Updated on February 28, 2024
Mobile device management (MDM) and mobile application management (MAM) are crucial elements of a Zero Trust security strategy. Organizations of all sizes can benefit from MDM policies and protections from the growing prevalence of remote work-related security vulnerabilities. Only managed devices should be accessing your resources.
Choosing the right MDM solution may seem like a challenge with dozens of vendors providing varying levels of functionality. Further, many vendors don’t integrate identity management, which goes hand-in-hand with endpoint security. However, some solutions, like Microsoft Intune, are bundled with services you don’t want or need and become too expensive with standalone pricing. Even Intune is becoming a product that has multiple add-ons and license step-ups, and some customers have reacted negatively to that approach by Microsoft.
Are you considering Microsoft Intune for your mobile device management needs? This article will provide a quick overview of the provider’s pricing options and features. It will also share a more versatile and open alternative for admins wishing to consolidate their IT stacks.
Summary of Microsoft Intune
Microsoft Intune is a cloud-based platform that allows IT managers to control endpoints, applications, and access to organizational resources. As with most MDMs, Intune covers laptops, tablets, and smartphones. The software also allows employees to use their personal devices for work without compromising network and data security.
Intune is part of several Microsoft 365 (M365) plans, created to help manage the modern workplace where data is kept secure whether on-premise or in the cloud. It’s also available to organizations that have other Microsoft subscriptions that include Entra ID Premium plans.
You can use Microsoft Intune to:
- Manage devices used to access company network and resources
- Isolate organization data from personal data on devices
- Enforce security and compliance standards
- Control access to on-premises servers
- Track and manage remote devices
- Troubleshoot devices
- Manage privileges
Admins typically use Intune in coordination with Entra ID to control access to corporate online resources; Microsoft requires that Entra be used with Intune. As expected, it pairs well with the Microsoft 365 suite of products. Intune works on Windows, Android, macOS devices, and more.
Intune Pricing Options
Microsoft Intune pricing options, without add-ons
Pricing for Microsoft Intune starts at $8.00 per user per month for the base plan. New features are being made available as add-ons or as part of a newer Suite SKU, which may obligate customers to upgrade beyond the license that’s included with their M365 package. A customer that purchases the core capabilities of Plan 1 a la carte could have to pay $8 plus a step-up license. So, the cost of purchasing the Intune Suite per user would become $18/user/month.
Microsoft Intune Plan 1
- Cross-platform endpoint management
- Endpoint security and integrations with Microsoft Defender Products
- Mobile application management
- Basic endpoint analytics
- Microsoft Configuration Manager for co-management of hybrid joined devices
Microsoft Intune Plan 2
Plan 2 is supplemental to Plan 1. It also Includes:
- Microsoft Intune Tunnel, a VPN for mobile devices
- Management for specialty devices
- Android specific firmware-over-the-air (FOTA) updates
Microsoft Intune Suite
- All of the features of Plan 2
- Remote assistance
- Privilege Management for Windows
- Advanced analytics focusing on device health
- Enterprise Application Management
- Cloud based public key infrastructure (PKI) to manage certifications for Intune managed devices
Intune Limitations
Despite being a comprehensive endpoint management solution, Microsoft Intune has some drawbacks, per its customers. Below are the most obvious ones that we see at the time of writing:
- Reliance on using Entra ID and preferential pricing for organizations that go “all in” with Microsoft. The true cost of licensing, implementing, integrating services, and training admins and users can be significant. There’s also the potential for downstream application lock-in and the impacts that may have on an organization.
- The software focuses on securing Microsoft apps, thus locking its users into the Microsoft stack, including Entra ID. Translation: the more Microsoft tools one invests in the less agile they become when new innovations enter the marketplace.
- Intune integrates with other Microsoft products to supplement Entra ID’s authentication and conditional access features, but one price doesn’t mean integrated. Customers end up with an extensive suite of vertically integrated tools, requiring support and expertise.
- Customers have complained about inconsistent and lagging performance.
What People Are Saying About Intune
A recent thread in Reddit’s Intune channel gauged reaction to Intune’s pricing scheme.
Here are what consumers feel about Intune, according to reviews on G2:
Extremely powerful, sometimes hard to get your head around.
“There’s a vast amount of power here to configure your devices, apply conditional access, look after security basics, roll out apps, and generally manage all your devices. We use it for most of its capabilities in some way and it lets you do an awful lot considering it’s built into M365 Business Premium which we have anyway.”
Dev L, Systems Administrator/IT Manager, Mid-Market
Good product, a lot of customization, some weird stuff
“The product is on the market for a long time. In the last three years, it has improved more and more. Now you have the same configuration possibilities as on-premises with AD and SCCM. Some configurations (bitlocker, defender) better.
The OS compatibility is good but could be better. Specifically, the Linux world is a problem. Some configurations have unpredictable behavior. The enrollment process is a nightmare.”
Sandro A, System Administrator, Enterprise
JumpCloud MDM and Endpoint Management Options
The JumpCloud Directory Platform also provides identity and cross-OS device management. JumpCloud is a cross-platform, cloud-based MDM solution that empowers IT admins to manage work devices, users, and access permissions. It provides single sign-on (SSO) for web protocols like SAML and OIDC as well as networking with cloud RADIUS and LDAP.
With JumpCloud, admins can remotely enforce policies like full disk encryption (FDE), disable virtual assistants, and configure system updates all with a few clicks. When a prescribed policy isn’t going to get the job done, JumpCloud also enables IT admins to create and execute their own commands and scripts on all three platforms. It also has passwordless modern authentication, background support tools, automations that increase admin efficiency by streamlining device and identity lifecycle, and options for patch management (and more).
Intune is ideal for devices and environments aligned to Azure and the Microsoft ecosystem. But if you’re looking for a solution that’s next-gen and future-proof with the optionality to adopt best-of-breed technologies, JumpCloud is the optimal choice. It also has a device only SKU for as little as $9/user/month. Admins can bring their own identity from identity providers like Okta. It also integrates with Active Directory to help modernize and security on-premise infrastructure.
There are different pricing options depending on the features you need. You can see the JumpCloud pricing here.
Click here to read an in-depth comparison on JumpCloud vs. Intune.
What People Are Saying About JumpCloud
Here’s what consumers have to say about JumpCloud:
Personal Take on the IT Game Changer
“Its multi-factor authentication feature, which consistently receives high ratings for its robustness and reliability. This level of security assurance is crucial for organizations prioritizing the safeguarding of their resources and user identities. Users also appreciate the platform’s seamless single sign-on capabilities, which streamline access without compromising security.”
Sebastián C., Cloud Security Engineer
One of the Best Products Out for Easily Integrating LDAP and RADIUS Authentication
“I’m a Huge Fan of the Microsoft 365 Integration for RADIUS. This has been a huge help for meeting compliance requirements without having to deploy on-premise servers. I’m also really impressed with the Two-Factor Authentication capabilities, which enable us to have 2FA for both Users and Administrators when authenticating via RADIUS to our Wireless Networks or when Admins need to administer a Switch, Firewall, etc.”
Andrew M, Trust Solutions Group (TSG) Sales Engineer, Small-Business
Great Solution for Mac Heavy Businesses
“This solution is fantastic for the Mac heavy businesses. There are plenty of policies to be able to secure devices, push out updates, and remotely manage the machines. The touchless deployment for the Mac OS works perfectly for our business needs to let a new hire employee auto-enroll a Mac machine before even accessing any company resource. Payloads are easy to configure and very easy to assign to device groups. Also very glad this supports Linux as well with more configuration policies than other UEM solutions.”
Daniel L., IT Support Engineer, Mid-Market
Demo JumpCloud for Free
Intune and JumpCloud both offer benefits to IT departments with respective strengths and weaknesses. However, as we’ve discussed in this comparison, JumpCloud can be less expensive and more versatile for those managing heterogeneous environments.
Rather than purchase multiple solutions with Entra ID (e.g., Intune, AD, Entra ID DS, Entra ID Connect, Azure MFA, Azure VPN, and more), why not leverage one cloud-based platform to cover identity and access management and control your systems?
Signing up for a fully functional demo of the JumpCloud platform is completely free.