Choosing mobile device management (MDM) and mobile application management (MAM) solutions for your company can be challenging. With 'bring your own device' (BYOD) on the rise, MDM plays a crucial role in controlling corporate data on devices by configuring accessibility policies and data security. Here, the eternal dilemma arises: Should you go with Microsoft System Center Configuration Manager (SCCM) or Microsoft Intune? Both solutions are parts of Microsoft Endpoint Manager – a single, integrated platform for managing all the endpoints in the organization.
Intune is a cloud-based solution that allows you to manage company-owned and personal devices, while SCCM is a more traditional on-premises solution. Let's look at both solutions, evaluating their pros and cons.
What is SCCM?
According to Microsoft, "SCCM is an on-premises solution to manage desktops, servers, and laptops that are on your network or internet-based." Originally released in 1994, now part of Microsoft Endpoint Manager (MEM), it focuses on managing Windows devices across the enterprise (300+ devices).
SCCM's functionality includes:
OS and applications deployment
Integration with Microsoft 365 (co-management)
Endpoint security (by managing the Windows Defender suite) etc.
Perfect for complicated application installations
Ideal for large companies with complex IT infrastructure
Fixed-price with unlimited usage
Operating System Deployment
Various patch management features.
Configuring and maintaining SCCM can be intimidating for staff. Without proper experience, it might be more trouble than it's worth.
As the setup process is on-premises, it isn't easy for large companies to update software without cloud integration via Cloud Management Gateway (CMG).
Limited support of non-Windows devices (Linux, macOS) due to cross-compatibility issues.
Partial support of third-party applications and patch deployment can be confusing and time-consuming.
SCCM can bring about more costs compared with Intune. Maintenance and operational costs are high because SCCM requires SQL servers to run.
What is Microsoft Intune?
Microsoft identifies Intune as a "cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM)." Being a cloud-based application, Intune has a simpler architecture than SCCM because it does not require on-premises infrastructure to operate. One of the main aims of Intune is to create a secure work environment by controlling device usage and designing customized access policies for devices, including BYODs. Intune can separate corporate data from employees' personal data on BYODs, which is convenient as they will no longer need several devices. Moreover, with Intune, it's easy to make sure that all devices are compliant with enterprise requirements.
Intune's additional features are:
Patch management (via Microsoft Update for Business).
Control of Windows Defender Antivirus.
Cloud-based service: Device enrollment, management, and control, all managed via a centralized online portal, with no physical servers needed.
Perfect for smaller application installations.
Mobile device management.
Policies to manage the company's security settings (Conditional access).
Auto-provisioning of systems (Windows Autopilot).
Integration with other features from the Enterprise & Mobility Suite.
No support of server-side applications.
Not intended for large applications.
Paid subscription model: The fee depends on the volume of used data; for this reason, it's challenging to plan operational costs.
No OS updates for non-Windows devices.
Despite the availability of wipe and retire commands, it's impossible to track the device.
Fixed dashboard with no possibility to customize.
SCCM vs. Intune - Overview
Subscription (price depends on the used data)
Supports updates, patches, and software
Support updates, patches, and software
No physical server is need - requires Internet access
Local SQL servers
Microsoft Intune and System Center Configuration Manager offer various features, but it's up to you to decide which best suits your business. Intune is a cloud-based solution accessible anywhere, making it perfect for remote workers. As a result of the ongoing COVID-19 pandemic, employees are working outside of protected corporate networks, using their own devices, and thanks to Intune, the corporate data is safeguarded. Furthermore, Intune supports limited monitoring and managing of non-Windows systems. SCCM is a potent tool that can manage a variety of endpoints and has rich functionality. However, it can be complicated to work with and expensive.