News
Microsoft Expands Intune Suite Capabilities to M365 E3 and E5 Plans
Microsoft is bringing advanced endpoint management capabilities from its Intune Suite directly into Microsoft 365 E3 and E5 subscriptions, the company announced this week, expanding access to tools designed to help organizations scale device management and strengthen security postures.
The move addresses growing challenges IT teams face as device inventories become larger, more diverse and widely distributed. Organizations are expected to keep systems protected and compliant while operating with limited budgets and defending against increasingly sophisticated threats.
"Intune Suite makes managing 10,000 or 40,000 devices effortless through automation and unification," said Roman Kleyn, head of workplace design at Krones AG. "The capacity to scale effortlessly while simplifying processes has led to more efficient updates and quicker incorporation of new assets."
Microsoft will add several capabilities to Microsoft Enterprise Mobility and Security E3, which extends to Microsoft 365 E3. These include Intune Remote Help, Intune Advanced Analytics, Microsoft Tunnel for Mobile Application Management, specialty device management and firmware updates.
For Microsoft 365 E5, the company is adding Intune Endpoint Privilege Management, Intune Enterprise Application Management and Microsoft Cloud PKI to unify advanced security and device management.
The expansion comes as Microsoft integrates AI more deeply into endpoint management. The company launched Security Copilot agents in Intune at Microsoft Ignite 2025, enabling IT teams to use natural language for complex tasks and receive AI-powered insights for decision-making.
Security features address growing threats. Microsoft's 2025 Digital Defense Report found that 79 percent of ransomware attacks involved remote management tools on endpoints, highlighting the need for Zero Trust controls and least-privilege access.
Endpoint Privilege Management enables organizations to provide elevated access only to approved apps or services through just-in-time elevation. The feature maintains productivity without compromising security by mitigating risks associated with local admin privileges.
Remote Help allows IT teams to support and fix issues remotely with full auditability. "Remote Help closed the gap that we had for remote management," said Michael Meier, senior system administrator at Krones AG. "Now we have an enterprise-compatible solution with audit logs, allowing us to see what's happened, who is connected to whom, etc."
Advanced Analytics offers AI-powered anomaly detection to identify device health issues and digital friction proactively. Enterprise Application Management streamlines app deployment and updates through a curated catalog of more than 1,000 prepackaged applications.
Microsoft Cloud PKI allows IT departments to streamline certificate lifecycle management and reduce dependency on on-premises infrastructure. The tool helps prevent phishing and mitigate risks through certificate-based authentication to Wi-Fi and VPN services.
The changes complement recently announced Windows resiliency and security capabilities being added to Windows Enterprise E3, including quick machine recovery with enterprise-level controls and Windows Autopatch update readiness features.
Microsoft 365 E3 and E5 customers will automatically receive the Intune Suite capabilities. Admins of eligible organizations will receive a Microsoft 365 admin center notification 30 days before the changes take effect in 2026.
The Intune Suite was first introduced in 2023 as a bundle of add-on capabilities for Microsoft's endpoint management solution. Since then, Microsoft has steadily expanded the suite's features and moved toward deeper integration with core Microsoft 365 offerings.