Microsoft Intune Reviews

One prominent use case for Microsoft Intune revolves around the Active Directory, particularly focusing on user and device management, as well as mobile device enrollment. The primary objective in this scenario is to establish effective governance. This involves tasks such as pushing passwords and implementing policies seamlessly.

The most significant benefit lies in the ability to seamlessly handle personal devices, such as iPads, ensuring automatic compliance with comprehensive policies. The convenience of having robust support makes it easy for staff to manage device configurations independently, eliminating the need for external intervention.

It consolidates all endpoint and security management tools in a single location, significantly enhancing the employee experience. This is especially beneficial for executives or high-profile individuals who frequently change devices. The process is simplified – whether configuring a new iPad or downloading required applications, it's all streamlined. Executives and end-users can manage device enrollment independently without relying on support staff for tasks like setting up Outlook or other tools. The system allows for immediate enrollment and device tracking.

It offers comprehensive endpoint visibility and IT control across various device platforms. This proves highly beneficial for IT operation teams, providing details on the number of devices, their compliance status, and overall device status, including network access. The dedicated dashboard is a valuable tool, allowing users to proceed with applications and configure settings. Additionally, it assists in managing devices that may not have updated configurations promptly. For instance, in the case of a new iOS release, users receive reminders to update their devices, ensuring compliance with company policies and continued access to enterprise data.

Our experience with Intune in terms of user satisfaction is outstanding. If we were to quantify it on a scale from one to ten, I would confidently rate it around nine.

Intune plays a crucial role in securing hybrid work environments and safeguarding company data on both company-owned and BYOD devices. On a scale from one to ten, I would rate its effectiveness a nine.

The influence of Intune on our organization's security is substantial. Its impact is significant because I no longer need to be concerned about compliance or the enforcement of policies. With a single dashboard, I can efficiently handle all aspects related to compliance and security.

It has impacted IT productivity in our organization, and I would rate it around seven on a scale of one to ten. The flexibility of using Intune on multiple devices, including up to three or four, has been particularly beneficial. Whether I'm traveling or working remotely, I don't need to carry my laptop everywhere. I can efficiently manage emails and other tasks on my iPad, and if necessary, respond to emails, take calls, or update documents. Additionally, using my iPad for note-taking with OneNote is seamless – all notes captured on my iPad are automatically synchronized with my laptop. These features prove highly useful and convenient in various scenarios.

It has assisted our organization in cost savings, approximately ranging from twenty-five to thirty percent.

The system as a whole is immensely valuable, proving to be highly helpful and practical.

There has been a noticeable increase in productivity for both my organization and clients. The primary factor contributing to this enhancement is the user-friendly nature of the platform, coupled with effective technical support.

An area for improvement is the absence of seamless integration, particularly with external dashboards. Currently, to obtain an updated overview of devices not in compliance, we need to download the data, restricting visibility across other platforms like Power BI or third-party dashboards. This presents a challenge as we have to manually pull and manage the data, highlighting the need for enhanced integration with dashboard solutions.

I have been using it for three years.

I would rate its stability capabilities nine out of ten.

Its scalability is highly commendable, and I would give it a rating of nine out of ten.

The technical support is quite effective, and I would rate it at around nine out of ten.

Positive

The initial setup was quite straightforward.

It is deployed across various locations and departments.

Maintenance primarily involves administrative staff occasionally creating reports or extracting specific data. Apart from these tasks, there doesn't seem to be much ongoing maintenance required.

We have seen a return on investment by using it.

The cost is somewhat on the higher side, particularly when considering certain price points, especially in markets like India. It takes time for people to recognize and appreciate the features offered. Convincing customers to adopt this solution can be challenging initially, but as they explore its capabilities over time, they acknowledge the value of the investment. If the pricing were more competitive, it would be easier for me to recommend it to customers as their preferred choice over other endpoint management solutions.

The integration of Intune Suite capabilities with Microsoft 365 and Microsoft Security is of utmost importance to us. This is the primary reason why I encourage both my customers and the IT department to leverage it. The combined benefits of Intune with Microsoft 365 are substantial.

I encourage my users to embrace new ways of working and explore how tools like Intune can enhance productivity. Instead of relying on traditional methods and seeking IT staff for assistance, it's essential to leverage technology for improved efficiency. Overall, I would rate it eight out of ten.

I use Microsoft Intune to manage and secure all our devices from one central platform. It helps me enroll and configure devices, deploy applications, and enforce security policies.

We chose Microsoft Intune to enhance endpoint management, leveraging Azure Active Directory for robust authentication. Intune's cloud-based solutions streamline device and application management, providing a user-friendly interface while ensuring strong security measures and policy compliance.

Intune has significantly bolstered our organization's security by consistently applying the latest security policies and conducting regular assessments. Its proactive approach ensures that our security measures remain robust and up-to-date.

It has significantly increased overall IT productivity in the company by enhancing efficiency and operational effectiveness. For example, its continuous monitoring and detection capabilities prevent unauthorized access attempts and streamline resource creation processes.

Microsoft Intune has notably reduced the risk of security breaches in our organization. It has significantly elevated our security posture, which is evident in the increased security score it has provided.

Microsoft Intune has helped our company save costs, especially with the implementation of policies like BYOD. This has been a significant cost-saving measure for us.

The standout features of Intune are its excellent mobile device management and highly effective application management capabilities. They streamline our operations and significantly enhance security measures.

In terms of improvement, Microsoft Intune could enhance its patch management for various devices, ensuring regular updates and tracking of device privileges. Performance reports would also be valuable for better monitoring and management.

I have been working with Microsoft Intune for five years.

Intune is a quite stable product.

We have 2,000 users currently utilizing Intune. It is highly scalable.

I would rate Microsoft's technical support as a nine out of ten.

Positive

Before Microsoft Intune, we were using SCCM, which is a more traditional approach. We switched to Intune for its modern and comprehensive capabilities, as SCCM lacked certain functionalities and agility.

The initial setup of Intune was straightforward, taking just one day to deploy. Our implementation strategy focused on identifying and securing all available assets, including desktops and mobiles. The setup was managed by one person.

Endpoint Privilege Management, through enforcing the least privileged access, enhances user productivity by safeguarding sensitive resources and data. This proactive approach aligns with auditor-defined policies, ensuring secure privileged account life cycles and minimizing operational costs. It simplifies management while providing robust protection.

Endpoint Privilege Management strengthens our security against attacks by limiting privileged access. For real-time protection, it defends against malware threats on all devices, including new or remote ones.

Intune helped us consolidate vendors, enhancing security without significantly affecting license costs, as it operates on an enterprise model. This streamlining has improved our overall vendor engagement.

Intune's integration with Microsoft 365 and Microsoft Security is crucial for our cloud journey. It provides the flexibility for users to bring their own devices and work from anywhere, aligning with our automation scaling needs.

My advice for people who are considering using Microsoft Intune is to go for it. It offers excellent scalability, accommodating any number of devices, and it is straightforward to set up, providing effective plug-and-play functionality. Overall, I would rate it as a nine out of ten.

We've experimented with and deployed Autopilot for building and deploying software through Intune, utilizing Intune policies to modify Azure AD joined systems, now referred to as Entra joined. This covers the entire scope of Intune that we've explored and implemented.

We are a consulting company with extensive experience in deploying Intune. We utilize Intune for hybrid join Entra machines. For clients who have the necessary licenses, while Intune is not a full-fledged Remote Monitoring and Management solution, it can serve as an effective replacement for RMM if you are a Managed Service Provider.

While more mature tools exist for securing hybrid work and protecting data on BYOD and company devices, Intune is a viable option for clients who want to leverage MDM with their Premium or E3 license, especially if cost is a major concern. Despite some challenges with Samsung Knox and iOS devices, Intune has shown improvement, and these issues are less frequent. As Microsoft doesn't have a native phone, limitations are inevitable.

The Mobile Device Management in Intune is a valuable feature.

Microsoft recently separated Defender into Security. Intune does not centralize all endpoint and security management tools into one place. It used to be more centralized.

The Microsoft support has been subpar for some time now. Troubleshooting issues often require us to involve a partner, which isn't an ideal or easily manageable solution given the challenges with Microsoft support. We need a reliable partner, but that partnership might still require Microsoft's assistance.

We've faced significant pushback with Copilot as our clients aren't seeing a favorable cost-benefit analysis. Many are opting for ChatGPT Enterprise instead of integrating Copilot into their workflows. We initially expected significant value from Copilot, but Microsoft's pricing is excessive, and the product itself is not exceptional. It remains quite rudimentary in its current state.

Microsoft should not rely on partners to fix issues. While users can open tickets with Microsoft, they often cannot resolve the problems themselves and must engage a partner. This is not an à la carte solution. Perhaps when Copilot eventually becomes available, it will address this. It's not Intune's fault, as it is used frequently.

I have been using Microsoft Intune for ten years.

The technical support is not good.

Negative

We tried numerous solutions prior to Intune, but Microsoft's inclusion of it within their licensing model incentivized us to adopt it. Since we were already paying for the license, it made sense to leverage its full potential and maximize our investment.

If you're subscribing to Premium or E3, there are no additional costs for Intune, it's included. However, with lower-tier plans, you don't get the full suite of security features. Depending on your specific licenses, you might have some level of Advanced Threat Protection, Endpoint Detection Response, or other Defender tools, but not the complete package. Generally, for around 300 users, you get decent protection with Defender for desktop and server – it's a good value. But with E5 licenses, you're at the enterprise level, and you get what you pay for, so expect add-ons. I don't think Microsoft would position Intune as a primary security product anymore, given their recent cloud changes and the focus on Defender. Intune is useful for patching, but it's not a comprehensive security solution in itself. That's why Microsoft has rebranded their security offerings under security.microsoft.com.

I rate Intune six out of ten.

Many of our clients with premium or E3 or above licenses use Intune because it's included in their Microsoft solution. They prefer to leverage a Microsoft product over a third-party alternative. Additionally, Intune allows us to maximize the value of our clients' existing licenses. Therefore, if a client has a premium license, has under 300 users, or is on E3 or above, there's no reason to use another solution when Intune is readily available.

Microsoft recently transitioned from Intune to Endpoint, then back to Intune. Additionally, they moved certain security aspects of Purview into a separate deployment, as is the case with their ATP Defender Suite. This shift signifies a move away from a single, unified management interface to a more distributed model.

We use the enterprise application management feature to roll out apps. While there are better tools available for app discovery, deployment, and automatic updating, Intune's inclusion in the Microsoft bundle keeps costs down. Although Intune may not be the ideal solution for automated application deployment or MDM, its integration with Microsoft licenses makes it a worthwhile option, especially with the expectation of future improvements from Microsoft.

We use the Advanced Endpoint Analytics but it is no longer in Intune. It's been moved over to the security portal for Defender.

The endpoint analytics feature, which helps proactively detect and remediate anomalies and endpoints, is now part of Microsoft Defender formerly known as Advanced Threat Protection. Gartner rates it very highly. To perform threat hunting, we need the appropriate licensing, such as a P2 Defender license. This functionality is not available within Intune. We are transitioning from the older Advanced Threat Protection to the newer Microsoft Defender platform. Previously, configuration was done through Intune, but now we manage it through the Microsoft security site.

My advice for any organization that is already paying for a Premium or above Microsoft license is to deploy Intune because it makes financial sense. Intune is not a bad tool but if they run into any issues, the Microsoft support is no good so they need to rely on a good partner to help resolve the issue.

Microsoft cannot fully replicate the functionality of a Remote Monitoring and Management tool. However, it could incorporate certain RMM features into its existing products or develop new tools that complement RMM solutions.

By implementing Intune, we are exposing aspects of our infrastructure to the cloud that traditionally would remain on-premises. This means relying heavily on Microsoft's infrastructure and security. As we saw a few years ago with the Department of Justice's issues, which were clearly Microsoft-related, placing all our trust in one provider can lead to potential problems. However, despite these concerns, we have not encountered any security issues with Intune to date. But at the end of the day, we are maximizing our license.

Intune deployment is straightforward if you're well-prepared, whether for a hybrid setup or a purely Azure-based one. Packaging new apps is generally well-documented, but troubleshooting can be trickier. There are helpful PowerShell scripts available, though they might not be easy to find.

We use Microsoft Intune to automate the onboarding and maintenance of our customers.

Before using Microsoft Intune, we struggled with software deployment and remote device wipe capabilities.

Most of the Intune is for all the remote devices, so it's all on-prem. For cloud, it wouldn't make too much sense.

Microsoft Intune brings all our endpoint and security management tools into one place. We use both Mac and Windows devices. Having all our endpoints and management tools in one place is helpful. I have a single place to check for current status and add and remove assets.

Microsoft Intune provides full endpoint visibility and IT control across device platforms. Having full endpoint visibility and IT control across device platforms allows us to deploy and manage the systems more effectively.

Intune works well and is seamless for the users.

Intune has allowed us to standardize better.

Intune's use of Microsoft security signals has improved our security because we can now take remote action on these systems as well as have a more common deployment.

It has helped to reduce the risk of security breaches in our organization because of the standardization and single sign-on.

It has also helped us reduce the number of IT staff, saving us costs.

The Asset Management and Auto Pilot are valuable features.

One of the other features we leverage is the single sign-on that Intune facilitates.

The Mac integration has room for improvement.

I have been using Microsoft Intune for two years.

I have not had any stability issues with Microsoft Intune.

Microsoft Intune is highly scalable.

Although I have not used the technical support for Intune, I am not happy with Microsoft's technical support in general.

Negative

The initial deployment was complex until we understood the process. We went through a simple dev test and then prod methodology. 

Two to three people were required for the deployment.

We implement Intune for our customers.

For organizations that are a Microsoft shop, the pricing is compelling. To buy it outright, it's two dollars a seat, which is cheap. The price is worth it.

I would rate Microsoft Intune an eight out of ten.

We have 400 users across multiple regions internationally.

Given the evolving security landscape in the cloud, it's crucial that Intune Suite is integrated with Microsoft 365 and Microsoft Security for both cloud and co-managed devices.

Maintenance is required to keep the packages up to date for any software we deploy. We have four people that deal with the maintenance.

I recommend planning and understanding how Intune will be used before deploying it.

We use Microsoft Intune to manage our corporate devices such as mobile devices.

Microsoft Intune unifies all of our endpoints and security management tools.

Since Intune is part of Microsoft and managed under one umbrella, we don't need any third-party solutions and we can control everything from Intune which enhances our IT and security operations.

Microsoft Intune provides full endpoint visibility and IT control across device platforms ensuring our data is secure.

The user experience for Intune is good.

Microsoft's security signals within Intune improve our security posture.

Endpoint Privilege Management enables us to enforce least privilege access. We can assign different types of access based on each user.

Our attack surface is minimized because if there are any threats or suspicious activity, the affected device is automatically blocked and it becomes non-compliant. The application and company data become inaccessible until the issue has been resolved. These actions also trigger email notifications to inform us of the situation.

Implementing Microsoft Intune has significantly improved the efficiency of our IT team. Previously, managing our devices involved juggling Active Directory and SCCM, requiring multiple tools and a scattered approach. Now, with everything centralized in the cloud, we have a single portal, a single point of control, and a single subscription. This eliminates the need for dedicated servers and complex hardware setups, reducing the need for manual monitoring and update triggers. With Intune, everything is under one umbrella, offering a wide range of options with just a click. No more complicated settings or fragmented workflows. We simply choose the desired policy, perform a few clicks, and our machines are enrolled and updated seamlessly. This streamlined approach has not only boosted our IT team's productivity but also enhanced our overall security posture.

Intune has helped reduce the risk of security breaches by up to 70 percent.

Microsoft Intune has helped our organization save costs.

The many policies available in Microsoft Intune for managing our devices are valuable.

The policies we had in SCCM and AD offered features that are missing from Microsoft Intune.

I have been using Microsoft Intune for one year.

I would rate Microsoft Intune's stability a seven out of ten because it needs more granular policies.

The first level of support is not good but the higher levels are knowledgeable and they are available 24/7.

Neutral

We previously used Microsoft System Center Configuration Manager and switched to Microsoft Intune so we could better secure our personal and corporate devices.

The initial deployment was straightforward. We need a license to join the machines to Azure and then apply the policies we create.

One person is required for deployment.

The implementation was done in-house.

I am satisfied with the pricing.

I would rate Microsoft Intune a seven out of ten.

Intune has helped us consolidate vendors. The consolidation has saved us on licensing costs.

We have 100 plus customers and a team of 20 people using Microsoft Intune.

It's important that Intune's suite is integrated with Microsoft 365, and Microsoft Security for both cloud and co-managed devices.

Intune does not require maintenance but we do need to monitor the status of our devices.

I recommend trying Microsoft Intune.

One plan that we are currently testing for the near future is related to our BYOD fleet. Instead of opting for MDM, we have decided to use Microsoft Intune to manage access to our company through BYOD. Moreover, we plan to use Microsoft Intune to perform autopilot PC deployments in the near future.

We had two distinct issues we needed to resolve with Microsoft Intune for two different use cases. Firstly, for the BYOD scenario, we needed Intune to ensure a sufficient level of security while enabling users to bring their personal mobile devices. Secondly, we aimed to automate PC deployment, even when users are not connected to the network, due to the COVID pandemic and the increase in remote work. Currently, to reimage a machine, users must be on the network. Our goal is to enable them to reimage their machines from home, using autopilot.

We found that Microsoft Intune met our expectations for the BYOD section, and we are optimistic about its potential for PC deployment through autopilot. The main advantage is that Intune performs its intended functions effectively.

As a Microsoft 365 user, we found Microsoft Intune to be a practical choice since it was already included in the bundle. The solution was effective, so we didn't need to look for other options or invest in additional tools. Intune performed the necessary tasks efficiently, making our decision straightforward.

The UI is not user-friendly and has room for improvement.

I have been using the solution for four years.

We have not had a single outage in the last four years. Microsoft Intune is extremely stable.

Microsoft Intune is auto-scalable in the cloud.

The initial setup was straightforward. The deployment required two people from the third party and two of our architects, one for security and one for the network.

We used a third party and our architect for implementation.

We have seen a return on investment because we were able to quickly deploy and start using Intune.

Intune is included in the Microsoft 365 licensing package that we have.

We assessed VMware and found its MDM to be promising. However, since we were already utilizing other Microsoft solutions, and Intune was capable of meeting our requirements, we did not require further evaluation of additional solutions.

I give the solution an eight out of ten.

We have around 10,000 people in over 20 different countries whose devices are managed by Microsoft Intune.

There is no maintenance required for the solution.

I highly recommend Microsoft Intune to others.

Essentially, we use it to manage devices. We are looking at potentially moving away from VMware and bringing mobile devices and tablets into Intune along with desktops and laptops, which we currently manage, so that it serves as an all-in-one active asset list where we can look at the health of the entire technical estate. We can manage against threats. We can roll out apps, policies, et cetera. We can also manage logins, reset logins, et cetera, and it's an all-in-one, 24/7 solution.

Microsoft Intune has absolutely improved the way our organization functions. We're currently going through the AAD migration, so we are transitioning away from the old on-premise domain to Azure. The ability to take devices that were locally managed via AD but weren't managed via Intune is brilliant. We can see who last logged in, who it's managed by, which OS is there when it was last updated, etc. It gives us a micro overview of what's happening there.

Generally, we find it quite useful. We don't use it to the full extent. We've only got a P1 license, but generally, the application health and the ability to create and manage policies are valuable. We can split them very quickly into groups, multiple policies, etc. So, it's those core basics that we use, but they work very well.

It's very informative when there is an error. It allows us to backtrace where the error is and resolve that ourselves. It's a bit of a Swiss Army penknife. We find that it fixes most issues.

I'd like some more reporting so that I don't have to delve into PowerShell and I can pull more of the local device information such as memory, apps installed, etc. It would be nice to be able to see the apps that are present there but might not be managed. For example, if they installed 7Zip, it could report that back via an installed program or feature to see what was currently installed. Generally, it works, and nobody complains about it.

I've been using this solution for a couple of years.

Sometimes, they can take a little while to come back in showing that they are compliant. Typically, they may show us as not compliant even when we are. Typically, we find that it takes a couple of hours or a couple of days at worst for the machines to show as being compliant for them to settle down, but generally, it does what it says on the tin. We can set the policy, and we can put a machine or put a device into a group. That policy gets defined or pushed out, and it works. We can then move on to the next job. From my perspective, it works well, and that's why I'm just looking forward to using more Azure technologies moving forward.

It's deployed across multiple locations, departments, teams, and endpoints.

I haven't had any experience with them.

At the moment, we're using VMware AirWatch, which isn't my first choice purely because it's a super segmented platform. We are predominantly, about 95%, Microsoft. It feels a bit of an oversight not having a solution on a Microsoft platform where we've got full transparency and can make live changes. Currently, we have to go through our outsourced IT to make the changes and then we have to wait to see those changes rather than me or a colleague being able to make those changes in a live environment, so it would be my personal preference to get that moved over, which we're looking at. 

I wasn't a party to why they used AirWatch. I presume it was bundled in with the Microsoft service partner's offering originally. The IT team here is quite new. I've only been in the post for about a month, and my IT manager has only been in the post for about two months. We're just making sure that everything is easy to use and easy to manage, and it's cost-efficient for the charity moving forward.

Essentially, the way it was set up, it wasn't set up as a hybrid model. At the moment, we have got on-premises, and we have a cloud, but they're not joined. There is no passthrough, which is interesting. A lot of the on-premise has been copied over to the cloud. We are now taking the cloud to default, and the overall plan is to mothball the servers and reuse those as very high-powered desktops wherever possible. I just predominantly use the cloud.

I was not involved in its deployment, but in terms of maintenance, typically, our MSP makes the changes, but I've got GA rights to make anything that is critical. Generally, there are about 20 people at the Microsoft solution partner, and there are four of us on the IT team. There are less than 30 people in total.

I'm not sure. Certainly, it has been at least three years since the software has been rolled out, but it's not particularly well maintained by the solution partner. So, it's hard to measure the ROI. It does have merit, but in our particular sector, it's just overkill. We just need to make small and light changes whilst having effective security. We don't need corporate class, biometric/conditional access level security. Whilst we have multiple offices, they're very small. They're all under 20 users, and there's a lot of work from home. So, as long as we've got encryption, a form of AV, an anti-spam, and good account security, it certainly staves off a lot of the threats.

Personally, I feel that we haven't had the ROI purely because we're paying about £13,000 for under 300 users a year, which is a little bit top-sized. My personal feeling is to make a business case to switch to Microsoft Defender. Obviously, we've got P1 in our business premium licensing, so we've got a very basic protection at the moment that we don't use. We've got a large number of credits, and we could use those credits to switch over for a year to a higher project and see where we go from there.

Generally, it's not too bad. Obviously, a cheaper price would be great. Typically, we are in touch with the partner to provide non-profit discounts wherever possible. Generally, we get favorable discounts, so it's not too bad. Obviously, we're looking at decreasing those wherever we can to bring value back to the public purse because it's all charity based. It's all publicly funded.

Create a test group and create test policies, and then just test, test, and test before anything is rolled. It's the usual IT gambit. Test everything, and then just test it again before you roll it out.

I worked for a couple of MSPs before. I've seen it in very remote areas. I'm very impressed with it. Whilst it seems almost fashionable to criticize Microsoft, Intune is pretty much a well-laid-out product. It does what it says it's going to do. There is a lot of dependence on Microsoft products being pushed to it, and that's probably my only criticism. It would be good if Intune was a bit more open-source, but that would lead to more complications. It's a bit of a complicated beast, but generally, I like it.

I'd rate Microsoft Intune a nine out of ten. I'm happy with it.

We use Intune to manage mobile devices and applications. I'm not solely using Intune for the agents installed on each machine. I use the Microsoft Endpoint Manager solution primarily for device configuration, device compliance, and mobile application management.

I have 80 different clients, and their environments vary. We have people that work in offices across multiple foreign countries and domestically. Most have a strictly cloud-based deployment, but a few have a private cloud that we host ourselves. Some have their own data centers. I've got a couple of clients with hybrid environments. None of them are entirely on-prem. Everybody is using a hybrid cloud or completely on the cloud.

Intune helps us from a compliance standpoint by making it easier for system admins to configure devices and ensure they conform to business policies. It gives us more visibility into where the devices are and their postures.

I try to use conditional access policies for every client I can. It's essential for a zero-trust security posture. Conditional access policies make it possible. This dramatically reduces the risk of unpatched devices connecting to our corporate network.

The conditional access policies, compliance, and updates affect employees positively. Once the value is explained to them, they don't complain much about MFA.

You can use Endpoint Manager to see whether or not a device is compliant and apply conditional access policies in Entra to only allow connections to your environment from compliant devices. That significantly reduces your risk from unpatched software because that device cannot connect to your machine or environment. Using those two features together definitely helps protect us.

It saves some time. Either way, you will have to manage an Active Directory environment, but Intune allows you to manage devices over the internet. You don't need to worry if the machines are connected to a VPN or on-site.

The most valuable feature is probably mobile device management. Small businesses are coming under greater scrutiny and requirements for compliance as time goes on. We don't have to worry about a VPN because we can manage these devices, control company data, and lock users out. If needed, we can remotely wipe devices and switch them. 

It's a big deal to be able to assure an insurance company or auditor that our endpoint devices are effectively managed. Intune is a solid solution if you use Microsoft and Microsoft 365 products.

Intune's third-party patch management could be better. It should be easier for an average system admin to keep non-Microsoft applications updated. 

I have used Intune for about six years now.

Intune is highly stable. 

Intune is highly scalable. Thus far, I haven't had to expand it to a thousand users, but the scalability appears to be readily available.

I rate Microsoft support a nine out of ten. I enjoy working with them, and I'm often surprised at how good they are. 

Positive

I've used Rocky MDM and Google MDM. Microsoft is the primary platform on which we do business. Intune works better with the Windows operating system, desktop applications, and SharePoint. It also reduces vendor complexity. I don't require multiple vendors, which reduces my costs because many features are baked into it. 

I log into fewer systems daily. Microsoft's virtual monopoly on productivity applications in your average small business makes them the right choice in most situations.

Deploying Intune is pretty straightforward. It doesn't matter whether you use autopilot or manual deployment. Each machine is enrolled in Intune automatically if it's connected to Azure AD with the correct user licensing. It's a relatively painless enrollment process.

Intune involves some maintenance, like any solution. You must ensure it's still working correctly and helping you achieve your business goals for compliance and configuration of your endpoints.

Meraki and Google are relatively common in small businesses. Many small businesses use Meraki for wireless and networking solutions, so that is one MDM option. Also, small businesses often start with Google and transfer to Microsoft 365 once they mature. Google is already in the environment. I don't sell anything as an IT guy, so I don't care what solution my clients use. I choose what's best for them in that particular instance.

I have tried Okta, but I haven't used it seriously as an MDM solution. I've only used Okta as an SSO provider. I didn't realize they did MDM solutions. I don't understand the point of Okta. If you have Azure AD and Entra, I can't fathom why you would bother with Okta. It seems redundant to me.

I rate Microsoft Intune a nine out of ten. Don't underestimate the solution, and spend time learning about it. Intune has some powerful capabilities. Often, small businesses acquire systems but never fully utilize them because nobody has the time to dive deeply into them. It's a big solution with a lot of features.