Chief Information Security Officer at a comms service provider with 11-50 employees
Real User
Top 20
2024-01-10T10:36:00Z
Jan 10, 2024
Some of the security posture limitations are not brilliant; they're not ideal, but they're not causing us a problem at the moment. It's the granularity: "Is your firewall on? Is BitLocker on?" It's not amazing granularity. But I've looked into other products, like Duo, and they're all similar.
IT Systems Admin at a government with 10,001+ employees
Real User
Top 20
2023-11-27T15:55:00Z
Nov 27, 2023
I have a lot of Apple products in my environment. It would be nice to have an improved integration of Apple products with Microsoft Intune without Jam.
There is room for improvement in integration and security as well. Those are areas that clients are always concerned about. So, in future releases of the product, I would like to see better integration as well as enhanced security.
Technology\Cloud Architect | IT Infrastructure Security & Compliance at IDFC FIRST Bank
Real User
Top 5
2023-05-17T10:42:00Z
May 17, 2023
Unlike VMware Workspace ONE, which provides system configuration and endpoint management, Microsoft Intune is not a standalone application. This is a limitation of Microsoft Intune because it does not provide all the information we need or the application details of the devices connected. Microsoft Intune's support for Mac devices is lacking and could be improved.
SR IT administrator at Cardinal Integrated Technologies Inc
Real User
Top 10
2023-05-17T09:28:00Z
May 17, 2023
When somebody has a customized application or their own company's application, we cannot deploy that application. For that, Microsoft has to change some tools, such as the launch tools, so that we can deploy those applications as well.
Senior Manager Information Technology Infrastructure at a financial services firm with 11-50 employees
Real User
Top 10
2023-04-07T12:55:00Z
Apr 7, 2023
Integrating certain group policies can be challenging and may necessitate using on-premises systems to integrate them with Microsoft Intune. I am encountering challenges integrating with multiple domains outside of my own due to unsupported Active Directory extensions.
For mobile device management, especially for the Windows operating system, it's quite impressive. But it would really be helpful to have the option to manage server operating systems as well, like Windows Server, at least. That way, we could scrap the use of SCCM, which requires a lot of on-premises infrastructure. Another area for improvement is the reporting structure. For example, currently, when deploying Windows 10 or Windows 11 updates, I don't get any detail or structured reports showing which updates are installed on the devices. It only gives me information on whether the update policy has been successfully deployed on the device or not. That type of installed-updates detail would be helpful.
Sometimes, customers compare it with AirWatch, but the concept of Intune is different from other solutions. It's an application management app. It gets a bit difficult to explain it to customers, but it's not a product limitation. It takes a presale document or presentation to explain it to customers.
Microsoft needs to enhance device-level security, as sometimes when using Microsoft Intune, the device's operating system becomes stuck and requires a full uninstall to remove the Intune bug. The price of the solution has room for improvement.
Chief Technology Officer at a tech services company with 51-200 employees
Real User
Top 10
2023-02-24T19:16:00Z
Feb 24, 2023
Due to the abundance of features, there's a lot to organize, which makes managing and setting up the solution challenging. The setup is immense, and it would be good to see improvement in this area. The stability could be improved.
Lead - Warehouse & Logistics at a comms service provider with 10,001+ employees
Real User
Top 20
2023-02-13T13:19:00Z
Feb 13, 2023
Deploying an app can be a complex process due to dependencies. For example, I have a package with three files that need to run, but one of them has a dependency on another one. This can be challenging to manage with the Intune app deployment and has room for improvement.
Project Engineer at a computer software company with 51-200 employees
Real User
Top 5
2023-02-12T12:27:00Z
Feb 12, 2023
I'd suggest adding more features for macOS in Intune. There should be more functionality for managing macOS. There should be a better capability for pushing things down on macOS. Currently, Intune is not capable of managing macOS at the same level as Windows.
We need the capabilities of the Cloud Management Gateway (CMG) to be enhanced through Intune instead of Azure. I suggest that Microsoft consider this. If the user already has a subscription to Intune, they should not need to buy an additional subscription for Azure services. The support needs improvement. When we need support, we don't get a response within the SLA because the support has been outsourced.
A few of the options are a bit hard to understand. As compared to on-prem services such as AD, it's a bit different. For example, group policy objects have different names. It takes some time to find out where various options are available. I wanted to check if there is any provision at the Intune level to restrict certain things, such as a website, but unfortunately, that feature is available only in Microsoft Defender. Intune has web filtering capabilities, but they are only useful for protection from malicious websites, whereas we would like to be able to restrict a website. For example, YouTube is a clean website. No one would identify it as a malicious website, but if we want to stop the end-users from going to that website, we have to go for another product, such as Microsoft Defender or another third-party proxy solution. It would be great if this capability is included in Intune.
It should enable remote connection without involving any third-party application tools. Currently, if we connect another PC or any other machine, it requires a third-party integration to connect to it through Intune. That should not be the case. The UI also needs improvements because it is complex for end-users. We have had feedback from a few users in our organization who found the UI is not feasible for tracking and analyzing all the processes and monitoring all the devices.
Reporting in Microsoft solutions is pathetic. With Intune, I'm getting a free inventory tool, but I don't get a reporting tool. When I go to Intune, I can see one machine's entire data in terms of the hardware and the software running on it, but I cannot generate a report for all the machines in the organization. The reporting is the only feature holding back the functionality that is already there. All the other third-party tools are doing the same thing, whether Atlassian, ManageEngine, or Ivanti. They all install an agent on your system. Intune also has an agent on your system collecting inventory details and sending them across the central console, but Microsoft doesn't have the reporting capability there. That is the only drawback I see.
Senior IT Security Specialist at a tech services company with 1,001-5,000 employees
Real User
Top 5
2022-11-11T19:34:13Z
Nov 11, 2022
It would be nice to have a location tracker for the mobile device management tool. I'm not sure if it exists but hasn't been configured or if it's missing, but we've been unable to utilize the location features.
President/CEO at a tech services company with 1-10 employees
Real User
Top 20
2022-05-18T15:42:49Z
May 18, 2022
It's really matured and improved over the years by assimilating competing products. There are a lot of things that used to be better than Endpoint Manager or not available in Endpoint Manager that were absorbed or purchased and placed into this product. From a deficiency perspective, I can't recall coming across anything substantial. I'm trying to think of a weakness. I compared it to Ivanti. From a new user's perspective, it may be a little overwhelming because there are quite a few things to look at in the console, however, once you are sort of acclimated and are familiar with your core functions, it's fairly simple and straightforward. You can modernize the UI a little bit, however, change for a sake of change isn't always a good thing.
It's only good for a Microsoft environment. While it works very well for Microsoft users but if you have other kinds of operating systems, it's very painful to use. They need to take into consideration the Linux operating system and not only the Microsoft operating system. The solution needs better patching across applications.
Global Endpoint Manager at a manufacturing company with 10,001+ employees
Real User
2022-01-04T21:37:01Z
Jan 4, 2022
The product needs better management support, for sure, especially between non-Microsoft applications. It would be good, for example, to have some Chrome OS support. The solution requires baselines within the web console. That's something that is missing. They need better delegation capabilities in the reporting. The solution requires Mac support.
Desktop Architecture and Design at a tech services company with 1-10 employees
Real User
2021-12-01T16:19:00Z
Dec 1, 2021
No tool is 100% perfect. An issue we have run into with Microsoft Endpoint Manager is that we cannot patch third-party products like Adobe and Chrome with it.
Microsoft Intune is a comprehensive cloud-based service that allows you to remotely manage mobile devices and mobile applications without worrying about the security of your organization’s data. Device and app management can be used on company-owned devices as well as personal devices.
In an increasingly mobile workforce, Microsoft Intune keeps your sensitive data safe while on the move. Microsoft Intune makes it possible for your team members to work anywhere using their mobile devices....
There can be more logs. I do not have any other requirements. I am very satisfied with it.
I would like some integration with the Microsoft reporting platform Power BI.
I would like the ability to install the agent on devices from suppliers, which would enable us to implement a zero-trust strategy for guest devices.
Some of the security posture limitations are not brilliant; they're not ideal, but they're not causing us a problem at the moment. It's the granularity: "Is your firewall on? Is BitLocker on?" It's not amazing granularity. But I've looked into other products, like Duo, and they're all similar.
The policies we had in SCCM and AD offered features that are missing from Microsoft Intune.
We faced issues with macOS support. The product should have better inventory and asset management.
I have a lot of Apple products in my environment. It would be nice to have an improved integration of Apple products with Microsoft Intune without Jam.
There is room for improvement in integration and security as well. Those are areas that clients are always concerned about. So, in future releases of the product, I would like to see better integration as well as enhanced security.
Integration with Mac devices requires some improvement.
Unlike VMware Workspace ONE, which provides system configuration and endpoint management, Microsoft Intune is not a standalone application. This is a limitation of Microsoft Intune because it does not provide all the information we need or the application details of the devices connected. Microsoft Intune's support for Mac devices is lacking and could be improved.
When somebody has a customized application or their own company's application, we cannot deploy that application. For that, Microsoft has to change some tools, such as the launch tools, so that we can deploy those applications as well.
Integrating certain group policies can be challenging and may necessitate using on-premises systems to integrate them with Microsoft Intune. I am encountering challenges integrating with multiple domains outside of my own due to unsupported Active Directory extensions.
For mobile device management, especially for the Windows operating system, it's quite impressive. But it would really be helpful to have the option to manage server operating systems as well, like Windows Server, at least. That way, we could scrap the use of SCCM, which requires a lot of on-premises infrastructure. Another area for improvement is the reporting structure. For example, currently, when deploying Windows 10 or Windows 11 updates, I don't get any detail or structured reports showing which updates are installed on the devices. It only gives me information on whether the update policy has been successfully deployed on the device or not. That type of installed-updates detail would be helpful.
Sometimes, customers compare it with AirWatch, but the concept of Intune is different from other solutions. It's an application management app. It gets a bit difficult to explain it to customers, but it's not a product limitation. It takes a presale document or presentation to explain it to customers.
Microsoft needs to enhance device-level security, as sometimes when using Microsoft Intune, the device's operating system becomes stuck and requires a full uninstall to remove the Intune bug. The price of the solution has room for improvement.
Due to the abundance of features, there's a lot to organize, which makes managing and setting up the solution challenging. The setup is immense, and it would be good to see improvement in this area. The stability could be improved.
Deploying an app can be a complex process due to dependencies. For example, I have a package with three files that need to run, but one of them has a dependency on another one. This can be challenging to manage with the Intune app deployment and has room for improvement.
I'd suggest adding more features for macOS in Intune. There should be more functionality for managing macOS. There should be a better capability for pushing things down on macOS. Currently, Intune is not capable of managing macOS at the same level as Windows.
The solution could be improved by the opportunity to connect third-party application databases, such as Chocolatey or another setup store, to Intune.
We need the capabilities of the Cloud Management Gateway (CMG) to be enhanced through Intune instead of Azure. I suggest that Microsoft consider this. If the user already has a subscription to Intune, they should not need to buy an additional subscription for Azure services. The support needs improvement. When we need support, we don't get a response within the SLA because the support has been outsourced.
A few of the options are a bit hard to understand. As compared to on-prem services such as AD, it's a bit different. For example, group policy objects have different names. It takes some time to find out where various options are available. I wanted to check if there is any provision at the Intune level to restrict certain things, such as a website, but unfortunately, that feature is available only in Microsoft Defender. Intune has web filtering capabilities, but they are only useful for protection from malicious websites, whereas we would like to be able to restrict a website. For example, YouTube is a clean website. No one would identify it as a malicious website, but if we want to stop the end-users from going to that website, we have to go for another product, such as Microsoft Defender or another third-party proxy solution. It would be great if this capability is included in Intune.
It should enable remote connection without involving any third-party application tools. Currently, if we connect another PC or any other machine, it requires a third-party integration to connect to it through Intune. That should not be the case. The UI also needs improvements because it is complex for end-users. We have had feedback from a few users in our organization who found the UI is not feasible for tracking and analyzing all the processes and monitoring all the devices.
Reporting in Microsoft solutions is pathetic. With Intune, I'm getting a free inventory tool, but I don't get a reporting tool. When I go to Intune, I can see one machine's entire data in terms of the hardware and the software running on it, but I cannot generate a report for all the machines in the organization. The reporting is the only feature holding back the functionality that is already there. All the other third-party tools are doing the same thing, whether Atlassian, ManageEngine, or Ivanti. They all install an agent on your system. Intune also has an agent on your system collecting inventory details and sending them across the central console, but Microsoft doesn't have the reporting capability there. That is the only drawback I see.
It would be nice to have a location tracker for the mobile device management tool. I'm not sure if it exists but hasn't been configured or if it's missing, but we've been unable to utilize the location features.
It's really matured and improved over the years by assimilating competing products. There are a lot of things that used to be better than Endpoint Manager or not available in Endpoint Manager that were absorbed or purchased and placed into this product. From a deficiency perspective, I can't recall coming across anything substantial. I'm trying to think of a weakness. I compared it to Ivanti. From a new user's perspective, it may be a little overwhelming because there are quite a few things to look at in the console, however, once you are sort of acclimated and are familiar with your core functions, it's fairly simple and straightforward. You can modernize the UI a little bit, however, change for a sake of change isn't always a good thing.
The installation could be improved to be simplified.
It's only good for a Microsoft environment. While it works very well for Microsoft users but if you have other kinds of operating systems, it's very painful to use. They need to take into consideration the Linux operating system and not only the Microsoft operating system. The solution needs better patching across applications.
It should be easier to define policies and comply with those policies. The initial setup is complex. We aren't lacking any features at this point.
The product needs better management support, for sure, especially between non-Microsoft applications. It would be good, for example, to have some Chrome OS support. The solution requires baselines within the web console. That's something that is missing. They need better delegation capabilities in the reporting. The solution requires Mac support.
No tool is 100% perfect. An issue we have run into with Microsoft Endpoint Manager is that we cannot patch third-party products like Adobe and Chrome with it.