Today marks a significant shift in endpoint management and security. Microsoft is launching the Microsoft Intune Suite, which unifies mission-critical advanced endpoint management and security solutions into one simple bundle. The new Intune Suite can simplify our customers’ endpoint management experience, improve their security posture, and keep people at the center with exceptional user experiences. Microsoft Security and Microsoft 365 deeply integrated with the Intune Suite will empower IT and security teams with data science and AI to increase automation, helping them move simply and quickly from reactive to proactive in addressing endpoint management and other security challenges.
Microsoft Intune is an industry-leading, unified endpoint management solution that organizations depend on to ensure their devices, operating systems, and apps are up-to-date, protected, and performant. Yet evolving work habits and security threats, tougher economic climate, and growing diversity of devices mean that organizations need more help in reducing complexity. Consider this: in a recent survey, two-thirds of respondents were using more than ten tools to manage and protect their digital estate.1 More individual tools mean more management overhead, more attack surface, and more licensing costs—all things organizations need to reduce.
In this blog, we would like to share three reasons why the new Intune Suite will matter to you:
1. Even better security by reducing attack vectors.
2. Simplification through consolidation and automation of IT and security operations workflows.
3. Savings through lower management overhead and reduced support costs.
We’ll also share some results from our latest survey of nearly four hundred endpoint management and security professionals, which will provide additional context for this new offer.
What is the Microsoft Intune Suite?
First, let’s review what capabilities the Intune Suite offers. These important capabilities have been in development for a while, and you may recall Microsoft announced our plans at Microsoft Ignite 2022 to launch the Intune Suite in March 2023 with an initial set of advanced solutions:
．Remote Help is a tool that will assist helpdesks—especially important as workers are now working away from the office more often. Remote Help is already available for Windows users and will also come to Android and Mac endpoints in future releases. It enables IT helpdesk teams to remotely troubleshoot a user’s desktop and mobile devices based on a user’s existing company identity. The extra Android support will prove particularly useful for managing frontline workers’ devices. Learn more about recent Remote Help updates for Windows.
．Endpoint Privilege Management, in preview in March 2023 and generally available in April 2023, will enable the controlled elevation of Windows standard users so security controls don’t get in the way of productivity. The right users will have the right privileges at the right time, to reduce the security risk of overprivileged users and reduce the burden on the help desk by allowing greater self-serve for basic scenarios, like setting up a local printer. Learn more about Endpoint Privilege Management first release capabilities.
．The Intune Suite also offers advanced endpoint analytics features, data-driven insights that help IT administrators understand, anticipate, and improve the user experience for the staff in the organization.
．There is also Microsoft Tunnel for Mobile App Management, a micro-VPN that connects corporate resources from personal iOS/iPadOS and Android devices, so employees can have access to company resources from their personal mobile devices when duty calls.
．The Intune Suite improves the management of specialty devices, to give employees the flexibility to choose the device they need to get the job done without those devices becoming points of vulnerability.
．Following the March 1, 2023, launch, another capability that will be added to the Intune Suite is advanced app management, offering an enterprise app catalog and controls for easy app discovery, deployment, and automatic updating to mitigate risks introduced by out-of-date apps. Later this year, we will also introduce a cloud certificate management solution to issue and manage VPN and Wi-Fi certificates from Intune to devices without on-premises infrastructure. We will continue to add additional advanced capabilities to the Intune Suite over time, providing more endpoint security, automation, and control of the user computing landscape and experience.
So, why is this important for you now? It goes back to better security, simplification, and savings.
1. Improve security and reduce attack vectors
Even if IT and security organizations are becoming accustomed to supporting and protecting remote and hybrid work, our surveys show there is still much work to be done to improve enterprise endpoint security. Only 43 percent of endpoint management and security professionals said that their organization actively manages more than three-quarters of their endpoints.1 Put another way, 57 percent of organizations do not have visibility or control over a quarter of their endpoints or more. Further, only 37 percent of organizations use patch management, and only 39 percent use Endpoint Privilege Management. As such, there is clearly an opportunity to increase the breadth of devices organizations can manage to have a more complete view of the health and performance of their digital estate. There is also an opportunity to improve the depth of protection offered through more Endpoint Privilege Management and more regular patch updates. This basic “cyber hygiene” is core to the way the suite improves security and is foundational before any Zero Trust initiative can really gain traction.
Security professionals see tighter product integration as a key step. When asked in our survey how they could improve their organization’s endpoint security, “integration” was the top answer. The Intune Suite delivers integration on multiple levels: between the various Intune Suite components, with Microsoft 365, and with other Microsoft Security assets. Better integration means fewer vulnerable spots that could be attacked. Microsoft has learned to be intentional about creating integrated value across its portfolio and with the Intune Suite, we are committed to continue building end-to-end value for users, IT, and security operations.
One extra advantage of using a single vendor for more of your endpoint security needs is that there is one single dataset rather than multiple disparate streams of data. Uniform, consistent data means better security analytics and visibility to potential vulnerabilities and anomalies. You can’t mitigate what you can’t see. Bringing together the data and actionable insights in one place increases your ability to assess, manage, and act on potential risks across your device landscape.
“The Microsoft Intune Suite is going to help us consolidate our endpoint management solutions, saving costs, making our lives easier, and keeping the hospital data secure. I would highly recommend the Microsoft Intune Suite to any organization looking to enhance their security posture.”—Ibrar Mahmood, IT Cyber Security Manager, Milton Keynes University Hospital NHS Foundation Trust.
2. Simplify endpoint management
Many organizations have reported increased complexity within their IT environment over the past few years. This makes sense: smartphones, bring your own device (BYOD), hybrid work, and evolving security threats can all increase complexity. Yet, the response to the current complexity has been to add more point solutions, which is a step backward as more solutions mean more vendor integration requirements, possibly creating additional attack surfaces.
Given other top IT priorities—cloud migrations, lowering costs, AI, analytics, and staff retention—it is understandable why endpoint tools have not been consolidated yet. However, I believe that the simplification and consolidation of endpoint management tools is needed quickly. By choosing the Intune Suite, you can simplify your approach to advanced endpoint management, meaning more bandwidth to focus on other priorities in 2023 and beyond.
Simplification also enables the consolidation of your security vendors—A Gartner® survey reported in September 2022 that 75 percent of organizations are pursuing security vendor consolidation in 2022, up from 29 percent in 2020.2 This not only presents the opportunity to reduce risk and direct licensing costs but saves time and mental overhead in not having to manage so many supplier relationships.
One example of reduced mental overhead: the Intune Suite also simplifies your IT and security operations. One unified admin console means unified workflows. You no longer need to hop from one admin console to the next or stitch together workflows.
We are dedicated to helping organizations use the power and data of the cloud to further automate and orchestrate IT workflows to cut complexity. As Omdia recently put it, when ranking Microsoft a leader, in the Digital Workplace Management/Unified Endpoint Management Platforms, 2023 assessment, “The sheer scale of signals Microsoft has visibility of enables more analytics, automation opportunities, and insights across the endpoint estate than any other UEM vendor.“3
3. Enable cost savings
Many C-suite executives are looking for cost savings in 2023—the Intune Suite delivers multiple ways to save.
First, the Intune Suite reduces the overhead of negotiating and overseeing separate contracts with multiple vendors. It means less integration of work between components and training on different tools. It also means fewer costs from employee downtime due to a security breach and lower IT helpdesk costs through fewer inbound calls and faster resolution of remaining tickets.
National Railway Company of Belgium (SNCB) easily manages more than 21,000 devices with Microsoft Intune. “Intune is a huge success story for SNCB,” says Bouke Stijns, Chief Information Security Manager, SNCB. His team fully containerizes SNCB applications on smartphones so that the company can’t access employees’ personal apps and data. He also appreciates that compliance with the General Data Protection Regulation (GDPR) is built into Microsoft solutions and the Microsoft licensing model, which optimizes the IT budget in an industry that allocates resources to passenger experience rather than IT expenditure. “Our Microsoft license offers an extensive set of security solutions that optimizes budget and reduces the number of vendors we need to coordinate with,” he explains. Read the full customer story.
Second, the Intune Suite bundled list price is lower than the sum of all the individual capabilities of the Intune Suite and delivers Microsoft integrated value greater than the cost and overhead of managing alternative vendor solutions.
The bundle is available as an add-on to any plan that includes Intune, which most customers get through the value of their Microsoft 365 subscription. For added flexibility, the individual solutions within the suite will also be available as standalone add-ons to Intune, so organizations can migrate to the Microsoft solution they prioritize based on their needs.
Additionally, for advanced features that extend the value of Intune beyond core endpoint management functionality—for example, protecting and managing specialty devices or Tunnel for Mobile App Management for unenrolled devices—we are introducing a new plan, Microsoft Intune Plan 2, that you can buy for specific, targeted users.
Learn more about the new Microsoft Intune plans and pricing.
“I’m eagerly awaiting the migration of all our mobile devices to the Microsoft Intune Suite as our core UEM System. Looking into the migration, we just know—due to the work the team and Microsoft put into Intune the last years—that we are making an exciting step forward to an even better reliable and integrated UEM platform for our mobile devices, better preparing us for the future and all challenges that lie ahead.”—Florian Weisenberger, Product Owner Mobile Workplace iOS, Audi.
The net effect of the new, comprehensive Intune Suite, Intune Plan 2, and the single solution add-ons to Intune offer organizations flexible options to plan their budgets, IT and security lifecycle, and vendor contracts in a deliberate and calculated way—with security, simplification, and savings in mind.
In Omdia’s report, they wrote: “Microsoft’s focus is on bringing together this range of mission-critical endpoint and application management and security tools into a single cloud solution. In delivering this integrated set of capabilities, the vendor will help customers simplify how endpoints are managed, strengthen security postures, potentially reduce total cost of ownership, and improve employee experiences.”3
The Intune Suite represents shift change in endpoint security, simplification, and savings. I encourage you to learn more by watching the new Microsoft Mechanics video and visiting our Microsoft Intune Suite page to discover the expanding set of Intune products.
1Endpoint Management Vulnerability Gap, Enterprise Strategy Group. Fieldwork was conducted in November 2022.
2Gartner Press Release, Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022, Gartner. September 13, 2022. GARTNER is a registered trademark and service mark of Gartner, Inc., and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
3Omdia Universe: Digital Workspace Management/Unified Endpoint Management Platforms, 2023, Omdia. December 12, 2022.