Microsoft Intune explained: A leader in unified endpoint management

In today’s multi-device, work-from-anywhere world, unified endpoint management (UEM) is crucial for efficiency and security, providing a “single pane of glass” for managing mobile, desktop, and cloud environments. Microsoft Intune is a leading example of a UEM product that has continuously expanded to meet IT’s evolving needs.  

What is Microsoft Intune?

Microsoft Intune is a suite of management tools that are the core of Microsoft’s UEM strategy as well as part of Microsoft 365’s broader technology stack. The company’s goal is to simplify managing mobile devices and applications, PCs, and other devices — and to reduce complexity and cost for IT teams.

For example, Intune’s mobile device management (MDM) capabilities are built to allow IT administrators to enforce security policies, remotely wipe devices, and manage configurations across heterogeneous platforms. Its mobile application management (MAM) features are designed to help businesses manage applications on both corporate and personal devices — enabling deployment, updates, and retirement of applications — and to protect corporate data within apps, preventing data leaks without disrupting user experience. (Download our 2025 UEM vendor comparison chart for a comprehensive list of capabilities in Intune and its main competitors.)

Today, Intune leverages artificial intelligence (AI) and automation to enhance UEM security, improve end-user experience, and simplify operations.

Intune through the years

If you’re having a hard time keeping track of Microsoft’s UEM strategy, you’re not alone. What began as Windows Intune in 2010 evolved — and survived an identity crisis — to land where it is today as arguably the leader in the UEM market.

When Intune first arrived, companies were still in the throes of figuring out how to manage the sudden onslaught of devices accessing corporate data and networks — fallout from the bring-your-own-device (BYOD) trend that took off after the release of Apple’s iPhone in 2007.

To address the emerging enterprise mobility management (EMM) needs of businesses, Microsoft launched its Intune cloud service in 2010 and added numerous mobile management features in subsequent years. In 2019, Microsoft decided to combine its Intune UEM platform with its longstanding Configuration Manager (ConfigMgr) on-premises management platform, enabling users to access both through a single interface and rebranding the combined service as Microsoft Endpoint Manager. A few years later, in 2022, the service was rebranded back to Microsoft Intune, and the next year Microsoft released the Intune Suite, which consolidated its endpoint management and security solutions to streamline protection for both cloud and on-premises endpoints. 

The timeline below shows the many self-imposed twists and turns of Microsoft Intune.

How Windows Intune became Microsoft Intune, then became Microsoft Endpoint Manager, and then became Microoft Intune again.Foundry

Why Intune is a UEM leader

Microsoft’s UEM strategy revolves around simplifying management with a cloud-first approach and reducing complexity and cost for IT teams by leveraging AI and automation to enhance endpoint security, improve end-user experience, and simplify operations. This jibes with Gartner’s forecast for the UEM market. The research firm predicts that by 2029, more than 50% of organizations will adopt autonomous endpoint management (AEM) capabilities within advanced endpoint management and digital employee experience (DEX).

Driven by corporate mobile device programs, hardware management has been shifting away from a Windows-dominant world to one that is increasingly diverse and includes iOS, Android, and macOS devices. As more worker tasks are carried out on mobile devices, the momentum behind UEM, and its capability to manage all user-facing devices from a single console, continues to grow.

While it’s a competitive market, Microsoft is widely recognized by experts and analysts such as IDC and Gartner as a leader in the UEM sector. According to IDC’s 2024 MarketScape for Worldwide UEM Software report, Microsoft is a leader in the category. The research firm notes that an important trend in UEM is the need account for “unmanaged” devices, specifically through mobile application management (MAM) features that secure corporate data and apps without full device enrollment.

Intune’s integration with other Microsoft services is an advantage it has over competitors. For example, it’s designed to work seamlessly with Azure Active Directory.

Microsoft Intune is designed to allow you to manage your organization’s devices and supports Android, Android Open Source Project (AOSP), iOS/iPadOS, Linux Ubuntu Desktop, macOS, ChromeOS, and Windows client devices.Microsoft

How to get Microsoft Intune and what you’ll pay for it

Microsoft Intune is a standalone product, but it is also included with certain Microsoft 365 plans. While Basic Mobility and Security is part of the Microsoft 365 plans, it’s a separate, free feature set and is not a full version of Intune. The following versions of Microsoft 365 include the complete version of Intune:

Microsoft 365 Business Premium 

Microsoft 365 Firstline 3          

Microsoft 365 Enterprise E3                 

Microsoft 365 Enterprise E5                 

Microsoft 365 Education A1                 

Microsoft 365 Education A3                 

Microsoft 365 Education A5                 

Enterprise Mobility & Security E3       

Enterprise Mobility & Security E5 

As a subscription service, Microsoft charges companies on a per user/per month basis in three tiers, which can also be purchased as standalone licenses or in bundles with other Microsoft products. The most common pricing is based on a per-user, per-month model with an annual commitment and breaks down as follows:

Microsoft Intune Plan 1: This core plan includes essential endpoint and application management features. It costs $8 per user per month.

Microsoft Intune Plan 2: This is an add-on to Plan 1, providing advanced capabilities. It costs $4 per user per month.

Microsoft Intune Suite: Bundles all features from Plan 1 and Plan 2, along with additional advanced security and management solutions. It costs $10 per user per month as an add-on to Plan 1.

Additional information on Intune pricing

Add-ons: Advanced features such as Remote Help, Endpoint Privilege Management, and Endpoint Analytics can also be purchased as individual add-ons.

Free Trial: Microsoft offers a 30-day free trial with 100 user licenses, allowing organizations to test the service before committing to a purchase.

Device-only licenses: There are also device-only subscriptions available for specific use cases like kiosks or shared devices that are not tied to a particular user.

Looking ahead: Intune in development

What’s next for Intune? According to Microsoft, these features are currently in development for Intune and will likely be available in 2025:

Microsoft Intune Suite: A new dashboard for endpoint privilege management (EPM) is in design and will provide insights into user status and file elevation trends. EPM will also support Azure Virtual Desktop single-session virtual machines.

App management: Intune app protection policies for Apple’s  iOS/iPadOS will allow blocking data sync from policy-managed app data to app widgets, enhancing data protection, according to Microsoft.

Device management: New Microsoft Graph permissions for API calls to device management endpoints will require updates to tools and scripts should be available in August. Remote wipe actions will support multiple administrative approvals. Intune Device control policy will support devices managed by Microsoft Defender for Endpoint.

Monitoring and troubleshooting: Improved declarative Apple software update reports will offer near real-time details on update failures, pending updates, and installation status.

Significant Intune notices

Updates to the latest Intune App SDK and App Wrapping Tool for iOS will be required to support iOS/iPadOS 26 and ensure continued app protection policy enforcement. Apps will need to be registered with Microsoft Entra.

Intune will move to support iOS/iPadOS 17 and later, and Android 10 and later for user-based management methods, with Microsoft expected to drop support for older OS versions.

Updates are coming for strong mapping for SCEP and PKCS certificates to address elevation of privilege vulnerabilities.

New standalone settings for blocking screen capture, Genmojis, and Writing tools in Apple Intelligence will be introduced.

7 keys to UEM success
>To be successful, any comprehensive UEM system needs to integrate with client management tools and meet the following objectives, according to Gartner:

>
Provide a single console to configure, manage, and monitor traditional mobile devices, PCs, and device management of IoT assets.
Unify the application of data protection, device configuration, and usage policies.
Provide a single view of multi-device users for better end-user support and to gather detailed workplace analytics.
Act as a coordination point to orchestrate the activities of related endpoint technologies such as identity services and security infrastructure.
Use AI and machine learning to automate tasks, proactively fix issues, and reduce the need for human intervention.
Be tightly integrated with digital employee experience (DEX) tools. This involves monitoring and analyzing telemetry from endpoints, apps, and networks to measure and improve the user experience
Integrate with endpoint security platforms (EPP) and endpoint detection and response (EDR).

This article was originally launched in September 2018 and most recently updated in August 2025.

Related reading:

What is UEM? Unified endpoint management explained

UEM buyer’s guide: How to choose the right unified endpoint management platform

Download our UEM vendors comparison chart