The platform we know as “Intune” was launched in 2011 and, at the time, was called ‘Windows Intune’. It wasn’t well adopted and SCCM continued to be the dominant platform for Windows. In 2014, the name was shortened to Intune and repurposed for mobile devices.
I vividly remember being briefed by Microsoft in 2014 on the agentless architecture for BYOD and the need for Azure AD with the obvious lack of features compared to AirWatch which was the leader at the time. It was clear to us at Mobile Mentor that Intune had a long way to go to become a viable product on the market. However, it featured on the Gartner Magic Quadrant for the first time, and we felt that it had the potential to become a juggernaut. So, we started to pay attention.
Gartner Magic Quadrant 2014-2017
Fast forward to 2017 and Intune was a topic of discussion in every meeting with every client. This was because clients were paying for 2 or 3 different tools to manage their Windows, Macs, and mobile devices, yet they were being told by Microsoft that Intune was “free”. This garnered a lot of attention and suddenly we found clients were willing to do a trial to see what Intune could do.
Many early deployments were not very successful, and clients continued to use other products such as SCCM, Manage Engine, and Altiris for their Windows devices. Meanwhile, JAMF was gaining traction for Apple devices, and AirWatch, MobileIron, and SOTI were dominating mobile device management.
The power of the platform
Meanwhile, in Seattle, the Microsoft engineering team was toiling away, improving the architecture and adding exciting new features like Autopilot, Autopatch, and Windows Hello. The gap was closing every quarter and the velocity of new features was almost overwhelming. More importantly, Microsoft was integrating Intune with Azure AD, Defender, OneDrive, and Endpoint Analytics. This was a master class in product development and all this integration transformed Intune from being a challenger product to become a huge platform that would ultimately win the market.
The power of the bundle
And of course, the Microsoft field sales and marketing machine was telling customers that if they have Microsoft 365, Intune was included, so why not use it? The power of the bundle was irresistible, and Intune started gaining ground and displacing competitors.
Covid opened the floodgates
Suddenly every employee was a remote worker and every business, hospital, and school came under attack from cybercrime. IT teams rushed to deploy CMGs to attempt to update Windows 10 machines that were off the network before they lost trust. Where that was not possible, IT teams told their employees to use a VPN to update their machine. I know of schools that told their teachers to drive to the school, park outside the science lab, connect to WiFi and do a Windows update while sitting in their car.
In 2020 Windows Autopilot was considered to be magic. WuFB was a lifesaver and Intune achieved feature parity with AirWatch on mobile devices. Game on! Gartner now clearly recognized Microsoft as the market leader for unified endpoint management and the product seemed to get stronger every year.
Magic Quadrant 2017 – 2022
Intune was being deployed in record numbers and the team at Mobile Mentor was busy with deployments and helping clients migrate their device fleets from legacy tools over to Intune. This was fun work, and we had the privilege of working with some amazing clients like the Mayo Clinic, DHS, and New York Schools. Up to this point, I could not have imagined having 1 million devices on a single Intune tenant, but now we support that and the platform was performing well. Like most large tech deployments, the limiting factor was not the technology, it was the people and processes.
Microsoft really appreciated the work we were doing and in 2021 they awarded us Partner of the Year for Modern Endpoint Management. They also invited us to join the partner advisory council for the Intune product. Now we had insight into the product direction in addition to some influence on the future roadmap.
Living the dream
By mid-2022, we were seeing real-world examples of Intune being used as it was intended, and clients were reaping the benefits of modern management. Windows devices could be provisioned using Autopilot and some clients were getting to the ESD screen in as little as 9 minutes. New machines were being shipped directly to the employees’ homes and the out-of-box experience resulted in the machine lighting up with Bitlocker, OneDrive content, applications installed, Windows Hello enabled, and the devices showing up as compliant in the portal. Now Zero Touch Provisioning was a reality. Some IT people were thrilled, and some were threatened, but nobody could deny this was game-changing after 20 years of manually imaging machines and deploying packages.
And once those machines were configured, the Windows updates were fully automated, some applications were being automatically patched and some compliance actions were automated. The same experience was happening for iOS and Android although this was less surprising as this capability had existed for years.
The rise and fall of Microsoft Endpoint Manager
Microsoft made some interesting moves to combine Intune and SCCM under a single umbrella called Microsoft Endpoint Manager and tried to convince clients that the transition from SCCM to Intune was simple but wisely in 2022, they dropped this strategy and made it clear that SCCM was for on-premises devices and servers, and Intune was for cloud-managed devices. It also become clear that the future was Intune and that is where all the investment and engineering effort was going.
The need for more advanced features
To get modern management working at an enterprise scale, a number of 3rd party products are often required in addition to Intune:
-
App patching is a challenge and many companies rely on tools like PatchMyPC
-
Most IT teams need tools like TeamViewer or BeyondTrust for remote support
-
Sys Admins are grappling with the need to grant admin rights to users
-
Advanced analytics required a tool like NextThink
-
Certificates required additional PKI infrastructure
-
VPN connectivity required additional infrastructure
2023 Advanced Features
Microsoft is hitting each of these pain points with the new releases and I am thrilled to see that the new features will enhance both endpoint security and employee experience.
Endpoint Security Features
Endpoint privilege management
The process of governing privileges, preventing users from exploiting functions beyond their requirements.
Advanced app management
The advanced suite of Intune management features lets you publish, push, configure, secure, monitor, and update mobile apps for your users.
Cloud certificate management
A solution to issue and manage Wi-Fi and VPN certs from Intune to devices not subjugated to on-prem infrastructure.
Employee Experience Enhancements
Advanced endpoint analytics
A built-in feature of Intune with meaningful metrics to help determine the quality of end-user experience.
Remote help
A cloud-based solution for secure help desk connections with role-based access controls.
Tunnel for BYO devices
Expands access to your company resources for devices that can’t or haven’t enrolled with Microsoft Intune.
Conclusion
Once these new features have reached maturity, companies will be able to publish and deploy certificates to their devices, dynamically apply privileged access when needed, and automate their app patching. End users will be able to access company resources securely from a BYO device. Service desk teams will be notified when a device is behaving poorly, or anomalies are detected and they will be able to initiate remote support with the user.
I am excited.
Contact us to learn more about intune
