Mobile Device Management With InTune Questions

Hi GrahamCarter,

I am not a licensing expert but you could use the following website to check which license fits your goals. http://www.M365maps.com.

My advice is to migrate your devices to Azure AD Joined and use Intune for your configuration. You could also consider using passwordless authentication on your device so your user doesn't have to change their password anymore. 

Another option is to configure Self-Service-Password-Reset, so your users can reset their password via internet, but you need an Azure AD P1 license.

Enable Azure Active Directory self-service password reset - Microsoft Entra | Microsoft Docs. 

With a Azure AD P1 license are you also able to use Conditional Access and enforce your users to use only the Outlook app on mobile devices.

To answer your question.

• Our circumstances covered, would Intune be the logical solution.

Intune would always be a logical solution in my opinion, so you can manage your devices outside your office but you have to change configurations and the way to manage your devices. Also, my advise is consider to change your password policy and don't change your password every 90 day anymore but use passwordless authentication or use a password phrase with a minimum of 30 characters and change only when needed.

• Prices?

For a Small company with just over 100 user, I would give you the advice to M365 business Premium. This license includes Intune, Azure AD P1 and Office 365.

Microsoft 365 Business Premium | M365 Maps

You can check the pricing of the license on the Microsoft website if you know which license you want to use. for M365 BP you can use the following link: Microsoft 365 for Business | Small Business | Microsoft 365

• Presume there our options for both managed devices and byod ?

Intune can manage BYOD and managed device as well. 

Hopefully this helps you. 

Kind regards,

Rene