Microsoft Intune

Microsoft Intune is a cloud-based service that provides mobile device management (MDM) and mobile application management (MAM) for organisations.


Intune is included in Microsoft's Enterprise Mobility + Security (EMS) and Microsoft 365 suites, and enables users to be productive while keeping organisational data protected. It integrates with other Microsoft services to control who has access, and what they have access to. It lets organisations control features and settings on Android, Android Enterprise, iOS/iPadOS, macOS, and Windows 10 devices.


Intune can be used to create and check for compliance, deploy apps, features, and settings to your devices using the cloud. 

Manage personal and corporate devices

Custom levels of control unique to your needs

Improved end-user experience


Intune provides the ability to manage devices using an approach relevant to each business. For organisation-owned devices, there may be a desire to have full control on the devices, including settings, features, and security. In this approach, devices and users of these devices “enrol” in Intune. Once enrolled, they receive rules and settings through policies configured in Intune – for example, IT admins can set password and PIN requirements, create a VPN connection, set up threat protection, and more. 


For non-organisational owned devices such as personal devices or bring-your-own devices (BYOD), users may not want their organisation administrators to have full control. In this approach, users may enrol their devices if they want full access to organisation resources. Or, if users only want access to email or Microsoft Teams, then administrators can use app protection policies that could require extra security (such as multi-factor authentication) to use these apps.


When devices are enrolled and managed in Intune, administrators can: 

  • See the devices enrolled, and get an inventory of devices accessing organisation resources. 
  • Configure devices so they meet security and health standards. 
  • Push certificates to devices so users can easily access Wi-Fi network, or use a VPN 
  • See reports on users and devices that are compliant, and not compliant. 
  • Remove organisation data if a device is lost, stolen, or not used anymore. 


As Intune is a cloud-based product, to take advantage of it, you need to have a subscription to Intune and the relevant licenses. Licenses to Intune can be obtained in a number of ways, from purchasing it as a stand-alone Azure service, to purchasing it within a bundle such as Microsoft 365.


Once access to Intune is available, organisations need to start planning of which features of Intune to utilise. Configuration of the environment can then take place and devices enrolled. To help understand the features and how to utilise them, it’s best to test out and trail these features before rolling it out to all users or devices.  


With the evolution of technology, there has been a rapid shift to mobile computing in the last decade. Today’s mobile devices carry the same computing power as yesterday’s desktops. In an ever-increasing portfolio of devices, capabilities, applications and features, organisations are increasingly challenged to provide modern IT services whilst maintaining the highest levels of security and data protection. 


Smaller organisations or organisations with a cloud first strategy are also challenged in utilising cloud based device management systems that can protect all different types and makes of devices. Having a single product not only simplifies administration, but common policies can be applied all device types and new product features and capabilities are integrated into the platform by Microsoft.   


With Intune, you can: 

  • Choose to be 100% cloud with Intune, or be co-managed with Configuration Manager and Intune. Your ConfigMgr client licenses are included with Intune. 
  • Set rules and configure settings on personal and organisation-owned devices to access data and networks. 
  • Deploy and authenticate apps on devices — on-premises and mobile. 
  • Protect your company information by controlling the way users access and share information. 
  • Be sure devices and apps are compliant with your security requirements. 
  • Provide support for personal devices or a BYOD policy 
  • Control features and settings on Android, Android Enterprise, iOS/iPadOS, macOS, and Windows 10 devices 
  • Use Autopilot to onboard new Windows 10 devices 

Case studies

Related resources