The Evolution of Intune From a Product to a Platform
The platform we know as “Intune” was launched in 2011 and, at the time, was called ‘Windows Intune’. It wasn’t well adopted and SCCM continued to be the dominant platform for Windows. In 2014, the name was shortened to Intune and repurposed for mobile devices.
I vividly remember being briefed by Microsoft in 2014 on the agentless architecture for BYOD and the need for Azure AD with the obvious lack of features compared to AirWatch which was the leader at the time. It was clear to us at Mobile Mentor that Intune had a long way to go to become a viable product on the market. However, it featured on the Gartner Magic Quadrant for the first time, and we felt that it had the potential to become a juggernaut. So, we started to pay attention.
Gartner Magic Quadrant 2014-2017
Fast forward to 2017 and Intune was a topic of discussion in every meeting with every client. This was because clients were paying for 2 or 3 different tools to manage their Windows, Macs, and mobile devices, yet they were being told by Microsoft that Intune was “free”. This garnered a lot of attention and suddenly we found clients were willing to do a trial to see what Intune could do.
Many early deployments were not very successful, and clients continued to use other products such as SCCM, Manage Engine, and Altiris for their Windows devices. Meanwhile, JAMF was gaining traction for Apple devices, and AirWatch, MobileIron, and SOTI were dominating mobile device management.
The power of the platform
Meanwhile, in Seattle, the Microsoft engineering team was toiling away, improving the architecture and adding exciting new features like Autopilot, Autopatch, and Windows Hello. The gap was closing every quarter and the velocity of new features was almost overwhelming. More importantly, Microsoft was integrating Intune with Azure AD, Defender, OneDrive, and Endpoint Analytics. This was a master class in product development and all this integration transformed Intune from being a challenger product to become a huge platform that would ultimately win the market.
The power of the bundle
And of course, the Microsoft field sales and marketing machine was telling customers that if they have Microsoft 365, Intune was included, so why not use it? The power of the bundle was irresistible, and Intune started gaining ground and displacing competitors.
Covid opened the floodgates
Suddenly every employee was a remote worker and every business, hospital, and school came under attack from cybercrime. IT teams rushed to deploy CMGs to attempt to update Windows 10 machines that were off the network before they lost trust. Where that was not possible, IT teams told their employees to use a VPN to update their machine. I know of schools that told their teachers to drive to the school, park outside the science lab, connect to WiFi and do a Windows update while sitting in their car.
Gartner Magic Quadrant for Endpoint Management
Some of those stories are classic and need to be remembered, but the mass market embraced Intune with open arms. Intune was considered mature enough and the power of the platform and the power of the bundle was a winning combination.
In 2020 Windows Autopilot was considered to be magic. WuFB was a lifesaver and Intune achieved feature parity with AirWatch on mobile devices. Game on! Gartner now clearly recognized Microsoft as the market leader for unified endpoint management and the product seemed to get stronger every year.
Magic Quadrant 2017 – 2022
Intune was being deployed in record numbers and the team at Mobile Mentor was busy with deployments and helping clients migrate their device fleets from legacy tools over to Intune. This was fun work, and we had the privilege of working with some amazing clients like the Mayo Clinic, DHS, and New York Schools. Up to this point, I could not have imagined having 1 million devices on a single Intune tenant, but now we support that and the platform was performing well. Like most large tech deployments, the limiting factor was not the technology, it was the people and processes.
Microsoft really appreciated the work we were doing and in 2021 they awarded us Partner of the Year for Modern Endpoint Management. They also invited us to join the partner advisory council for the Intune product. Now we had insight into the product direction in addition to some influence on the future roadmap.
Living the dream
By mid-2022, we were seeing real-world examples of Intune being used as it was intended, and clients were reaping the benefits of modern management. Windows devices could be provisioned using Autopilot and some clients were getting to the ESD screen in as little as 9 minutes. New machines were being shipped directly to the employees’ homes and the out-of-box experience resulted in the machine lighting up with Bitlocker, OneDrive content, applications installed, Windows Hello enabled, and the devices showing up as compliant in the portal. Now Zero Touch Provisioning was a reality. Some IT people were thrilled, and some were threatened, but nobody could deny this was game-changing after 20 years of manually imaging machines and deploying packages.
And once those machines were configured, the Windows updates were fully automated, some applications were being automatically patched and some compliance actions were automated. The same experience was happening for iOS and Android although this was less surprising as this capability had existed for years.
The rise and fall of Microsoft Endpoint Manager
Microsoft made some interesting moves to combine Intune and SCCM under a single umbrella called Microsoft Endpoint Manager and tried to convince clients that the transition from SCCM to Intune was simple but wisely in 2022, they dropped this strategy and made it clear that SCCM was for on-premises devices and servers, and Intune was for cloud-managed devices. It also become clear that the future was Intune and that is where all the investment and engineering effort was going.
The need for more advanced features
To get modern management working at an enterprise scale, a number of 3rd party products are often required in addition to Intune:
App patching is a challenge and many companies rely on tools like PatchMyPC
Most IT teams need tools like TeamViewer or BeyondTrust for remote support
Sys Admins are grappling with the need to grant admin rights to users
Microsoft is hitting each of these pain points with the new releases and I am thrilled to see that the new features will enhance both endpoint security and employee experience.
Endpoint Security Features
Endpoint privilege management
The process of governing privileges, preventing users from exploiting functions beyond their requirements.
Advanced app management
The advanced suite of Intune management features lets you publish, push, configure, secure, monitor, and update mobile apps for your users.
Cloud certificate management
A solution to issue and manage Wi-Fi and VPN certs from Intune to devices not subjugated to on-prem infrastructure.
Employee Experience Enhancements
Advanced endpoint analytics
A built-in feature of Intune with meaningful metrics to help determine the quality of end-user experience.
A cloud-based solution for secure help desk connections with role-based access controls.
Tunnel for BYO devices
Expands access to your company resources for devices that can’t or haven’t enrolled with Microsoft Intune.
Once these new features have reached maturity, companies will be able to publish and deploy certificates to their devices, dynamically apply privileged access when needed, and automate their app patching. End users will be able to access company resources securely from a BYO device. Service desk teams will be notified when a device is behaving poorly, or anomalies are detected and they will be able to initiate remote support with the user.
I am excited.
Contact us to learn more about intune
Denis founded Mobile Mentor in 2004 with a clear purpose – to empower people to achieve more with their technology. The technology is always changing but Denis’ purpose is the same and today most of Denis’s energy is helping clients to navigate the balance between security and employee experience.
Denis is really passionate about solutions that make an impact in healthcare, education and government. Since 2017, Denis has lived in the US, working with both public and private healthcare providers.