ensure functionality.

In the past, I wouldn't have recommended Intune. However, with its integration into the Microsoft product line, it has become a valuable tool for any organization's IT portfolio.

While Microsoft Intune offers centralized management and policy enforcement, it doesn't consolidate all endpoint and security management tools into a single platform. To comprehensively safeguard systems, additional solutions such as Microsoft Defender for Endpoint are necessary.

Achieving comprehensive endpoint visibility and IT control across various device platforms is a complex task, considering the diversity and freedom inherent in different systems. However, when it comes to deploying and managing devices like tablets, mobile phones, laptops, and specialized devices in Germany, a systematic and organized approach is crucial. Particularly noteworthy is the ability to configure IoT devices, such as numerous thermostats, water control systems, or sprinkler devices. Without a solution like Intune, scaling becomes a challenging issue, especially when dealing with thousands of such devices. Therefore, the use of a system like Intune becomes imperative in addressing these scaling challenges and ensuring effective device management.

On a scale of one to ten, I would rate my user experience with Intune as a six. The lack of intuitiveness makes it cumbersome to track and understand what needs configuration, especially when dealing with aspects like OneDrive and having to cross-reference settings across different areas of Intune.

In the context of securing hybrid work with Intune, our experience involved a two-day effort to configure the certificate for the Conditional Access server. However, once this initial setup was completed, we successfully configured VPN access for mobile phones. Despite the initial complexity, especially for a large company, Intune delivered on its advertised promises and proved effective in fulfilling the intended security functions.

Intune's effectiveness in securing data on company and BYOD devices is based on distributing security configuration data. While valuable, Intune has limitations, and comprehensive protection against cyber threats requires a sophisticated approach, including hybrid artificial intelligence solutions like Microsoft Defender for Endpoint. While Intune aids in system configuration, detecting and preventing attacks demands a more advanced defense strategy, comparable to sophisticated endpoint protection. Hybrid AI, with continuous human input, enhances threat evaluation, recognizing nuanced situations like suspicious timings in actions on developer endpoints.

It positively impacted IT productivity within the organization by enabling the secure addition of thousands of mobile phones to the VPN. In this regard, it performed effectively.

It played a crucial role in mitigating the risk of security breaches by securely distributing VPN certificates. While effective in this aspect, it's important to note that this alone is not sufficient. Endpoint security, such as developer endpoints, is analogous to having specialized tools for reading and managing complex systems.

It significantly contributed to cost savings. Manual configuration for each mobile phone would have taken approximately an hour per device per year, amounting to three or four thousand hours annually. However, with Intune, we accomplished the task in two days for five thousand devices, equivalent to around one hundred sixty hours. This resulted in substantial efficiency, reducing the effort from an ongoing five thousand hours per year to a one-time investment of a hundred sixty hours.

One of the most valuable aspects of Microsoft Intune is its seamless integration with Azure Active Directory, offering capabilities akin to Group Policy Objects. This integration provides a centralized platform for managing and enforcing policies, ensuring the stability of configuration data across devices, resembling the familiar functionalities of traditional group policies in an on-premises Active Directory environment.

In utilizing Intune's endpoint privilege management feature, I've primarily focused on configuring VPN access and certificates, although I'm not an Intune specialist. It's versatile enough for both configuring VPN access and managing large-scale IoT servers. For instance, in building management systems, especially in large structures like bank buildings, where numerous actuators are involved, configuring and securing them becomes a complex task. Intune proves valuable in this context. However, it's essential to recognize that while Intune serves as a powerful tool, relying solely on it is insufficient for comprehensive system security.

The integration of Intune capabilities with Microsoft 365 and Microsoft Security is crucial. As mentioned earlier, securing your machine requires tools like a developer endpoint, and relying solely on Intune may not be sufficient. While Intune allows configuration and deployment of Defender for Endpoints, having a dedicated tool is essential. The unique selling point of Microsoft lies in its seamless integration, especially notable for those working with Linux systems, where Microsoft's comprehensive integration sets it apart.

In terms of configuration, my experience with Intune is somewhat mixed. The configuration tool appears to be scattered throughout the Intune interface, requiring frequent navigation back and forth. The web interface, while functional, isn't particularly user-friendly, leading me to find PowerShell a preferable option. However, using PowerShell involves investing time in developing scripts. The challenge lies in the complexity of navigating between profiles and MDM configurations. Multiple windows need to be open simultaneously to grasp the overall configuration landscape.

I wish there was an improvement in the configuration process, as currently, it involves navigating through different locations with multiple windows open. Having a dedicated configuration server that assists in modifying the configuration service, and creating personalized structures, interfaces, and web services could enhance usability.

I have been working with it for three years. 

When evaluating stability, it's essential to consider the multitude of adversarial attempts, particularly from military opponents engaging in hacking activities. Microsoft has demonstrated its capability to withstand and defend against such sophisticated attacks, setting a high standard for security.

Considering the extensive number of support calls, I believe Microsoft handles them as effectively as possible. I would rate its customer service and support eight out of ten.

Positive

In the past, we utilized Windows services.

The number of people required for deployment depends on the specific tasks at hand. For instance, implementing the VPN solution involved five individuals, including specialists for firewalls and virtualization for the server endpoint. If the focus is solely on Intune-related tasks, one expert may be sufficient. However, in typical scenarios where Intune is used for onboarding machines or mobile device management, you'll need administrators with access to the relevant machines. It functions as a collaborative administration tool, and the required personnel would depend on the number of departments involved.

The pricing is inherently reasonable, as Microsoft leverages market insights to maintain the total cost of ownership at around ninety to ninety-five percent of what would be incurred in an on-premise scenario. Microsoft products inherently benefit from economies of scale and global reach, making them cost-effective.

It aids in vendor consolidation; otherwise, we would have had to manually configure around three thousand mobile phones.

It impacts the security posture positively when you are aware of what you configure and can update configurations promptly. However, as mentioned, the need for artificial intelligence in Endpoint Protection remains crucial.

I would recommend subscribing to reputable YouTube channels that focus on Intune or related topics. Building a strong foundation and gaining practical experience is crucial to understanding the intricacies of Intune. Overall, I would rate it eight out of ten.