2021-01-18T02:13:00Z

What are the benefits of Microsoft Intune for IT Admin?


Hi guys,

Our company is considering implementing Microsoft Intune. We have been using MS Business Standard and trying to upgrade our licenses to MS Business Premium which has MS Intune, Azure Premium p1.

What are your experiences with MS Intune?

Please share your any opinions freely.
 
Thank you in advance

Guest
33 Answers

author avatar
Top 5Real User

Hi Seungbin Cho,


Microsoft Intune is a perfect solution for managing all Windows 10 / Android devices it is just same as Microsoft System Center, minimum feature for iOS, I have deployed recently 12000 devices Windows 10 and iOS. overall complete mobile device management.


Regards


Pradeep 

2021-01-20T13:28:38Z
author avatar
Top 5LeaderboardReal User

With EMS feature, especially microsoft Intune, we can enhanced security, device and user can be elimited only the specific criteria can access the data or the apps. 

2021-01-20T02:09:51Z
author avatar
Top 10Consultant

@Ahmad Zuhdi Can you also handle security on mobile devices ? 

2021-01-21T04:33:34Z
author avatar
Top 5LeaderboardReal User

@Bjarne Mattila yes, off course, we can use MDM or MAM Solution for Android or iOS Device.

2021-01-21T05:17:52Z
author avatar
Top 10Consultant

@Ahmad Zuhdi My question is related to the SECURITY on the mobile phones and the question is, what kind of IT-SECURITY is there on the mobile phone. I have a Intune setup - but I cannot find any info about the SECURITY on the mobile phone (AV, ransomware, secure payment (IPX)  and Hipaa (sensitive personal data - like data for hospitals etc.) Sophos is a logical MDM system, which anyone can figure out in days - not weeks or months. I have seen Intune project MUCH MORE EXPENSIVE (including Azure licenses, training and often a need for external support etc.) and taking 4-6 month implementation/Integration, which can be done in Sophos in a few days/weeks. The security is developed in corporation with DARPA and has the highest level of security on the market - even on mobile devices. We have made Sophos remote installations/setup's in days all over the world .. try to ask an Intune manager, how long it takes for setting up a basic installation including Azure etc. if you are new in MDM ? 

2021-01-21T10:01:31Z
author avatar
Top 5LeaderboardReal User

@Bjarne Mattila EMS feature (which includes Intune) focuses on securing corporate data, the scenario is how only devices that meet the criteria can access corporate data or applications. not securing devices from attack, but corporate data that is secured. If what you are looking for is to secure the device, the Intune can be integrated with the Mobile Threat Defense partners software, please see this link  https://docs.microsoft.com/en-... 

2021-01-22T00:52:32Z
author avatar
Top 10Consultant

@Ahmad Zuhdi OK - so if a user is hacked (impersonation), the hacker can use the user info for access to the corporate data, place a malware and wait for it to "climb the latter / 5 steps" for spreading even more damage .. and wait for the right time for launching a ransomware attack ? You have to compare a mobile smart phone with a PC and some of the challenges are, that if you have no protection on the Smart Phone, you cannot certify your GDPR and the users are not protected if the "front-end" data is not protected against hackers. Those who hacked "Solar Wind" used the weakness in Microsoft back-ends (Azure, SharePoint / Exchange / O365) for spreading malware etc. https://blog.malwarebytes.com/... In Sophos MDM / Sophos Central you will have the highest level of security and real time protection on both the smart-phones and on the back-end - and all devices are by security heart beat synchronized with each other. You can even monitor (real time) and roll-back threats like zero day threats / ransomware etc. 

2021-01-22T06:14:16Z
author avatar
Top 5LeaderboardReal User

@Bjarne Mattila, if you need more secure you must add Microsoft Defender ATP to enhanced the security, detail capability Microsoft Defender ATP please see this link https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/announcing-microsoft-defender-atp-for-android/ba-p/1480787... 
and the detail license requirement of Microsoft Defender ATP you can see in here https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements-... I think that once you read the details of the two links, all your previous worries can be resolved 

2021-01-22T07:21:30Z
author avatar
Top 10Consultant

@Ahmad Zuhdi With ATP you can get Microsoft Defender on Win-10 PC's .. and not on iOS / Android devices. Microsoft ATP (in Intune) is protecting Microsoft back-office + Win-10 endpoints ONLY - but the Smart-Phone clients are NOT protected (IT-SECURITY). Microsoft even recommend other partners in IT-security as a solution for covering IT-SECURITY on Smart-Phone, which is NOT covered by Microsoft. With Microsoft Intune you can MANAGE the Smart-Phones + Apps etc. but I cannot find ANY documentation on IT-SECURITY on Smart-Phones. NB! Your first link is not working. 

2021-01-22T15:39:24Z
author avatar
Top 5LeaderboardReal User

@Bjarne Mattila 
Here Microsoft Defender ATP for Android Anouncemet. 
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/announcing-microsoft-defender-atp-for-android/ba-p/1480787
Here for iOS
https://www.petervanderwoude.nl/post/getting-started-with-microsoft-defender-for-endpoint-for-ios/#Introduction-to-Microsoft-Defender-for-Endpoint-for-iOS
So, You can even monitor (real time) and roll-back threats like zero day threats / ransomware etc. as your say like sophos.

2021-01-22T23:01:39Z
author avatar
Top 10Real User

@Ahmad Zuhdi Does Intune have a Security Container on the Smart Phones protecting / separating Business Applications from user applications ? In Sophos MDM/EMM/UEM you get a CONTAINER for your business solutions (O365 support, Secure Browser, E-mail, contacts, virtual drives / data and calender etc.) where all business data and APPS are separated from each other. When a user / employee end his career at the company, you can remove the container- and the Smart Phone is back into private state (if BYOD). Users cannot make a private backup of the business data+Apps, and therefore you fulfill the GDPR law and get the best IT-security on the SmartPhones etc. In the Sophos Environment (Sophos Central), you don't need additional modules / services like the Microsoft ATP. The Sophos concept (Synchronized Security) ALL devices are protected with Sophos Intercept-X (Anti-Ransomware +) which gives you the highest level of IT-Security on all devices. 

2021-01-25T14:48:47Z
author avatar
Top 5LeaderboardReal User

@BjarneMattila I know you are very familiar with Sophos, and always try to compare Intune with Sophos, and want to show that Sophos is more than anything from Microsoft Solution, here https://www.microsoft.com/security/blog/2019/12/03/microsoft-security-leader-5-gartner-magic-quadrants/ is a claim from Microsoft that Microsoft is getting 5 leader positions in Gartner, where there is no Sophos name there(only one in EPP)? how do you answer that?

2021-01-25T22:29:49Z
author avatar
Top 5Real User

Hi,


Microsoft Intune at par with any industry MDM solution. You will be able to manage Windows 10, iOS and Android devices, application management.


Deployment is very simple and so far I have not seen any major issues.

2021-01-21T07:33:20Z
author avatar
Top 10Consultant

@Kishan Kendre So the conclusion is that Microsoft has NO threat defense for mobile devices. Why not install e.g. Sophos MDM/EMM where you will have it all ?.. also MS Win-10 management and client protection etc. ? 

2021-01-21T12:27:18Z
author avatar
Top 5Real User

@Bjarne Mattila Microsoft has all required threat defense and even you can manage all endpoint security like disk encryption, Antivirus, EDR. If you need additional then ATP can be added.

2021-01-25T03:57:47Z
author avatar
Top 10Consultant

@Kishan Kendre In Sophos you will have disk encryption, AV, Intercept-X (best anti ransomware on the market), EDR, Enhanced EDR, Synchronized Security via Security HeartBeat and ZTNA (Zero Trust Network Access) for both Endpoints and Smart Phones, supports O365 and have integration into Microsoft Intune, Apple DEB, Android/Samsung KME (Knox Mobile Enrollment) and Google Zero Touch for smart mobile enrollment - and additionally Sophos is both logical and easy to setup, maintain, support and costs much less than Intune (including Azure etc.). 

2021-01-25T05:03:13Z
Learn what your peers think about Microsoft Intune. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
463,678 professionals have used our research since 2012.