Microsoft Intune Reviews

Essentially, we use it to manage devices. We are looking at potentially moving away from VMware and bringing mobile devices and tablets into Intune along with desktops and laptops, which we currently manage, so that it serves as an all-in-one active asset list where we can look at the health of the entire technical estate. We can manage against threats. We can roll out apps, policies, et cetera. We can also manage logins, reset logins, et cetera, and it's an all-in-one, 24/7 solution.

Microsoft Intune has absolutely improved the way our organization functions. We're currently going through the AAD migration, so we are transitioning away from the old on-premise domain to Azure. The ability to take devices that were locally managed via AD but weren't managed via Intune is brilliant. We can see who last logged in, who it's managed by, which OS is there when it was last updated, etc. It gives us a micro overview of what's happening there.

Generally, we find it quite useful. We don't use it to the full extent. We've only got a P1 license, but generally, the application health and the ability to create and manage policies are valuable. We can split them very quickly into groups, multiple policies, etc. So, it's those core basics that we use, but they work very well.

It's very informative when there is an error. It allows us to backtrace where the error is and resolve that ourselves. It's a bit of a Swiss Army penknife. We find that it fixes most issues.

I'd like some more reporting so that I don't have to delve into PowerShell and I can pull more of the local device information such as memory, apps installed, etc. It would be nice to be able to see the apps that are present there but might not be managed. For example, if they installed 7Zip, it could report that back via an installed program or feature to see what was currently installed. Generally, it works, and nobody complains about it.

I've been using this solution for a couple of years.

Sometimes, they can take a little while to come back in showing that they are compliant. Typically, they may show us as not compliant even when we are. Typically, we find that it takes a couple of hours or a couple of days at worst for the machines to show as being compliant for them to settle down, but generally, it does what it says on the tin. We can set the policy, and we can put a machine or put a device into a group. That policy gets defined or pushed out, and it works. We can then move on to the next job. From my perspective, it works well, and that's why I'm just looking forward to using more Azure technologies moving forward.

It's deployed across multiple locations, departments, teams, and endpoints.

I haven't had any experience with them.

At the moment, we're using VMware AirWatch, which isn't my first choice purely because it's a super segmented platform. We are predominantly, about 95%, Microsoft. It feels a bit of an oversight not having a solution on a Microsoft platform where we've got full transparency and can make live changes. Currently, we have to go through our outsourced IT to make the changes and then we have to wait to see those changes rather than me or a colleague being able to make those changes in a live environment, so it would be my personal preference to get that moved over, which we're looking at. 

I wasn't a party to why they used AirWatch. I presume it was bundled in with the Microsoft service partner's offering originally. The IT team here is quite new. I've only been in the post for about a month, and my IT manager has only been in the post for about two months. We're just making sure that everything is easy to use and easy to manage, and it's cost-efficient for the charity moving forward.

Essentially, the way it was set up, it wasn't set up as a hybrid model. At the moment, we have got on-premises, and we have a cloud, but they're not joined. There is no passthrough, which is interesting. A lot of the on-premise has been copied over to the cloud. We are now taking the cloud to default, and the overall plan is to mothball the servers and reuse those as very high-powered desktops wherever possible. I just predominantly use the cloud.

I was not involved in its deployment, but in terms of maintenance, typically, our MSP makes the changes, but I've got GA rights to make anything that is critical. Generally, there are about 20 people at the Microsoft solution partner, and there are four of us on the IT team. There are less than 30 people in total.

I'm not sure. Certainly, it has been at least three years since the software has been rolled out, but it's not particularly well maintained by the solution partner. So, it's hard to measure the ROI. It does have merit, but in our particular sector, it's just overkill. We just need to make small and light changes whilst having effective security. We don't need corporate class, biometric/conditional access level security. Whilst we have multiple offices, they're very small. They're all under 20 users, and there's a lot of work from home. So, as long as we've got encryption, a form of AV, an anti-spam, and good account security, it certainly staves off a lot of the threats.

Personally, I feel that we haven't had the ROI purely because we're paying about £13,000 for under 300 users a year, which is a little bit top-sized. My personal feeling is to make a business case to switch to Microsoft Defender. Obviously, we've got P1 in our business premium licensing, so we've got a very basic protection at the moment that we don't use. We've got a large number of credits, and we could use those credits to switch over for a year to a higher project and see where we go from there.

Generally, it's not too bad. Obviously, a cheaper price would be great. Typically, we are in touch with the partner to provide non-profit discounts wherever possible. Generally, we get favorable discounts, so it's not too bad. Obviously, we're looking at decreasing those wherever we can to bring value back to the public purse because it's all charity based. It's all publicly funded.

Create a test group and create test policies, and then just test, test, and test before anything is rolled. It's the usual IT gambit. Test everything, and then just test it again before you roll it out.

I worked for a couple of MSPs before. I've seen it in very remote areas. I'm very impressed with it. Whilst it seems almost fashionable to criticize Microsoft, Intune is pretty much a well-laid-out product. It does what it says it's going to do. There is a lot of dependence on Microsoft products being pushed to it, and that's probably my only criticism. It would be good if Intune was a bit more open-source, but that would lead to more complications. It's a bit of a complicated beast, but generally, I like it.

I'd rate Microsoft Intune a nine out of ten. I'm happy with it.

The primary use case of Microsoft Intune is for patch management and app deployment.

Microsoft Intune is deployed in a hybrid environment and we use Atel cloud.

I can see that the patch management process is much improved with the bundled patch management option available in Microsoft Intune compared to the KPI deployment required by the other deployment solutions.

Deploying an app can be a complex process due to dependencies. For example, I have a package with three files that need to run, but one of them has a dependency on another one. This can be challenging to manage with the Intune app deployment and has room for improvement.

I have been using the solution for one month.

We have premium technical support from Microsoft.

We currently also use BigFix.

We have not yet implemented the solution but the app deployment is a bit complex.

When we add a device to the Azure domain, the activation process for Intune is simple and straightforward with no added complexity.

We partnered with Microsoft to help us implement the solution in our environment.

Intune is cost-effective as it is included in some of the Office 365 packages. GMF can be more expensive.

We evaluated Jamf Pro and will be rolling it out for Apple devices.

I give the solution a seven out of ten.

As of now, we deployed the solution onto 10,000 devices and when completed it will be 30,000 devices. The solution is used in multiple departments in multiple geographical locations.

Microsoft Intune is a Windows solution, and organizations can take advantage of its features. However, I would not recommend using iOS devices with Microsoft Intune as it is suited for Windows only.

Intune is being used by our organization for managing end-point security for our employees and customers.

We are in the financial domain where financial transactions are done. It is quite challenging to secure all the devices and systems. We have more than five banking and financial services-based applications running from the cloud. So it is a priority to protect those applications.

We have increased our overall productivity by 20 to 25 percent. Because devices are all handled remotely, and even though it is quite challenging to handle all the types of information and data from all the devices to make them secure, Intune has provided a good way to maintain everything seamlessly.

All the features are good. It has the ability to handle mobile device management and all your security infrastructure. But one of the best features is Windows Autopilot because if you change any of your devices, whatever security policies and compliance policies that applied can be easily migrated to the new devices. Windows Autopilot gives you that flexibility. You just turn on the new machine and synchronize it and Windows Autopilot does the rest.

It provides centralized administration of all our mobile devices for updates, security, patch management, and upgrades.

Also, because our team is spread out and there are users who work remotely, if their devices are stolen, damaged, or lost, we can wipe their data at our end so that there won't be any data loss. There might be useful information about our organization on the device. Because we can easily wipe their data, no third party can access that data.

In addition, it is easy to roll out policies and configurations to N number of devices.

It should enable remote connection without involving any third-party application tools. Currently, if we connect another PC or any other machine, it requires a third-party integration to connect to it through Intune. That should not be the case.

The UI also needs improvements because it is complex for end-users. We have had feedback from a few users in our organization who found the UI is not feasible for tracking and analyzing all the processes and monitoring all the devices.

I have been using Microsoft Intune for two years.

The stability is good. We haven't faced any issues yet. It is a nine out of 10.

It is scalable. There is the ability to scale resources at your end, but you have to pay more for that.

We don't require too much technical support, because all the training materials and guidance documents are available online on Microsoft's site. We have had no issues with that.

Positive

We used ManageEngine Endpoint Central. Its features and functionality are quite similar to those of Microsoft Intune. But we had to migrate to Microsoft-based solutions and we found Intune to be better than the others.

Another main reason we are using it is that Intune provides end-to-end security for Windows OS, macOS, and our systems. Earlier, it was Microsoft Endpoint Manager. Intune is very good software, a good cloud-based solution.

The initial setup is quite easy because it is a cloud-based, managed service. There is nothing complex about it.

We worked with Microsoft. About 10 to 12 of our staff were involved, mostly from the network and infrastructure groups.

The return on investment, in terms of the features and the expectations of the solution after deployment, is good. It is positive.

The pricing is challenging. Microsoft needs to pay some attention to it. It is good for big enterprises, but I'm not sure that small and medium-sized organizations can adopt it.

The pricing includes maintenance, upgrades, and updates.

In addition to ManageEngine, we looked at BigFix by HCL.

There are a lot of differences. Integration and compatibility are major aspects. If you are familiar with other Microsoft solutions, using a new Microsoft solution is not complex. It's easy to understand. That is one advantage. 

And overall, the features and suitability of Intune are unmatched.

My advice is that if you are already using Azure as a cloud service provider, Intune is a good choice, without compromising with third-party vendors and tools. It gives you the flexibility and integration capabilities with other Microsoft products.

We use the solution for auto-enrollment with app EPP and application deployment with EPP.

We're currently testing the possibility of using the solution as a new MDM tool for mobile applications.

All regions and departments operate on the same model; we turn on the device, select if it's personal or corporate, and all the products and profiles are loaded onto it.

The solution hasn't improved our organization yet, as we're still in the testing phase and have yet to go into full production.

The ability to switch between Affinity and non-Affinity enrollment is great. 

The wiping features are very good. 

The capacity to create more profiles and switch between corporate and personal devices are beneficial features.

One of the main advantages of Intune is that it's a Microsoft product, so it integrates with the other MS products we use.

The solution needs to be better for managing laptops; many functions are still unavailable in this regard.

The scalability could be improved, and like most other MDM products, Intune is good but not 100% there yet.

We've been using the solution for a couple of years. 

The stability is good, and there has been a lot of progress since I last used the solution.

The solution is working well for the most part, but some improvements could be made to the scalability. 

I never had to contact technical support. 

I previously used MobileIron UEM and VMware Workspace ONE.

I wasn't involved in the initial deployment. Now that it's set up, deployment to devices requires turning the phone on, and the device will automatically pull up the profile if the client is linked to our Apple Business Manager tool. We currently have one staff member involved with the maintenance, but we're looking into distributing it to others on the same team.  

The pricing for Intune and the competitor products are all within the same range, there is no true advantage when it comes to cost. 

I evaluated MobileIron and VMware. 

I rate the solution seven out of ten. 

We have yet to reach a level where we can notice flaws or identify areas for improvement since we're still checking and have yet to run the solution through a capability list.

My advice to others evaluating Intune is that it's the best solution for mobile devices like Androids and iPhones. However, if you're rolling out physical laptops, I recommend using a second tool, as there are still many unavailable options on the Intune app for laptops.  

The solution is deployed on cloud. I'm part of the support team. There's another server team that works closely with Microsoft. They purchased an old 365 license, and Intune was one of the included features. We wanted to take advantage of the feature because it was part of the package. That's why our top management decided to save some costs by making use of Intune and not using AirWatch anymore.

We are enrolling through the Intune company portal, and then we are using the Outlook app to configure the email addresses of the company.

We are using the mobile feature, and we are also using MDM to lock the devices, to push restrictions, et cetera. Compared with AirWatch, I think it's easier to manage the devices and the profiles in AirWatch. Intune has a lot of options, but I've only been playing around with it for a few months.

In the past, I raised some tickets for the enhancement feature, which was missing in Intune. It can take a long time for these features to appear, or maybe they will just never happen.

There are certain things that I'm trying to replicate from AirWatch, and it's not possible.

In AirWatch, we have a launcher, which is like a container. You can choose single-app mode or multi-app mode. But in Intune, for example, you need to factory reset the device and then apply the MDM. If we choose multi-app mode, which is the kiosk multi-app mode in Intune, I cannot lock the application on the screen. For example, in the set mode, you have the option to set the leave Kiosk password. You can exit the kiosk. But if you choose Intune multi-app mode, you don't have this leave kiosk option. For us, it's very useful.

If you have this leave kiosk option in the multi-app, you should also have it in the single-app mode. We need this because we have an application that you run on a tablet in hotel rooms, and we want to lock the application in a single-app mode, but besides the application, we also need to have some background applications running, like we need to do some configurations in Knox from Samsung, and eFolder. 

We have three applications that we need to push, but the guests will only be able to see one. Because I don't have the option to leave the kiosk in the single-app mode, I cannot do any configuration in the background apps. We have one app we cannot migrate to Intune from AirWatch because of this issue. This applies to more than 2,000 devices.

I think we need the leave Kiosk option available for the Kiosk single-app mode, because we are stuck with at least 2,000 devices or more because we want to completely retire AirWatch, but we cannot until this feature is available. The applications that we are using in our hotel rooms are not compatible with Intune. My bosses are not really satisfied because we still have expenses with purchasing a license with AirWatch because Intune cannot really fulfill our requirements.

This option is already available in the multi-app mode. It should not be a new feature. This feature already exists. They just need to apply the single-app mode the same way they're applying the multi-app mode.

Compared with AirWatch, Intune is not very stable because I haven't had to deal with these issues. With AirWatch, I would try to fix something and I would need to fine tune the settings, et cetera. But once I fine-tune and push everything, it will run and be stable. With Intune, we are new with this product, but it took some time for me to create a profile and test the devices. It has been working for a few months, but then suddenly this weird issue happened. It affected all devices at once.

In the Outlook application, the scalability is good so far. But there are some differences between on-premises mailbox users and cloud users. For example, let's say I'm my boss's assistant and I'm able to view my boss's calendar on my Outlook desktop. Let's say I want to view a shared calendar on my Outlook app. For the cloud-use mailbox, I'm able to do this, but if I'm an on-premises mailbox user, this option is not available. Usually the cloud mailbox users have more options than on-premise users.

We have around 2,000 users enrolled in Intune so far, not counting the MDM device. That includes just email, the one that I have enrolled in the Outlook email app.

Our plan is to keep the solution because our primary solution for email mobile is now Intune because we are retiring AirWatch. We have already retired the email for AirWatch, and we are just using AirWatch for MDM devices. Of course, the plan is to keep increasing usage. If more users request email on their mobile, we are going to offer Intune.

Technical support is very responsive and helpful. There's another issue that I raised related to Adobe Acrobat. I'm not sure if it's a region issue, but I'm in Macau, and we also have some users in Manila, Hong Kong, and Cyprus. All of us are using the same profile. I make the Adobe Reader application available on the manage app store, but somehow the users in Macau, when they go to the manage play store, are not able to see Adobe Reader on the list. It's only happening in Macau.

I raised this issue. Support dragged the issue on for two months. Support said, "Because all the applications go through the Play store, maybe you need to reach out to Google." The issue was not really resolved because the issue might not be related to Microsoft but Google, et cetera. I just gave up.

Compared to AirWatch, I can upload APKs or I can just redirect the Play store link to push the apps. But in Intune for example, I'm forced to upload all the applications through the managed app store. To make it available is a different process, basically. There are some things that don't really stretch forward. 

If I upload a custom APK in the manage Play store and then I want to remove it, I cannot remove it myself. I need to send an email to Google and ask them to remove it. Then they will ask me to unpublish the app for 24 hours first. These are very simple things that I should be able to control myself, and it wastes a lot of time.

I think if you have the money and want something more stable, you should go for AirWatch. I don't think Microsoft is offering the same stability as VMware at this point. On other hand, I think the support from Microsoft is better, particularly the support in Asia. In VMware, all the support is from India, and sometimes I have a hard time with them.

Now that I'm starting to be familiar with the profiles, it's starting to get easier. A few weeks ago, there was a very odd issue that happened also related to MDM devices where we were using the manage home screen application to lock down the apps that we wanted to allow only the users to use, like the kiosk application.

We have configured the profile and have deployed to 200 or 300 devices. Some of our users called and said suddenly all the mobile devices were flashing. I don't know what happened, but it happened at the same time. The workaround that I had to do was to remove the manage home screen from the profile. Then all of the devices were kicked out and went back to the home screen of the devices. That was the only way they could resume the mobile devices. I don't know what happened, but something was wrong with the manage home screen app on that day because a few days after, I pushed back and everything resumed.

We have ROI because we are retiring AirWatch, so we're spending less and making the most of the free stuff.

The licensing is on a yearly basis.

I would rate this solution 7 out of 10.

We use Intune for Windows computers, and we also have iOS phones.

Intune simplifies mobile application management. It is very good. Its console is perfect. I am satisfied with it.

Intune works well with Microsoft Defender. Intune brings all of our endpoint and security management tools into one place. It is very good. We can manage the firewall and other things. It is very good for the security of computers.

Intune provides full endpoint visibility and IT control across device platforms, but we need to have RBAC for the IT. We have to assign appropriate roles and manage the scope based on, for example, the country and division.

We can use Intune for computers on the cloud, and we can also use it for a hybrid setup with on-premises and cloud computers. We can use Microsoft Endpoint Configuration Manager to manage all the hybrid devices.

We have a lot of reports for data. There are reports related to Windows where we can see whether all the computers have required updates or not. We can also do an inventory of all applications on the computers. We can also do application installation across the company.

Intune works with Log Analytics for Azure. It is a tool for monitoring and analyzing log data.

We can configure Intune for compliance settings. It provides a method to know if a computer is compliant or not. We can use conditional access to allow or block connections. For example, we can set a condition where if a computer is not hybrid, we do not allow the connection to Azure or we block the Office access for that computer. We can configure a compliance setting to know if a computer is compliant or not. We can also block access if a computer, for example, is not encrypted. There are many settings that we can configure, and we can generate reports to see the compliance.

For application deployment, there are a lot of methods that we can use. We can do it from the company portal from Microsoft. It is very easy for IT to configure. We can package, for example, an SAP application in three seconds. We have the possibility to use the automatic detection rules and package our internal application. We have a lot of possibilities. We can use the applications from the store, or we can package our internal applications. I find it very rich.

It is easy to use Intune. We do not have to work with agents. We do not have issues related to agents. With SCCM, we had to use an agent, and there were certain requirements. For example, we had to use a local administrator account, whereas, with Intune, we do not need to do all this. It is all cloud. It is very simple and easy to use.

It is very easy to configure deployment policies. For example, we can deploy something just for Windows 11 and not for Windows 10. It is very rich when it comes to deployment and configuration profiles. Intune is now much better than before.

Configuration profiles, remediation, scripts, and auto-pilot features are very good.

The user experience of Intune is very good for me. The user interface and navigation are very simple and clear. It is very easy to use for managing Windows, iOS, and other environments. People at IT level one and level two will find its console very simple to use. It is very useful.

There can be more logs. I do not have any other requirements. I am very satisfied with it.

I have been using Intune for six years.

It is stable.

It is very scalable. I would rate it a ten out of ten for scalability. 

Our clients have a lot of users. We have 16 or 17 people working with this solution.

I opened a lot of tickets. Their team is responsive, and they respond quickly to help users. I would rate them a ten out of ten.

Positive

For remote access, we are not using Intune, but in my previous company, we used Intune for that. It worked very well. We did not have any problems with it. For managing remote devices, we are using Bomgar.

We have a lot of departments. We are using Intune only for the production computers. For others, we use SCCM. We have a hybrid environment.

It is a cloud solution. Its deployment took about 40 minutes.

It does require maintenance.

It is not expensive.

We trust Microsoft. They are a big and good company. Microsoft is working very hard on security. We do not have any problems with Microsoft.

I would recommend Intune for all companies. It is a very centralized and good solution.

I would rate Intune a ten out of ten.

Our main use cases with Microsoft Intune are about how we automate the deployment. Auto-pilot is a feature that we normally recommend. Another piece is about the package deployment, where we recommend, or have helped, customers in deploying and converting their Win32 application. These are the two main areas in terms of automating the enrollment and Win32. Another use case in terms of the Apple, which is being used more by the customers, is where we recommend them to go for the zero touch process by using the AD.

Intune's feature that I have found most valuable is its auto-pilot feature. The main thing is that it keeps building it. Also Intune's capability in terms of Mac, which is slowly increasing, although the customers are moving towards vMOX and leaving the Intune just because of its limited capability with Mac, though it has already been enhanced. More features include the conditional access and the app production policies with respect to BYOR devices. These have been increased a lot in terms of security.

In terms of what can be improved, I am looking for better enhancements regarding Apple management, not only on the mobile device, but also on the laptop.

Other than that, it already has good capability with Windows, and it is already very good for the mobile device. The only area that is missing is for the Mac products.

I am using Microsoft Intune for the last two, three years.

In terms of maintenance, since it is a cloud product, it automatically gets updated by Microsoft. So there is no maintenance required for the upgrade part. But definitely the maintenance part that we track is the software asset management - that the devices are there and that the patches are deployed on a timely basis. We also do maintenance on the dashboard reporting feature in terms of whether the devices are compliant or not compliant.

In terms of performance, devices will be automatically enrolled and all the applications will be deployed. So it will be ready to use once they log in with their Azure-ready credentials. That is zero touch for them. In terms of having integrations in place with other tools, any issues they face will have proactive or automated actions to resolve their issues, instead of raising them and going through the long process of raising a ticket and the resolution.

Scalability is good.

In my experience, the customers who are mostly going for the Intune are small, medium and large companies. We have seen a mix. These days we have seen a large base of customers having more than one device. So it could be suitable for any size company.

Not too much to say on support. It is pretty fast. But in some of the instances we did not get much or a proper resolution where we had to troubleshoot a lot. But in most of the cases, support was good.

Initial setup is a simple process. It is a cloud solution. It is easy to deploy and easy to integrate with other tools as well. If we have to integrate with on-prem or Azure-ready through an AD connector, it is easy. Also, it is capable of integrating with other tools.

In terms of deployment, having things in the VM or physical VM or physical system in place and the ports enabled, as the main infrastructure is all in the cloud, is only part of connecting with the Azure already and the AD connectors, and does not take much time. With full testing, it takes one day if all things are in place.

Their price is really good. That is the reason customers move here, because as part of the Office 365 package, they always get the E365 as well, which makes it easy for them to manage their devices without having additional licenses for Intune.

That is the best part.

The main differences between Intune and other products are, like I mentioned, in terms of the Mac. If the customers are majorly moving and adopting Mac laptops while they are using the Intune, they are leaving for other platforms, like Workspace ONE and vMOX. That is the reason for moving and the major difference I have seen these last couple of months. But at the same time, if there is not much dependency on Mac devices, they are moving from other platforms to Intune, also.

My advice to anyone considering Intune would be to definitely test it and have devices enrolled at least in a pilot phase. They will get feature compatibility, the policies, and the auto-pilot feature. So, I would recommend to do at least a POC, and then decide.

On a scale of one to ten, I can rate Intune an eight.

Nowadays, we've seen more evolution towards Autopilot for Windows 10 and then in a hybrid or cloud-only setup. After the Windows devices, we use it with Android, the most frequent mobile, and then iOS. I have five or six projects regarding Microsoft.

It helps deal with conflicting policies. We do a lot of graph API calls toward Microsoft for reporting, et cetera. 

It simplifies the work of the IT admins in a company if you set it up right. The setup will take some time, obviously. However, if you set it up right, it will simplify the management of your endpoints. The enterprise app management is great. With Intune, you can shorten the time needed for handling the necessary updates so that there are no vulnerabilities on the applications or on the operating system side of things.

The Intune suite offers a lot of features. 

The AutoPilot feature is helpful.

Endpoint privilege management is very good. You can bring your own device setup. You can use it in combination with conditional access policies for encryption.

Migration from on-prem to cloud is good.

The settings catalog and configuration profiles are also very, very useful.

Intunes brings all of our endpoint and security management tools into one place. This is a good thing. We now have one portal to check instead of dozens. I'm really happy with that.

The overall user experience is quite nice. I have no complaints from end users regarding their devices enrolled in Intune.

We've used CoPilot. We have nothing to complain about, however, it is very expensive. With CoPilot, we summarized a few of our policies and devices, which were great. We check the properties of the devices, hardware, of the devices, and so on. Mostly, we played around with the summaries of the policies, however, we switched it off since it was running for a couple of days, and it was a few hundred euros for those few days. 

Witnessing the benefits of Intune happen quickly. Clients usually begin to see benefits after the kickoff meeting. Intune is an ongoing development product. It helps both greenfield and existing setups. It's not static. We'll work with policies and versioning, and after every quarter, we'll review our policies and update where necessary. If clients used Intune managed services, they get policy updates included in the managed service. 

Intune is good for securing hybrid work and protecting data of the company while bringing our own devices. We use device framework policies from Microsoft themselves with some minor adjustments. They have level one, level two, and level three policies. You can just fix the settings of their site, and that's also what we use. Then we just tweak and bring in our own experiences. 

The endpoint privileged management enables users to enforce privileged access and can positively affect user productivity. In in small environments, the end users are, in 99% of the cases, also local admins on their devices, which is obviously not good. In bigger environments, we get into that less often as it's more of an organized thing. That said, in small environments, everybody is a local admin and that brings certain risks with it. So users can install and download everything they want. With endpoint privilege management, we can set rules for specific applications, and then, a user can ask for approval to run a certain application, which is very good. 

Intune positively affects overall IT productivity in organizations. If users need to install it on a device that they need in their workday or day-to-day business, they can just grab it themselves from the company portal app. They do not have to wait. They do not have to enter a support ticket that goes to the help desk to request a certain type of software. They can do it themselves, so they save a lot of time.

Intune, when applied on the cloud, can save on costs. With the cloud, there's no on-prem infrastructure that needs service, electricity, space, or cooling, for example. 

There are a lot of features that need to be released. There is no copy-paste or fie transfer. There's more work to do. They don't live up to my expectations anymore. Microsoft has a history of releasing features that are not completely finished. 

Remote help needs to be better.

Reporting needs improvement. It's still lacking. The built-in reporting is pretty basic. In managed services, we have a lot more reporting. However, we had to develop it ourselves.

I've used the solution since the product launched, about 15 years ago. 

The solution is fairly stable. I cannot recall the last time that there was a health issue reported on the Microsoft side regarding Intune.

The scalability is perfect. I've had no issues with scaling. 

The communication between us and Microsft is good. They do come back with insights on what's to come. When it coms to support, if you are lucky, you will get a good tech that can help. The knowledge of some techs are insufficient. They may ask basic questions that are not relevant to the issue. You spend a lot of time re-answering questions you may have already addressed in the original ticket.

Neutral

I did not use a different solution previously. 

I've been in touch with MobileIron and AirWatch, however, that's very, very basic.

I work with both on-cloud and on-prem versions of the solution. 

The initial deployment is very simple and straightforward. I've been doing it for 15 years, so I understand the process. When people are new to Intune, there may be some complexity. There are many things that need to be considered. The learning curve can be steep. 

There is support from Intune for maintenance, like when an application fails to install. 

I tend to implement the solution myself. 

Some people have Microsoft 365 with a security add-on, and Intune is integrated. 

CoPilot is expensive as an add-on.

It's a rather expensive solution, especially if you want to use all the bells and whistles. 

I've been involved with the solution as a customer, integrator, reseller and consultant. I'm a freelancer as well and use it myself. I'm selling licenses and doing greenfield setups for different customers. 

We've not yet used all aspects of Intune suite, which is a new collection of advanced endpoint management and security tools. We have demoed it, and we are showing it in workshops. However, we do not have it in a live environment. A lot of customers are hesitating to buy the Intune suite due to the price. Some users may be paying fifty euros per user per month and then would need to add another 10 euros for the Intune suite, and that's a big step since that would be a fifth of the license that they're already paying. 

It's helpful that Intune is integrated with 365. It's important that everything is integrated together so that the Microsoft ecosystem becomes seamless. 

I'd rate the solution 8 out of 10 overall. 

It's a fund product. The possibilities are almost endless. It will make your life easier.