Microsoft Intune Reviews

I manage around 3,000 Windows devices across different countries. Before that, I used Microsoft Intune as a consultant at Cluster Reply, working with customers including IVECO Group. Over time, I have also worked with related tools including Autopilot, Autopatch, and Entra ID.

I value Windows Autopilot in Microsoft Intune the most. Devices set themselves up when turned on for the first time, eliminating the need for manual imaging. Windows Autopatch is another feature I use extensively to automate Windows updates across different groups of devices in a safe and phased way. Remediation scripts are also a feature I use frequently because they allow me to execute small scripts that automatically detect and fix configuration problems on devices.

Using Microsoft Intune has helped my organization save time through automatically executing actions remotely on devices. This is a great advantage because we do not need to go physically to each device and execute actions manually. We can use Microsoft Intune to automatically execute them instead.

I use advanced endpoint analytics in Microsoft Intune to verify the health status of our devices. With advanced endpoint analytics, we can identify devices that are in a bad health status and determine the boot status of the devices, including how long they take to start and turn on. This feature provides several other capabilities that are very helpful for IT administrators.

Microsoft Intune is an easy solution for IT administrators, and I would recommend it, though this depends on the organization. There are a few areas where Microsoft Intune still needs improvement. For example, app packaging, policy conflicts, and reporting require attention.

Reporting in Microsoft Intune presents challenges because the built-in reports are often too basic. For detailed data, you usually need to set up Log Analytics and write custom queries. Policy conflicts are another concern, as when two policies target the same setting, it is not always clear which one takes precedence. This can cause unexpected behavior. App packaging is also an area for improvement, as packaging Win32 apps for Microsoft Intune is more manual and time-consuming compared to SCCM, Configuration Manager, which is an on-premise tool.

I have been using Microsoft Intune for over four years.

I would rate the stability as seven. In my opinion, it can be improved because sometimes we experience bugs in the portal, which is why we prefer to interact with PowerShell to automatically perform our tasks.

I would rate the technical support for Microsoft Intune as eight.

I have used Workspace ONE in a few projects. I prefer Microsoft Intune because it is more user-friendly than Workspace ONE, and it is easier to deploy devices and patch managed devices with Microsoft Intune.

Deploying Microsoft Intune is really easy. Compared to SCCM Configuration Manager, Microsoft Intune trades some low flexibility and control for cloud-native scale and simplicity. SCCM still wins for complex software deployment scenarios, but Microsoft Intune is a good upgrade that is easy to deploy without any need for a VPN.

I would say Microsoft Intune saves us about forty percent.

It is a little expensive for organizations using Microsoft Intune. I am aware that Microsoft increased the cost of the E3 and E5 licenses starting from July, and I think that this pricing is a bit expensive.

I use Security Copilot in Microsoft Intune to troubleshoot issues. For example, Copilot is really helpful for understanding policy conflicts because it allows me to understand the root cause of the issue. I also use it to identify non-compliant devices and determine how to remediate them, either by understanding how not to patch the devices or by using an existing catalog rather than a remediation script.

Microsoft Intune provides good integration with other products. For example, it integrates with the HP Portal Company to manage the BIOS settings of the devices and their updates, and it integrates with Configuration Manager and Entra ID. This integration provides a good experience with other products.

My feedback is positive, and I would recommend Microsoft Intune to others. I would say that Microsoft Intune is absolutely the right choice for any organization that is already invested in the Microsoft 365 ecosystem and wants a unified cloud-native endpoint management approach. I give this product an overall rating of nine out of ten.

My use case for Microsoft Intune is to secure data and manage apps on devices such as Windows, Macs, and Android mobiles, effectively managing both organizational devices.

The best features in Microsoft Intune include secure authentication, which I find very favorable, and the fact that we can remotely push applications. For instance, if a user needs any application installed on their device, they will raise a ticket, and we will push the application from Microsoft Intune, which will automatically appear on the device in 30 to 45 minutes, making it easy for users to download. The interface is user-friendly, allowing us to easily find options for apps and devices, and we can quickly locate user details and asset information.

Our company's relationship with Microsoft Intune is that HCL is using it to provide services, and we are from administration supporting the end users, equipped with admin rights and a certificate to do so, and we configure and push applications to their Windows devices.

The enterprise application management feature helps in app discovery, deployment, and automatic updating, as updates are automatically identified within the interface, allowing us easy access to application security groups.

I do use the Cloud PKI feature.

I use Copilot to easily identify corrections needed, for example, if we need to send an email, it will automatically correct it in a formal way, and it also helps provide instant troubleshooting assistance.

I use advanced endpoint analytics for managing secure data and controlling apps from the console.

Microsoft Intune helps to easily detect and remediate anomalies in endpoints; it is very straightforward to identify all issues through the interface.

There is room for improvement in Microsoft Intune's understanding and user experience as the interface is easy to navigate for deploying applications and finding user information, but I think there should be a reduction in dependency on on-premises infrastructure and focus on artificial intelligence and automation to improve further.

I have been using the solution since 2022, with my experience lasting until 2025 onwards.

I absolutely use Copilot.

I utilize the enterprise application management feature.

Negative

The deployment for Microsoft Intune is easy; everything can be understood easily, and we can deploy everything without challenges, making it user-friendly.

It only takes 30 to 45 minutes to deploy Microsoft Intune.

In my opinion, the pricing for Microsoft Intune is somewhat expensive, but I do believe it is a reasonable price.

I would compare Microsoft Intune very favorably, and I can confidently refer end users to use it.

My deployment model for Microsoft Intune is entirely cloud-based and is on Azure Cloud.

Mostly, we have nearly 2,000 end users using the solution.

The solution requires maintenance; we mostly deploy applications and drivers, and if there are any patches, we can also deploy them from Microsoft Intune.

I would rate this review a 10 out of 10.

I work with Microsoft Intune full-time as an integrator. I work on M365 portfolio applications, which are major use cases for Microsoft Intune. Microsoft Intune is for end device management where I handle Windows device management, AutoPilot enrollment, and policies and compliance management for the end devices.

Cloud-based device management is the best feature for me as it impacts my company the most; it is much easier than the previous Configuration Manager or SCCM. Administration and management can now be easily accomplished anywhere, anytime through the Microsoft Intune portal.

Two methods are available: I can accomplish all administration management through the portal, and the same thing can be accomplished using Microsoft Intune Management Shell, which is the command prompt and API.

Microsoft Intune brings all of my endpoint and security management tools into one place.

From a security standpoint, I can manage both BYOD devices and corporate devices; one will be Azure registered devices and another one is Entra ID joined devices. Joined devices will be the corporate devices where end-to-end complete security, compliance, and management is fully owned by the corporate. In the BYOD case, any device can be plugged in and registered to Microsoft Intune platform, which is compliant and compatible with corporate standards. Once that device is registered to Microsoft Intune, security, configuration, and compliance will be applied as per corporate requirements.

I am using Microsoft Intune Endpoint Privilege Management feature. This feature affects user productivity in the company because when a new user joins the company, the same device can be reused at a later time; I can wipe it or reset it, and the entire user profile and applications will be removed from the device so the same device can then be reused for new users.

I am using the advanced endpoint analytics in Microsoft Intune suite; it is another feature. Previously, logs and analytics were available from the local device perspective, but now everything from the end device is sent to the Microsoft Intune portal. Log Analytics and Endpoint Analytics workspaces can be configured to determine what datasets can be fetched by the portal. It is much easier depending on the requirement and need, and analytics requirements can be configured so everything is available in a central repository that can be easily monitored, viewed, and can also be integrated with Power BI for advanced reporting and data manipulation.

I work with Cloud PKI in Microsoft Intune. Many options are available, from the BIOS level to the operating system platform level; everything can be managed from the single, central portal which is Microsoft Intune. Many monitoring options and integration options are available to all the other M365 portfolio SaaS applications. Cloud PKI helps to manage the complexity of certificate infrastructure.

I have worked on UEFI and trust hierarchy based on end devices like laptops or desktops; I have a platform key certificate, PK certificate, and DB certificate. This is at the very core of any end devices and defines what applications can be installed or allowed to install on the end device, trusted by the PKI architecture, which is ideally a UEFI secure boot concept where only trusted applications can be installed onto the end device. Anything listed in the revoked DBX database, known malicious vulnerabilities, cannot be installed or will be blocked from getting installed on the devices.

I am using CoPilot in Microsoft Intune; it can be enabled or is available for the Microsoft Intune portal and all of the M365 application space. I can input my questions and CoPilot provides the best possible answers or methods on how the target can be achieved. I extensively use it for PowerPoint presentations; I provide some very basic inputs and CoPilot gives me a well-structured presentation in different formats. CoPilot is available in Microsoft Intune side, Word, Access, Excel, and everywhere CoPilot is enabled; it is next-generation AI that Microsoft is bringing. CoPilot helps to protect my environment by simplifying my IT and security operations. CoPilot helps with this simplification by identifying the content of the document, such as whether it is internal or confidential, whether it can be shared or if it is a restricted document.

Automations in Microsoft Intune can be more elaborated; KQL (Kusto Query Language) is available, but if multiple automation options were readily available, which would include PowerShell, KQL, JSON, and different interpreters like VS Code or Python readily available from Microsoft Intune, it would help administration and management much better.

I have been dealing with Microsoft Intune for almost four or five years.

Microsoft Intune is stable because since it is part of the Microsoft product suite, it provides 99.9999 SLA downtime.

I rate customer support from Microsoft as outstanding because anytime I can raise my concerns directly through the portal and I get a quick response from Microsoft.

Positive

Before Microsoft Intune, I was using something called Configuration Manager, which is an on-premise solution. Configuration Manager is again Microsoft, the Microsoft Configuration Manager, which is an on-premise solution, not from the cloud. Now everything has been migrated, and everything is from the Azure cloud; Microsoft Intune is part of the Azure cloud solution.

I find Microsoft Intune quite affordable. I rate this solution nine out of ten.

We use it for Android device management. We also work with Autopilot configuration and application deployment. We use Microsoft Intune for WiFi profile deployment and zero-touch migration from Windows 10 to Windows 11.

I used Microsoft Copilot with an Excel file containing more than 2,000 workstations with many models. For just the Lenovo manufacturer, we have 20 models. I uploaded this file to Copilot so it could indicate if a model and workstation were compatible with Windows 11 or Windows 10. We deploy many applications with the enterprise. In Tunisia, we have laws that prevent uploading documents or sensitive data to Microsoft Copilot, which creates restrictions on its use. 

The most valuable feature is that we can manage workstations or Android devices remotely without needing the device to be connected to our local network. This means even if users are on vacation or working from home, we can control it and deploy applications, deploy all features with Microsoft Intune.

The enterprise application deployment is another key feature. We have deployed many applications. Our last project was with our minister of education where there were more than 20,000 new devices that we needed to manage for education. We have many applications that students work with on a daily basis, so we use the enterprise application for deployment of all those packages and software. It helps save manual work.

Microsoft Intune is not as fast and extensive as traditional solutions such as SCCM and others. In SCCM, which is another Microsoft product, there are many logs that we can detect and monitor the deployment of the image, software, and inventory. In Microsoft Intune, there is significant slowness, and there needs to be more logs when we deploy software, parameters, or scripts to troubleshoot problems and errors in the interface, workstations, and Android devices.

Another feature that needs improvement in Microsoft Intune is device preparation. Microsoft Intune is for management. We cannot prepare devices from scratch or bare metal.

They should optimize their licensing. They should include some features for free and the others for a price. Currently, everything comes at a cost.

Microsoft Intune also needs to improve its scenario documentation. While Microsoft articles cover basic scenarios for deployment, they don't address advanced scenarios such as massive deployment, retiring applications, or updating applications.

I have been working with this solution for more than one year.

The solution is stable without any problems with stability or availability. The portal is always ready for configuration when accessed. The only issue is the slowness previously mentioned. When deploying a strategy from Microsoft Intune, sometimes it takes one to two hours to show that the strategy is deployed on the device.

It's scalable. We just need to add more licenses.

There is inadequate support for Microsoft Intune, especially if the problem is on the device. When tickets are opened regarding device problems rather than portal or configuration issues, the support becomes slower and takes considerable time for troubleshooting. They seem to give less importance to device-related problems compared to portal or configuration issues.

Negative

It's a lot easier than the traditional solution where we had to prepare a virtual machine, SQL server, install an agent, etc. It's a SaaS. We can use it as a service. We only need to access the Intune portal, configure the base configuration with the name of the company, and configure the baseline. It's very simple. The only problem is that there is slowness and no place to find logs to identify where the problem is. It is hard to identify if it's in the workstation or the configuration that I made in Microsoft Intune. 

For the basic configuration, it takes approximately one to two days.

It's a part of Microsoft 365 and E5 licenses.

Microsoft's strategy of making every feature in Microsoft Intune paid needs optimization. Remote control is one of the basic features, not a luxury feature, yet we must pay for it. It should be free as users cannot use a solution to deploy configuration and applications without being able to assist users. Even for Android devices, remote control requires purchasing the remote help add-on.

I would rate Microsoft Intune a six out of ten. As a modern workplace consultant, I see everything moving forward to the cloud. However, many features in legacy solutions cannot be migrated suddenly to Microsoft Intune. It needs to be more reliable with better support for full cloud migration.

I am a consultant and architect of Microsoft Intune, and previously I was also an internal customer of Microsoft, using Microsoft Intune.

I work with Microsoft Intune to manage cloud-only devices, mainly Windows, and this includes the migration process from hybrid join to cloud-only environments, enforcing policies via configurations and scripts, and implementing the RBAC model to set up permissions for different roles for customers.

Additionally, I implement macOS with iOS and iPadOS in fully managed mode and personally owned mode, such as BYOD. I am currently focusing on automation, attempting to build a solution that maintains governance, ensuring customers can focus on specific parts of Microsoft Intune and automate the monitoring of compliance of devices and their status.

I tried using Microsoft's Copilot in Microsoft Intune, specifically the Security Copilot, but I have not gained experience with real-world examples. I made an attempt to set up the onboarding agent diligently and managed the device offboarding process.

The most valuable feature of Microsoft Intune for me is its fully cloud-based nature, allowing me to work from anywhere, whether I am using my mobile phone, Windows, or macOS devices, so I can access it from any place at my convenience.

The specific feature that makes me choose Microsoft Intune over other tools is its integration with Microsoft services, specifically the connection with Entra ID, Azure, and collaboration tools. This is the main reason I recommend Microsoft Intune as the proper MDM solution for any company, although I am aware of alternatives such as Jamf or Zebra systems that cater to different needs.

My assessment of the user experience of Microsoft Intune is that it is sometimes good and sometimes poor, depending on Microsoft's infrastructure. There have been outages affecting not only Microsoft Intune but also connected services such as Entra ID, which can be frustrating, especially when demonstrating features to customers and encountering issues.

While there are many aspects that can be improved, such as log visibility and the accessibility of detailed information, I recognize that Microsoft Intune does have room for improvement.

Other areas of Microsoft Intune that could be improved include the enrollment process for Windows devices, which remains quite simple. Customers have expressed a desire for more customization options during enrollment, such as adding custom steps. This capability was possible in the previous Microsoft Endpoint Configuration Manager, leading to questions about why Autopilot does not offer the same functionality.

I have been working with Microsoft Intune for almost six to seven years.

I assess the stability and reliability of Microsoft Intune as being in good shape. It is evolving continually every month with new capabilities and fixes, which is beneficial for all users. I see a promising roadmap ahead, indicating that it is well-managed by Microsoft.

The stability and reliability of Microsoft Intune are crucial for me and my customers, as many of us rely heavily on Microsoft services. Any disruptions greatly impact operations, but fortunately, Microsoft has effective SLAs for its services, so we are not faced with hypothetical scenarios regarding poor performance.

In terms of scalability, I find Microsoft Intune to be an excellent tool for managing devices, designed for simplicity, making it user-friendly from an administrative perspective. With capabilities for scripting and application configuration, it works well for managing hundreds to thousands of devices.

While it supports macOS and iOS, the inclusion of Linux support would enhance its capabilities, considering Linux devices often lack visibility in IT management.

I have communicated with Microsoft Intune's technical support a few times, and my experience has been that I first need to explain my case to L1 support, which can be time-consuming before reaching someone with the necessary expertise, such as product management.

The worst experience involved a limitation related to Windows 11's multi-kiosk capability, which Microsoft confirmed was by design. Conversely, my best experience involved quick communication with a senior-level contact regarding a governance issue in Czech Republic, which was resolved efficiently.

Based on my experience with technical support, I would rate them a six out of ten.

Before adopting Microsoft Intune, I had the opportunity to work with Jamf, which focused on Apple devices, but I have not used other similar tools.

I participated in the initial setup and deployment of Microsoft Intune in different environments, including my own, and I found that the deployment was straightforward. Microsoft's documentation provided clear guidance, which I appreciated.

As for return on investment with Microsoft Intune over the years, I find it difficult to quantify because there remains a need for personnel to manage Microsoft Intune, from L1 to L3 support. It appears that it does not reduce staffing costs, and while AI may offer different advantages, Microsoft Intune alone does not alleviate staffing expenses.

Currently, I do not use Microsoft Intune Suite's Cloud PKI and have only theoretical knowledge about it, as I have not had the opportunity to implement it with a real customer or personally interact with it.

I am not currently using the enterprise application management features of Microsoft Intune Suite due to the strength of the global Microsoft Intune community and the abundance of existing tools such as Enterprise App Management, making it difficult to persuade customers to adopt it.

I also do not use the advanced endpoint analytics in Microsoft Intune Suite, although I understand its KQL language and data usage, similar to the enterprise application management features. Customers are not utilizing it.

Regarding Microsoft Intune's pricing and licensing, I find the default option, particularly Microsoft Intune Plan 1 included in most Microsoft licenses, to be reasonable for managing devices.

However, I consider Microsoft Intune Suite, which includes features such as Cloud PKI and Advanced Analytics, to be quite expensive, making it difficult to justify the cost to customers with large user bases, although I am pleased that Microsoft Intune Suite will be offered partially in E3 and fully in E5, which is a positive development.

Before choosing Microsoft Intune, I did not evaluate other options because Microsoft is so prevalent in the industry.

My overall rating for this product is eight out of ten.

Microsoft Intune is used to deploy business apps, manage BYOD, enforce security policies, and secure company resource access.

For device management, Microsoft Intune is used to manage and secure corporate-owned iOS, Android, Windows, and Mac OS devices from a centralized cloud platform. For application deployment, business-critical apps, in-house apps, and store apps are deployed remotely to employee devices across multiple locations such as retail stores. Remote actions including performing a remote wipe, selective wipe, device reset, lock, or troubleshooting actions are performed if a device is lost, stolen, or compromised.

Day-to-day operations include compliance monitoring, zero-touch deployment, tracking devices' compliance status, and generating reports for audit and security governance. With zero-touch deployment, new devices are provisioned automatically with required apps, settings, and policies using services such as Windows Autopilot.

The best features that Microsoft Intune offers include device management, application management, app protection policies, Conditional Access, compliance policies, and remote actions.

Mobile device management is relied upon for centralized management of iOS, Android, Windows, and Mac OS devices from a single cloud console. For mobile application management, company apps and data are managed and protected without fully controlling personal devices, which is very useful for BYOD. Conditional Access integration works with Microsoft Entra ID to allow access only from compliant and secure devices. Remote device actions include selective wipe, device lock, passcode reset, and device restart options for security incidents. Compliance policies automatically check whether devices meet security standards such as encryption, OS version, password strength, and antivirus status.

Cloud-based management requires no on-premise infrastructure, reducing maintenance costs and improving scalability. Microsoft ecosystem integration provides seamless integration with Microsoft 365, Microsoft Defender, and Microsoft security tools.

The positive impact of Microsoft Intune on my organization includes improved data security by protecting sensitive company data from unauthorized sharing, copy-paste, or downloads. Better compliance is ensured by making certain that devices and apps meet security policies before accessing business resources. Risk of data leakage is reduced through selective wipe that removes only corporate data if an employee leaves or a device is lost.

Better reporting capabilities, stronger Mac OS management, faster policy synchronization, and easier troubleshooting are needed. The main improvements needed are stronger Mac OS management, faster policy synchronization, and easier troubleshooting.

I have been working in my current field for two and a half years.

Microsoft Intune is stable.

Microsoft Intune's scalability is high as a cloud-based platform through licensing expansion and API integration such as Microsoft Graph.

The customer support provides strong documentation, admin support, and ticketing services, though complex issue resolution can take time. Overall, the support is good.

Previously, VMware Workspace ONE and ManageEngine Endpoint Central were used. Microsoft Intune is a very good platform and best for Microsoft ecosystem and cloud-based management, which is why the switch to Microsoft Intune was made.

A return on investment has been seen because on-prem servers no longer need to be maintained. The main advantage experienced in my organization is device management transitioning to a cloud-based model for easier management, which also translates into time saved and money saved.

Measurable outcomes include reduced time for device setup because Microsoft Intune automates device provisioning and policy deployment, which reduces manual setup time for new employee devices. For example, new laptops can be automatically configured with required apps, policies, and settings during onboarding, reducing setup effort for IT teams.

Microsoft Intune's pricing, setup cost, and licensing are good. According to the price, it is very cost-effective, offers strong Microsoft integration, and is secure while licensing is also good.

Before choosing Microsoft Intune, other options were evaluated such as VMware Workspace ONE, which is good for multi-platform enterprise management, and IBM MaaS360.

Microsoft Intune is a scalable, secure, and cost-effective endpoint management solution that aligns with modern workplace needs. I recommend Microsoft Intune for its very good features, including device management, application management, app protection, remote actions, and compliance policies. This review has an overall rating of nine out of ten.

My main use case for Microsoft Intune is its central endpoint management and supporting both universal correct access release and conditional access, while supporting remote and hybrid users with cloud-based device management.

Microsoft Intune has improved our organization by providing faster device setup, better security and compliance, easy centralized management, support for remote users, and reduced IT workload.

We have seen clear improvement in daily operations such as centralized management, where all devices are managed from one console, eliminating the need to handle systems individually. Actions are faster, such as pushing app updates or policies to all users at once, which leads to fewer configuration mistakes because everything is centralized. This results in faster support and fewer repeated issues, improved security, and overall less manual work for the IT team, along with faster issue resolution and a more consistent and secure user environment.

An employee is onboarding and a new user receives a company laptop. When a user logs in with company credentials, the device automatically enrolls into Microsoft Intune Autopilot. The required apps, Office, VPN, and security tools are installed automatically, and security policy encryption and antivirus compliance are applied automatically.

One significant aspect of Microsoft Intune is the automation; all devices follow the same configuration and security baseline, resulting in less manual work due to automated policies and app deployment. It not only manages devices but also enforces uniform setup, security, and reduces optional support across the organization.

Centralized device management is one of the best features Microsoft Intune offers, allowing me to manage all Windows, macOS, Android, and iOS devices from one console and apply policy settings and detection easily.

With Microsoft Intune, applying policy and detecting device status are very straightforward and save a lot of daily effort in real work, including one-time policy applied to all devices, automatic compliance detection, and quick troubleshooting features that save the most time. Compliance is automatically enforced; if a device is not compliant, such as lacking encryption, antivirus, or having an outdated OS, Microsoft Intune automatically flags it and restricts access. If a user disables antivirus, the device becomes non-compliant, and Microsoft Intune detects it automatically, blocking access to the company app until the user fixes it.

One more important point about Microsoft Intune features is the level of automation and integration. Automation includes policy and app deployment where most tasks run automatically, and integration with other security tools combines identity and enterprise security while providing flexibility to support both corporate devices and BYOD with app protection policies.

There are some areas of improvement for Microsoft Intune, including faster policy sync so changes can apply quicker, a simpler interface, better reporting with more details and clear insight, improved troubleshooting, clearer error messages and logs, and stronger support for macOS and Linux, alongside better cross-platform features.

A few more practical points on Microsoft Intune include more real-time control, better patch update control, stronger automation, and a single unified portal. Overall, improving real-time control, automation, and user experience would make daily operations much smoother.

I have been using Microsoft Intune for the last one to two years.

Microsoft Intune is now stable.

Microsoft Intune is highly scalable and designed for enterprise environments.

Customer support is good and properly supported; one-time support is also good.

Previously, we were using no solution, and it was mainly manual work.

Before choosing Microsoft Intune, we evaluated two alternatives: VMware Workspace ONE and Microsoft Endpoint Central and SCCM Configuration Manager. I chose Microsoft Intune because it is fully cloud-based and offers better integration with Microsoft 365 and Azure, making it easier for remote and hybrid environments.

I am a reseller of the company.

We have seen a clear ROI with Microsoft Intune; time saved has reduced device setup from three to five hours to thirty minutes, and there is a workload reduction of around twenty to thirty percent less manual effort from the IT team. Cost savings include lower support and infrastructure costs with no imaging servers; the biggest gain is automation leading to less manual work and faster deployment.

My experience with Microsoft Intune has been generally good, but with a lot of complexity. Pricing is reasonable if you already use Microsoft 365 and can be an add-on. The setup cost is low since it is cloud-based, with no hardware or infrastructure needed, and licensing is flexible but sometimes confusing due to multiple plans and bundles.

My advice to others considering Microsoft Intune includes some simple tips: plan before deployment, start with the pilot, keep policies simple, use Autopilot, and learn the basics of Azure AD security for better management since Autopilot saves time in device setup. I rate this product an eight out of ten.

I am a mobile developer who has been involved in integrating Microsoft Intune SDK into applications. I can provide a general overview from both a developer perspective and a user perspective, as I have been using it corporately with Teams, Outlook, and other applications.

From the developer perspective, I have worked on integrating Microsoft Intune SDK into enterprise mobile applications. This work mainly involves implementing app protection policies, handling policy callbacks, and ensuring the app behaves correctly under compliance requirements.

Microsoft Intune helps enforce enterprise security policies at the application level. For example, when entering a mobile app, users might be required to enter an app PIN, and the system automatically encrypts the data. There are various other features like restricting copy-paste and enabling selective wipe of corporate data.

Microsoft Intune provides strong security controls, including strong application-level security, encryption, and data leakage prevention. A very important feature is the selective wipe capability. Whenever Microsoft Intune detects any rooted device or any tampering with the device, it involves both MAM (mobile application management) and MDM (mobile device management).

From the developer perspective, Microsoft Intune offers centralized policy management, which is another significant advantage because you can update everything remotely without changing the app.

From the user perspective, the experience is quite different because most controls are enforced seamlessly in the background. The primary advantage from the user perspective is the security aspect. Encryption and data protection happen in the background without requiring any manual effort, making the experience more seamless.

A lot of behavior depends on policies configured externally. It is not just that you code and then integrate the SDK. The Microsoft documentation about Microsoft Intune SDK is fairly structured, which is fine. The primary hurdle is the visibility gap between the Intune SDK and the Admin Portal. Improved logging or a 'Developer Mode' for policy simulation would help bridge the gap between the mobile implementation and the tenant-side configurations

There are many policy scenarios that are time-consuming and depend on external configurations. Additionally, the debugging process requires a test environment and dev environment, and getting access to those environments for debugging is challenging. It becomes difficult to determine where issues are occurring and why policies are not being enforced.

One major concern I have is user friction. When you enforce many policies and people log into apps like Microsoft Teams or Outlook, they encounter numerous MFA and other policies. Users feel friction due to additional authentication steps such as PIN or repeated login requirements.

From the user perspective, these restrictions can feel limiting. Blocking copy-paste or screenshots can sometimes feel limiting from a usability perspective. Another concern is limited visibility into why things happen. Users do not get full transparency because they see messages stating "Your device is blocked" or "You cannot access this right now," but the exact reason behind these messages lacks transparency. Additionally, many policies depend on device configurations and compliance. If the device is not compliant, users might lose access, which can be frustrating without clear guidance.

My suggestion for improvements would be better tooling for testing policy scenarios both locally and improved debugging support, which would make developers' work easier with Microsoft Intune.

I have been working as a mobile developer for one and a half years. I have been using Microsoft Intune for two to three years, dating back to university level where we had Teams, Outlook, and other applications. For corporate use, I have been using it for two years, and as a mobile developer, I have been using it for around one and a half years.

Microsoft Intune has been stable. Whenever we log into Teams, Outlook, or apps where we have integrated Microsoft Intune, the policies are getting enforced. However, sometimes when Azure AD  (Microsoft Entra ID) identifiers are not recognizable, the policies do not get enforced in very rare cases. This does not cause any application crash or a hard stop. It simply means that the identifiers are not identified and then policies are not enforced for that account at that point in time.

Microsoft Intune is scalable because you can include it in a variety of apps. As the application users increase and everything else related grows in size, Microsoft Intune is capable of handling all those scales.

We integrate the SDK and then configure the policies. We have a separate team responsible for looking into the configurations in the Azure portal, checking the effects, and managing the endpoint. As developers, we do not have access to that portal. A separate team handles those responsibilities.

As a developer, I focused on the implementation of the Microsoft Intune SDK. While our architecture team decided on the solution, I have researched other SDKs like those from VMware or MobileIron to understand industry standards for app protection policies. We found that Intune’s tight coupling with Microsoft Entra ID conditional access made it the most logical fit for our enterprise environment.

From the user perspective, Microsoft Intune enables access to corporate data and apps even on personal devices, which is convenient. The selective wipe feature builds user trust because only corporate data is removed while personal data remains untouched.

Users get a consistent experience across devices because the policies are centrally managed.