Magic Quadrant for UEM 2019.

Microsoft Intune for Unified Endpoint Management Leads in Gartner’s UEM Magic Quadrant 2019

When vision and capability are combined, magic happens. Perhaps that’s why the research company called their visual assessment the Magic Quadrant: it places companies on a scale measuring their completeness of vision with their ability to execute, and then gives them a label of a niche player, challenger, visionary or leader depending on where they fall. Microsoft has landed into the leader quadrant, as it often does, scoring the highest of all the companies on the ability to execute axis.

Microsoft Intune is Enterprise and Education Ready

Much of the reason for Microsoft’s magical growth is the dramatic improvements it has made for Intune over the past year. Four categories, in particular, have evolved quickly and well: availability, scale, performance, and engineering agility. Microsoft set specific goals to improve quality ratings in these areas, and the changes they made brought remarkable improvement. The following chart shows the Service Level Objective of Intune going from 99% to 99.999% over the course of 2018.


Diagram shows increased service availability of Microsoft Intune in 2018.


Virtualization-Based Security (VBS)

Various reports make it increasingly clear that Microsoft has also grown rapidly in security capabilities. VBS uses hardware virtualization features to abstract portions of the operating system into independent components that are completely isolated from each other. Windows can then host a number of security solutions here, providing better protection from vulnerabilities in the operating system. We can thank a group of “guards” responsible for this protection:

  • TPM 2.0: The Trusted Platform Module (TPM) is a hardware chip integrated into a computer’s motherboard. It provides the basis for generating, storing, and using cryptographic keys. It’s also a necessary foundation to take advantage of VBS.
  • Windows Defender Credential Guard: This uses virtualization security to block “pass-the-ticket” attacks. When enabled, signed-on credentials will not work.
  • WD Device Guard: Beginning with version 1709 of Windows 10, Windows Defender Device Guard is split into two features that work together to ensure that a device can only run trusted applications. Exploit Guard offers a new set of prevention capabilities for host intrusion. Application Guard makes use of an isolated Hyper-V instance separate from the operating system so that no untrusted site is able to reach the host PC.

Azure Active Directory (Azure AD) Conditional Access

Conditional Access helps keep an optimal balance between convenience and security. Since today’s users often want to sign on to apps and services from a variety of locations, Conditional Access uses contextual metadata to provide controls that give additional security when needed and transparent access when not. It can also use device risk profiles for identity and access management. This means sophisticated behind-the-scenes security that users don’t have to be bothered with any more security prompts than necessary.

Microsoft Defender ATP (MD ATP)

Microsoft Defender’s Advanced Threat Protection (formerly WD ATP) is now a leading antivirus on the market–further catapulting Microsoft into Gartner’s top quadrant. Windows Defender itself received a perfect score in AV-TEST’s two-month evaluation. MD ATP is essentially Windows Defender on steroids, blocking virtually all know ransomware-based attacks and file-less drive-by attempts.

As with all babies developing into successful leaders, it’s exciting to watch Microsoft’s incredible growth over the past year. One can only imagine the level of security and capability that the company will continue to bring its customers. Bring on the magic!

Closing Thoughts on Intune for UEM

Under the leadership of Satya Nadella, Microsoft has seen a renaissance in AI and ML backed cybersecurity initiatives that are unmatched by any other commercial vendor in the world. In August 2019, Microsoft completed a hat-trick taking the leadership role in three major Gartner Magic Quadrants. Take a look at the other areas that Microsoft has placed in the top 3 on Gartner’s MQ over the past year:

We used to pitch Microsoft 365 as a best-of-breed platform opposed to a best-of-breed service. In the past year, Microsoft has closed the gap on most of its competitors and it now holds to title for both areas. The largest complaint we’ve had about Microsoft services from our clients over the past year is: how do we automate more? With recent additions like Azure Sentinel, Microsoft is continuing to show its dedication to cross-platform execution. If you haven’t taken a serious look at consolidating on the Microsoft cloud security stack, we encourage you to submit a request below to sign up for a free Microsoft 365 licensing assessment.

Leave a Comment