Microsoft Intune Reviews

I am working with a bank to configure backups for auto-billing devices. We have Samsung tablets used in branches with only customer accounts, where customers open accounts using these dedicated devices. We create custom policies for these devices using Microsoft Intune across multiple domains. Some devices are auto-pilot, some are dedicated tablets, and others are hybrid Azure AD joined devices managed by Configuration Manager. We are using Microsoft Intune in three domains to manage those devices.

Microsoft Intune consolidates our endpoint and security management tools into a single platform. We employ specific policies for autopilot devices tailored for global and US requirements, focusing on banking and government security. To address these concerns, we've implemented policies within the bank that restrict USB and Bluetooth access through the attack surface detection feature. This restricted app concept has been applied to autopilot laptops to enhance their security posture by blocking USB devices and preventing unauthorized research build-up.

User experience is generally good when using open internet devices like 3G, 4G, or 5G, as banks often use restricted internet connections.

Intune offers rapid benefits. Any policy, deployment, or change we implement is reflected within two to three minutes for all users. This is especially valuable for managing laptops. We can quickly implement a cleanup policy if user laptops are compromised or accessed without authorization. In the worst-case scenario of a computer being stolen, we can swiftly deploy a policy to secure the device's data within a minute.

It offers rapid policy, deployment, and change implementation, with effects visible to users within minutes. Devices managed by SCCM can also benefit from Intune workloads and policies, providing a unified management approach. Intune and SCCM work together to address security concerns for hybrid Azure AD joined devices. Attack surface reduction policies can be implemented through either platform to protect devices from threats. Intune manages SCCM-enrolled and Intune-managed devices, offering comprehensive security and management capabilities.

Intune has enhanced the productivity of our IT department. We can now establish Active Directory-related policies for public auto-enrollment devices in remote areas like Karachi and Islamabad. Not confined to specific cities, these devices can be managed through autopilot with AD-related policies created on Microsoft Intune. However, these devices are not always on-demand, so we track them using autopilot policies and create eighty policy replicas for each device. This approach is highly effective for managing our large-scale operations, as users often face challenges like requiring USB access while working remotely. We specifically tailor policies for our hundred audit users, who move frequently between locations.

Our bank's most valuable Intune features are centered around the dedicated device concept. We've implemented policies for tabs used by branch employees during account openings and deployed custom policies and applications on these devices using our Rapid Account Opening application. This dedicated device approach and tailored Intune features have yielded excellent results.

Microsoft Intune needs to improve its security policies. I want more secure, reliable, and efficient security policies.

I have been using Microsoft Intune for five years.

We have Microsoft Premium, which entitles us to Microsoft engineer support specifically for Intune. They respond very quickly. When we open a case on Microsoft and select a severity level, we always choose 'A' because we have a production environment. The engineers connect with us within 15 minutes and are highly capable.

We have upgraded support with Microsoft engineers and direct connections with some of them. When we encounter issues related to Microsoft Intune, we directly contact these highly skilled engineers for immediate assistance. They collaborate with us to resolve problems and always require ticket creation to meet our KPIs. We open and close these tickets accordingly. While we manage a significant volume of tickets, our direct relationship with Microsoft engineers ensures efficient issue resolution and support.

Positive

In my previous role, I used IBM MaaS360. Microsoft Intune surpasses MaaS360 with its broader feature set, increased flexibility, and seamless integration with other Microsoft products like Entra for XDR and QRadar. Additionally, Intune offers a more user-friendly experience.

The deployment time for Intune depends on the number of users. For example, an organization with 15 users can take 15 days to deploy. Organizations also using Active Directory and Office 365 Premium require additional deployments so that the total deployment time can reach 25 days.

Intune deployment is straightforward and has a stable internet connection. Given our appropriate EMS E3 and F3 licenses, we anticipate no significant challenges as long as our internet connection remains reliable.

I would rate Microsoft Intune nine out of ten.

After the deployment, Intune requires no maintenance. As long as the internet connection is stable, Intune can ensure all policies work as intended.

Microsoft Intune is the future. Using Intune, we can access other Microsoft tools like XDR through one portal. Pre-COVID users working remotely had to manage laptops not connected by a domain, and now all the devices and policies are managed through Intune.

While Microsoft Intune offers centralized management and policy enforcement, it doesn't consolidate all endpoint and security management tools into a single platform. To comprehensively safeguard systems, additional solutions such as Microsoft Defender for Endpoint are necessary.

Achieving comprehensive endpoint visibility and IT control across various device platforms is a complex task, considering the diversity and freedom inherent in different systems. However, when it comes to deploying and managing devices like tablets, mobile phones, laptops, and specialized devices in Germany, a systematic and organized approach is crucial. Particularly noteworthy is the ability to configure IoT devices, such as numerous thermostats, water control systems, or sprinkler devices. Without a solution like Intune, scaling becomes a challenging issue, especially when dealing with thousands of such devices. Therefore, the use of a system like Intune becomes imperative in addressing these scaling challenges and ensuring effective device management.

On a scale of one to ten, I would rate my user experience with Intune as a six. The lack of intuitiveness makes it cumbersome to track and understand what needs configuration, especially when dealing with aspects like OneDrive and having to cross-reference settings across different areas of Intune.

In the context of securing hybrid work with Intune, our experience involved a two-day effort to configure the certificate for the Conditional Access server. However, once this initial setup was completed, we successfully configured VPN access for mobile phones. Despite the initial complexity, especially for a large company, Intune delivered on its advertised promises and proved effective in fulfilling the intended security functions.

Intune's effectiveness in securing data on company and BYOD devices is based on distributing security configuration data. While valuable, Intune has limitations, and comprehensive protection against cyber threats requires a sophisticated approach, including hybrid artificial intelligence solutions like Microsoft Defender for Endpoint. While Intune aids in system configuration, detecting and preventing attacks demands a more advanced defense strategy, comparable to sophisticated endpoint protection. Hybrid AI, with continuous human input, enhances threat evaluation, recognizing nuanced situations like suspicious timings in actions on developer endpoints.

It positively impacted IT productivity within the organization by enabling the secure addition of thousands of mobile phones to the VPN. In this regard, it performed effectively.

It played a crucial role in mitigating the risk of security breaches by securely distributing VPN certificates. While effective in this aspect, it's important to note that this alone is not sufficient. Endpoint security, such as developer endpoints, is analogous to having specialized tools for reading and managing complex systems.

It significantly contributed to cost savings. Manual configuration for each mobile phone would have taken approximately an hour per device per year, amounting to three or four thousand hours annually. However, with Intune, we accomplished the task in two days for five thousand devices, equivalent to around one hundred sixty hours. This resulted in substantial efficiency, reducing the effort from an ongoing five thousand hours per year to a one-time investment of a hundred sixty hours.

One of the most valuable aspects of Microsoft Intune is its seamless integration with Azure Active Directory, offering capabilities akin to Group Policy Objects. This integration provides a centralized platform for managing and enforcing policies, ensuring the stability of configuration data across devices, resembling the familiar functionalities of traditional group policies in an on-premises Active Directory environment.

In utilizing Intune's endpoint privilege management feature, I've primarily focused on configuring VPN access and certificates, although I'm not an Intune specialist. It's versatile enough for both configuring VPN access and managing large-scale IoT servers. For instance, in building management systems, especially in large structures like bank buildings, where numerous actuators are involved, configuring and securing them becomes a complex task. Intune proves valuable in this context. However, it's essential to recognize that while Intune serves as a powerful tool, relying solely on it is insufficient for comprehensive system security.

The integration of Intune capabilities with Microsoft 365 and Microsoft Security is crucial. As mentioned earlier, securing your machine requires tools like a developer endpoint, and relying solely on Intune may not be sufficient. While Intune allows configuration and deployment of Defender for Endpoints, having a dedicated tool is essential. The unique selling point of Microsoft lies in its seamless integration, especially notable for those working with Linux systems, where Microsoft's comprehensive integration sets it apart.

In terms of configuration, my experience with Intune is somewhat mixed. The configuration tool appears to be scattered throughout the Intune interface, requiring frequent navigation back and forth. The web interface, while functional, isn't particularly user-friendly, leading me to find PowerShell a preferable option. However, using PowerShell involves investing time in developing scripts. The challenge lies in the complexity of navigating between profiles and MDM configurations. Multiple windows need to be open simultaneously to grasp the overall configuration landscape.

I wish there was an improvement in the configuration process, as currently, it involves navigating through different locations with multiple windows open. Having a dedicated configuration server that assists in modifying the configuration service, and creating personalized structures, interfaces, and web services could enhance usability.

I have been working with it for three years. 

When evaluating stability, it's essential to consider the multitude of adversarial attempts, particularly from military opponents engaging in hacking activities. Microsoft has demonstrated its capability to withstand and defend against such sophisticated attacks, setting a high standard for security.

Considering the extensive number of support calls, I believe Microsoft handles them as effectively as possible. I would rate its customer service and support eight out of ten.

Positive

In the past, we utilized Windows services.

The number of people required for deployment depends on the specific tasks at hand. For instance, implementing the VPN solution involved five individuals, including specialists for firewalls and virtualization for the server endpoint. If the focus is solely on Intune-related tasks, one expert may be sufficient. However, in typical scenarios where Intune is used for onboarding machines or mobile device management, you'll need administrators with access to the relevant machines. It functions as a collaborative administration tool, and the required personnel would depend on the number of departments involved.

The pricing is inherently reasonable, as Microsoft leverages market insights to maintain the total cost of ownership at around ninety to ninety-five percent of what would be incurred in an on-premise scenario. Microsoft products inherently benefit from economies of scale and global reach, making them cost-effective.

It aids in vendor consolidation; otherwise, we would have had to manually configure around three thousand mobile phones.

It impacts the security posture positively when you are aware of what you configure and can update configurations promptly. However, as mentioned, the need for artificial intelligence in Endpoint Protection remains crucial.

I would recommend subscribing to reputable YouTube channels that focus on Intune or related topics. Building a strong foundation and gaining practical experience is crucial to understanding the intricacies of Intune. Overall, I would rate it eight out of ten.

My use case for Microsoft Intune is to deploy applications and enroll devices, pushing the apps to the devices.

Microsoft Intune brings all of our endpoint and security management tools into one place.

The integration of Microsoft Intune with Microsoft 365 and Microsoft security for cloud and co-managed devices is flawless.

Microsoft Intune works smoothly for discovery, deployment, and automatic updates.

Microsoft Intune helps simplify our IT and security operations as it takes less time, and it's easier to use than SCCM.

Microsoft Intune is flawless for securing hybrid work and protecting data on company and BYO devices.

We are using Microsoft Intune's endpoint privilege management feature. For enforcing least privilege access with Microsoft Intune, we use Entra ID. It restricts unauthorized access, requiring roles to be activated to proceed with necessary tasks, enhancing security.

Microsoft Intune has positively affected my IT productivity, as the decisions made at the enterprise level show it to be a more efficient way than SCCM.

In Microsoft Intune, everything is great. The interface is user-friendly, and the reporting tool works in real-time. Uploading the content is fine as well.

There is room for improvement in server patch management and allowing direct uploads of EXE applications instead of needing to convert them to Intune format, which would save time.

I have been using Microsoft Intune for more than one and a half years.

We have not experienced any issues. I would rate the stability of Microsoft Intune a nine out of ten. 

We have approximately 90,000 devices in our organization. We have multiple locations across various regions of the world. In our IT team, there are about ten people working with Intune, with plans to add more.

I would rate the technical support for Microsoft Intune an eight out of ten.

Positive

Previously, we were using MECM. The reason for the switch to Microsoft Intune is that the organization I work for has migrated to Intune. Microsoft Intune is far more efficient and faster than MECM. The deployment would take a lot of time in MECM; Intune is quite faster.

We are still using SCCM for cloud PKI as it hasn't been migrated.

Deploying Microsoft Intune in the cloud was complex as the previous work needed to be deleted and recreated, which wasted time.

Microsoft Intune saves about 10% to 15% of time. For example, deploying a 2 to 3 GB application at an enterprise level typically takes around one hour to one and a half hours, but with Microsoft Intune deployment, it gets completed in 30 to 40 minutes.

Microsoft Intune saves us around 10% to 15% in resources.

We are using Microsoft Copilot in Intune as an AI tool; it doesn't protect much, but it is handy for our users.

I would recommend Microsoft Intune to other users, especially those using MECM or SCCM, because Microsoft is ending support for older solutions.

Overall, I would rate Microsoft Intune an eight out of ten.

I am using Microsoft Intune at my site, where my company, we have 450 clients, and we manage their accounts using Microsoft Intune. I have credentials from the company, and I'm managing them using these credentials. Under my supervision, there are one hundred and fifty devices.

Using Microsoft Intune, it has streamlined the process from manual to automated for managing users, applications, and data. This simplification allows us to handle everything from a single interface, eliminating the need for manual, one-by-one handling. This change has been significantly beneficial.

I particularly appreciate the administration and security features, which can be deployed easily. 

They are user-friendly, easy to understand, and convenient for managing user accounts. Deploying company policies for users is very efficient, and we can easily administer tasks, which is a positive aspect of Microsoft Intune. 

It's quite convenient and easy to manage, allowing us to handle multiple users and their applications without putting in much effort. This has improved our user management by enabling us to do so from one point, reducing the need for previous multiple software.

The security aspect could be more effective. We are using other applications to manage network devices and groups, so if Microsoft Intune could improve in this area, especially on a network level, it would be a real advantage.

I have been using Microsoft Intune for two years.

I would rate the stability of Microsoft Intune around seven and a half out of ten. While generally reliable, there are instances like the global incident with Microsoft where some time was required to resolve the issue.

I would rate the scalability as eight out of ten. Microsoft Intune effectively handles scaling as required by our organization.

I would give an eight out of ten for customer service. Microsoft support is generally helpful, although there was a delay during a significant incident affecting many clients.

Positive

We were using six different applications to manage data, policies, and users. Microsoft Intune has consolidated these into one platform, which is more effective, saves time and cost, and requires less storage.

The initial setup was fairly straightforward. It required staff training and a transition period of about 45 days to move from previous applications to Microsoft Intune.

I cannot provide specific details on costs or pricing since I do not directly deal with that aspect, however, the organization is satisfied with the pricing.

I would recommend Microsoft Intune because it's an all-in-one solution that simplifies task management across organizations. 

For overall value, I would rate it eight out of ten.

Our customers primarily use Microsoft Intune for core management tasks, often in conjunction with System Center Configuration Manager, especially for Apache-related matters. Intune is also crucial for mobile device management, policy deployment, and ensuring robust security, particularly when activating and deploying security features like Defender to endpoints.

Some of our customers implemented Microsoft Intune because of integration issues and old legacy operating systems.

We use Intune in on-premises, cloud, and hybrid environments.

Intune brings all of the endpoint and security management tools into one place. They have also integrated it with non-Microsoft operating systems, which is a huge plus.

Consolidating endpoint and security management tools into a single platform offers significant benefits for our IT and security operations teams. With centralized visibility, they can gain better control over their systems, identify potential vulnerabilities, and take proactive measures to protect customer data. This enhanced oversight empowers them to address security gaps effectively and ensure a more secure environment.

From the user perspective, the Intune experience is exceptional for those familiar with it. However, for those still learning the technology, it suggests that Intune is user-friendly and straightforward to comprehend.

Intune offers administrators enhanced visibility, control, and ease of management. Patching and updating devices is streamlined, while end users benefit from simplified onboarding, intuitive usage, and robust security features like conditional access.

Intune is essential for safeguarding data on company and BYOD devices, especially in hybrid environments.

Intune significantly enhances IT productivity within our customers' organizations. Before Intune, administrators often struggled with visibility and management, particularly for mobile devices and laptops. They wasted time searching for assets and deploying numerous tools to achieve visibility and enforce management policies. Intune streamlines this process by eliminating the need for hundreds of agents. Simply implementing Intune provides the necessary visibility and management capabilities.

Intune offers significant cost savings. By comparing its licensing model to third-party solutions, we can easily see the return on investment in terms of reduced business expenses. Intune can help businesses save between 35 and 45 percent.

Intune simplifies vendor management by providing visibility into end-of-life dates for most hardware, especially laptops. This makes it easier for administrators to monitor the support status of both software and hardware. By tracking updates and end-of-life information from various vendors, administrators can easily view this data in a consolidated summary.

Before implementing Intune, their security posture was significantly lacking, with most organizations scoring below 20 percent. However, after Intune deployment, especially for banks, compliance became a crucial factor. Intune’s recommendations on improving security scores, particularly Secure Scores, have been instrumental in boosting their ratings to between 75 and 85 percent.

The consolidation has impacted licensing costs due to centralized oversight and dashboards. This raises questions about whether we should continue with the current approach or explore alternative options like Microsoft or a more standardized solution. There is a significant cost advantage to vendor consolidation and visibility.

The core management feature in Intune is invaluable to us, especially considering the challenges we often face with System Center when pushing external updates. Intune has proven to be a game-changer for me in this regard.

Intune's privilege management feature, while beneficial, is less intuitive than other Intune features, making it challenging to use. To improve this, more demonstrations and technical sessions would be helpful.

If Microsoft offered a standard license trial that allowed customers to experience its capabilities, customers would be more likely to purchase Intune.

The technical support has room for improvement.

I have been using Microsoft Intune for six years.

I've never encountered any performance problems with Intune. The largest deployment I've undertaken was for ten thousand devices, and even then, I experienced no issues with the Intune platform.

Microsoft Intune is highly scalable.

We encountered an issue once, but unfortunately, we had to seek support on our own. Therefore, Intune support is particularly challenging.

Neutral

We use VMware, Citrix, and various other third-party tools for MDM. These tools include Qualys, GFI, Managed Engines, and others, each offering different functionalities and service levels.

Intune offers a more straightforward licensing process than other vendors. Additionally, its integration capabilities, especially with Microsoft products, are generally smoother and less problematic than many third-party solutions. This allows for a more direct and measurable path to success, enabling users to assess their progress even in the early stages of implementation. 

I have been familiar with Microsoft products for some time, making the initial deployment of Intune relatively straightforward. We begin with a customer immersion session, where we sit with the client to conduct a workshop. This workshop ensures they fully understand the Intune solution's capabilities and limitations. We then establish clear objectives and goals for successful deployment. Our engineers work closely with the customer on-site, deploying the solution and training designated champions to assist user adoption. Following this, we provide comprehensive training and a transition period for the entire organization.

The number of users in an organization determines the number of people needed for a deployment. For organizations with fewer than 500 users, a team of five to six people would suffice. However, organizations with more than 1000 users may require a team of ten.

I would rate Microsoft Intune eight out of ten.

Intune's low maintenance requirements make it a valuable asset for our clients. Once implemented, Intune typically requires minimal ongoing maintenance, ensuring a smooth and efficient experience.

The integration of Intune's capabilities with Microsoft 365 and security for both cloud and co-managed devices is crucial as we transition to the cloud. Intune's visibility into devices provides significant value, and neglecting this integration would be a disadvantage for administrators as cloud-based management becomes the norm. Therefore, incorporating Intune into your cloud migration and strategy is essential for effective device and mobile phone management.

I highly recommend Intune to others. Its visibility feature is imposing. With visibility comes control, and a quick demo can showcase the potential benefits. By highlighting the need for more visibility in their current setup, it's easier to convince them of Intune's value. This also simplifies discussions and makes the decision-making process smoother.

We use Intune to deploy and control applications on mobile devices and to remote patch and wipe endpoints. We also use it for various other endpoint- related operations.

Intune provides centralized access to the complete environment. It has helped us secure hybrid work and secure company data on hybrid devices. 

It has improved the productivity of our infrastructure and application teams as well as our end users. Intune has helped us quite a bit. I havent' calculated the ROI, so I'm not sure how much it has saved us, but it has streamlined our application process and improved application availability. 

Our main use is Intune's management of mobile devices, like Android or iPhone devices. The application performs quite well for both types. We successfully managed almost 3,000 endpoints. 

From a security perspective, we apply various password patches in application control, but we use a different product. Intune meets our expectations and requirements for device and application control, but it might not fulfill your needs for other purposes, such as security. 

It's quite a thorough solution that gives you a complete inventory of everything you have on your laptop or mobile device. It offers extensive visibility.

Intune could add more features that are relevant to the core application control functions. For example, it would be helpful if it had more control over the on-prem environment from the cloud platform. Greater Teams availability in the Saudi market would also be helpful. 

I have worked with Intune for three years.

I rate Intune nine out of 10 for stability. 

I rate Intune nine out of 10 for scalability.

I rate Microsoft support five out of 10. Unlike some other vendors, Microsoft support is not that efficient, but if you have implemented the solution correctly from the start, then you won't need support that much.

Neutral

Intune isn't an easy deployment.

We used a small Middle Eastern firm as a system integrator.

We evaluated Ivanti, but we decided to use Intune because it was available as a SaaS.ker 0

I rate Microsoft Intune eight out of 10. If you need endpoint management and control, Intune will be right for you, but I don't think It can meet your expectations if you need something else. For new users, I suggest having Intune implemented by a security or application architect. Otherwise, you may face problems later that you cannot troubleshoot.

We were using SCCM to build and manage our machines and to control the AV, and everybody left the offices for the pandemic. We did not have an external management point. Oh. And we realized we lacked a method of control. After hassling Microsoft over a question of semantics, we finally got our answer, and we quickly scrambled over two weeks to push out Defender while everybody was still in the office. The other part was to move toward Intune. 

We started testing that and went in both directions. We tried domain and nondomain. We eventually worked backward, redid it again, and took all of our workstations off the domain. Now, none of our workstations are running on the domain. We build everything from Intune. The company gets a list ahead of time from vendors like Dell or HP, so we can have a laptop sent directly to an individual without ever touching it. They sign in, and it simply asks for their password. 

The biggest benefits of Intune are the ability to push changes and the added security. When we moved forward with Defender, we onboarded all those machines automatically. That helps dramatically. For a while, we were left with machines that weren't protected. We could see where people had done things they shouldn't have done, and Defender saved our skins a few times. It didn't happen a lot, but it happened enough that it made us glad we made that decision. 

Intune has enabled us to manage our remote workers' devices, which has been especially helpful since the start of the pandemic. My guys spend less time troubleshooting. If they're going to spend more than about an hour on an issue, it's a little easier to just reset the machine and reinstall everything again. It saves a lot of time. 

We're a much smaller group, so it worked out better for us. We've been able to push out products that we hadn't planned on. We had to push out certificates because we decided to go with a Cloud RADIUS provider and moved to certificate-based authentication for wireless. We've leveraged that same certificate to turn on 802.1x in all our offices to secure the wired networks. And all of these things have made it possible to roll out DNS filtering. Once again, all through Intune. We could enable all these pieces that we would need to turn on one by one with Intune in place.  

The company needed something that could be agnostic, so it didn't matter where it was. Half our workforce doesn't work in the office. We've downsized our primary office, and leased over half of it to other companies with subleasing. We don't need as much space anymore. Our workers are still working, and they're not required to be in the office more than three days away. Intune ensures that everyone can work remotely and securely. You can't log into our Office 365 environment from a non-managed device. Almost everything is in Office 365. We use nearly every piece of it. We use Teams for communications and switched to Azure Virtual Desktop at the end of 2019. We were a Skype customer then, so it wasn't hard to switch. 

We continued to shrink our footprint as we adopted more and more SaaS offerings. Unfortunately, finance and some other use cases cannot be in the cloud. You still need on-premise Bloomberg terminals, and other companies require you to have circuits to run them. We have to redirect certain things, which is why we have the VDI in place for a handful of users who require those internal resources when they work remotely. Intune is what made all that easy and possible. I don't think we would ever change that. My guys like it. It has simplified things. 

At the end of the day, we do touch the machines, but we don't need to. And we know if we didn't have to. Previously, a machine got left in an office, and we just walked through somebody wiping it, where you assign it to them, and they log back into it. In the worst-case scenario, we can just pull something off a shelf like that.

We had to learn the hard way which machines work in our environment. It's nothing against the company, but we will no longer buy Dell because their business platforms only use Intel chips, and we can no longer afford to use Intel chips. It doesn't work for our needs. I can get AMD chipsets that are generally cheaper and perform better. They aren't throttled for some of our applications the way Intel chips do. People have been happier since we made that migration a little over a year ago. 

We replaced many machines and onboarded people after acquiring a couple of other companies, and they were shocked at the difference between the machines we gave them and what they were used to working with. They just had always put up with that, and so had we. With Intune, it didn't matter what we purchased because it already had Windows loaded on. It was simple and easy to move forward.

Intune has reduced our build time from four hours per build to an hour or an hour and a half on a slow day. That's getting the Office 365 stuff to download and install. The other apps are secondary. When somebody logs in to a machine, the apps start downloading. We could give somebody a machine they've never seen before, have them sign in, and they're ready to work in an hour and a half. That's a tremendous amount of time saved, and there's nothing left for us to do.  We just make sure everybody who's supposed to be in a group has the assigned apps that the group needs to have. They're installed automatically.

The biggest problem we ever have is when something goes out of date after 30 days when nobody has logged into it. We do have a problem trying to get those back online. We've been working with Microsoft to resolve that problem, but that's been the only issue that we've had in the last few years.

Out of the box, Intune works reasonably well. They will continue to think of new ways to improve. Some of the policies could use some work to align more with what people are used to, but it's getting there. It's coming along, and I'd like to see how Security Copilot comes into play. You could have Copilot build things based on what you request. It could help put policies in place and look at your current policies. 

Unfortunately, we've had stuff out there for four years, and it's not working properly. A tool like Copilot could assess my policies, find weaknesses, and tell me where to make changes. That would be a great benefit.

I've had a constant battle with the DLP component, and no they're not going to have a choice. If they want to go with Copilot, we will need to start classifying documentation whether we want it or not. There will be a big fight when I get back of it. There's a fight. If you want you want you say you want copilot when it comes out, but if we have a classified stuff, it's not gonna work the way you wanna too. I heard so. Yeah. That's a problem. I heard someone talking about

We started testing Intune at the start of the pandemic, and at the time, it didn't seem to be quite as ready as they claimed it was. It was still being pieced together when we adopted it. However, it worked out well. While everybody else was scrambling during the pandemic to get on Teams and Azure Virtual Desktop, we had done that in the previous December, so by pure luck, we were ready to walk out the door. 

And I think it's scalable, honestly, but it's it's also about mentality, whether you believe it's you wanna spend the time to make sure that it's scalable. You know, I I I don't think I've been a big fan of getting away from domain services for the longest time. Think I don't see the point anymore. It's we use it very rarely. I so, you know, everything should be cloud based. It's a way to go. I mean, if you can run it that way,

We don't usually deal with Microsoft much. We have a CSP in place. However, sometimes we're dealing with a backend problem, and the CSP will take longer, so we'll go straight to Microsoft. When that occurs, Microsoft typically handles those issues reasonably quickly. When I contact Microsoft, I usually go through several engineers before I get to someone who can help. That's normal, but it doesn't drag out.  

Years ago, when we paid for enterprise support, I felt it dragged on forever because I went through the same process. I'd talk to a first-level engineer, and we had to escalate to tier three before we finally got somebody who understood what was going on. They would see the problem but not know how to fix it. They never had a resolution half the time.

The initial setup was easy, but we had lots of time during the pandemic. I had that all set up in my living room that first summer, working on it remotely. There were some pains because it wasn't all there yet. It wasn't until about July 2020 that most of the pieces were in place. It took another year before the rest was solid. However, to be fair, people adopting Intune now will get a mostly finished product.

Intune has a cost advantage if you get it with a bundled Microsoft license. If you have E3 licenses, you already have access to Intune, so you're not paying anything extra. That's a huge savings right there. Back in the day, people always wanted Office, but they didn't wanna pay for it, so you would use Open Office. That was my go-to 10 years ago. Now, I recommend the opposite. You need an Office 365 account. Don't think it is as paying for Office. That's not what you're buying.

For $7 dollars a month, you're getting a terabyte of storage in OneDrive and all the apps. You won't get that from Google. It's about cost, and it's even better if you get those bonuses with it. 

I rate Intune eight out of 10. I've never seen anything perfect, but it is an excellent fit for our environment. This is the smallest company I've ever worked for in my professional career, so it works well for us.

The primary use case for Intune is to enable user access to authorized data and applications like Outlook and Microsoft Teams, whether they are using corporate devices or their personal ones. By enrolling these devices in Microsoft Intune, users gain access to organization data, effectively turning their device into a mobile office laptop.

In our work, we have experienced the advantages of using Microsoft's services, particularly when it comes to handling certificates and inventories. Microsoft's capabilities in these areas have prompted many people to transition their operations to Microsoft.

One of the standout features of Intune is its seamless accessibility to work data, eliminating the need to be tied to an office or a desktop. Whether on iOS, Android, or other mobile devices like tablets, users can effortlessly access essential tools such as email, Microsoft Teams, and custom business applications, enhancing productivity. This capability became especially crucial during the COVID-19 pandemic, when remote work setups became the norm, making Intune a prominent solution for remote access to corporate resources.

Intune's areas for improvement, especially since its implementation in June, revolve around security and certificate management, primarily related to personal devices known as BYOD. While there are policies in place to prevent data transfer between corporate and personal apps, there is room for further enhancing security measures for devices that aren't corporate-owned but are enrolled to access organization data. Tightening security in this context is a key area in which Intune can continue to evolve.

I have been using Microsoft Intune for six years.

In terms of stability, it largely depends on how well security measures are implemented. Ensuring that devices are properly secured and monitored is crucial for stability, especially in situations like a lost device where sensitive data is at risk. Security awareness and access controls play a significant role in maintaining a stable environment. Multi-factor authentication and additional conditional access measures, such as fingerprint access, are used to verify the user's identity and protect data. I would rate the stability of the solution as a nine out of ten.

The scalability of Intune is highly rated by engineers for its flexibility. It is easy to scale, primarily due to the licensing options. You can start with a smaller scope, say, with 40-50,000 employees, who want to use corporate devices with Intune. As your organization grows, you can easily expand, going up to more than 100,000 users, and incrementally add licenses as needed, be it on a quarterly or monthly basis. This makes Intune a versatile solution for businesses of various sizes. At our company, for mobile devices and laptops, we have 30,000 users. I would rate the scalability of the solution as a ten out of ten.

The experience with Intune support has been generally positive, although there has been a learning curve for support staff. Initially, there were some challenges, with different teams involved, which sometimes resulted in less than optimal solutions. However, the situation has improved over time. On a scale of one to ten, I would give an eight out of ten rating for Intune support. It is a generally positive experience with room for further enhancement.

I would rate the complexity of the initial setup as a seven out of ten. However, if you have prior experience with MDM solutions or other MDM platforms like MobileIron, AirWatch, or IBM's MaaS360, the process may be more straightforward. Intune deployment typically takes a few weeks. The deployment involved a team of over 35 people to cater to a user base of around 30,000 in an automobile company based in Canada. The process began with testing and policy configuration over a month, focusing on aspects like data restrictions and copy limitations. After the pilot phase, Microsoft provided a pricing model, and a migration process took place over two to three months. This involved transitioning users from BlackBerry to iOS and Android and incorporating Windows Autopilot for Windows laptops, both new and existing. The onboarding process also extended to HP and other vendors.

I find the pricing for Microsoft Intune to be quite reasonable. It is available through various licensing options, including E5 Enterprise, E3 Enterprise, and as a standalone product. E5 Enterprise provides Intune as part of a bundled package, while E3 Enterprise offers it separately. Microsoft offers several licensing options, allowing organizations to choose the one that suits their specific needs. Before deploying, there is a free trial period of one month where you can test it with up to 50 devices. Once you have an understanding of your needs and Microsoft's pricing, you can choose the right model and device enrollment numbers. After the trial period, they offer a budget of around $120 for you to allocate according to your requirements. The pricing is then converted into a pro-rated monthly basis, depending on the volume of devices you need to manage, whether it is beyond fifty or a hundred. This flexible approach is advantageous for users. Overall, I would rate it as a seven out of ten in terms of costliness.

In comparison to earlier vendors like IBM, AirWatch, MobileIron, and SOTC, Microsoft Intune stands out as more flexible and user-friendly. These earlier systems were rigid and required IMEI numbers, making them less adaptable. Intune, on the other hand, is simple, similar to Azure, and excels in terms of scalability and versatility. Creating device-switching policies in Intune is straightforward and visually intuitive. It involves selecting the appropriate profile and specifying the device type (iOS, Android, or Windows). The options are readily accessible, making Intune an easy-to-use solution for managing mobile devices and endpoint management tasks.

I highly recommend using Microsoft Intune, especially in today's remote work scenario driven by the COVID-19 pandemic. It is a robust solution for managing corporate and BYOD devices, ensuring that they are properly configured and secure. Intune simplifies end-to-end device management, from pushing policies to implementing multifactor authentication, and it's the best option in the market right now. While VMware Workspace ONE and AirWatch are good, Microsoft Intune stands out, as evidenced by its popularity among clients, with more than 80% opting for it. It is definitely worth considering and conducting a proof of concept to see how it can benefit your organization. Overall, I would rate the solution as a nine out of ten.