Intune: New E3 & E5 Feature Unlocked

Key insights

• Intune Suite included in Microsoft 365 E3/E5
  Microsoft now bundles the full Intune Suite into Microsoft 365 E3 and E5 starting in 2026, adding advanced device management and support features that used to be separate add‑ons.
• $3 per user/month price change
  Microsoft raises E3 from $36 to $39 and E5 from $57 to $60 per user per month (effective July 2026) to reflect the added Intune capabilities.
• Licensing simplification
  IT teams can treat Microsoft 365 E3/E5 as the full Intune platform, reducing separate Intune‑suite licensing steps and lowering friction for rollouts.
• Remote Help becomes standard
  Built‑in Remote Help lets help desks deliver secure, policy‑aware remote support without extra VPNs; admins can deploy and manage it from Intune like other apps.
• Stronger Zero Trust support
  New built‑in controls—like Endpoint Privilege Management, Advanced Analytics, and Cloud PKI—help enforce least privilege, improve visibility, and support certificate lifecycle in a Zero Trust model.
• Recommended next steps for IT
  Review your tenant licenses, test Remote Help and Cloud PKI in a pilot, update endpoint policies, and adjust budget forecasts for the $3 monthly change.

Introduction

In a recent YouTube video, Andy Malone [MVP] explains a major licensing and capability shift from Microsoft that affects endpoint management across many organizations. He reports that Microsoft is folding the Microsoft Intune Suite into the baseline of Microsoft 365 E3 and Microsoft 365 E5, and he walks viewers through the practical consequences. This article summarizes his coverage, highlights important tradeoffs, and outlines the technical and operational challenges teams should expect.

Malone’s walkthrough is practical and demo-driven, showing steps like setting up the suite, licensing users, and deploying support tools. He demonstrates features such as Remote Help, the MDM Remote Tunnel Gateway, and Cloud PKI, and he explains how these pieces integrate with common IT operations. As a result, the video provides both a big-picture view and specific configuration insights.

What Microsoft Is Changing

According to the video, Microsoft will include the full Intune Suite as part of the core feature set for Microsoft 365 E3 and Microsoft 365 E5 in 2026, which adds higher-tier management and security tools to those subscriptions. Malone clarifies that features previously sold as add-ons—like Intune Plan 2, advanced analytics, and Remote Help—are now part of the standard offering. He also notes that Microsoft 365 E5 gains extras such as Endpoint Privilege Management and enterprise app controls.

However, the change comes with a pricing update: a modest per‑user increase that Microsoft frames as a rebaseline for added value. Malone emphasizes that the net effect is to lower licensing friction for organizations that already use E3/E5, while shifting the budgeting conversation toward a slightly higher baseline subscription cost. Therefore, IT leaders must weigh immediate budget impact against simplified licensing and richer built‑in capabilities.

Why This Matters for IT and Security

First, including advanced Intune capabilities by default removes a common cost barrier that prevented wider adoption of modern endpoint controls. Malone explains that because tools like Remote Help and Endpoint Privilege Management become standard, helpdesks can offer faster and more secure support, and security teams can implement least‑privilege policies more broadly. Consequently, organizations can accelerate Zero Trust practices across their device estate.

Second, built‑in analytics and certificate management simplify lifecycle and compliance workflows, which is particularly useful for larger estates where manual processes create risk. Malone shows how Cloud PKI can centralize certificate issuance and renewal, reducing friction for app and VPN authentication. Yet he warns that feature availability does not remove the need for governance and monitoring to keep systems secure and compliant.

Tradeoffs and Challenges

Despite clear benefits, Malone highlights several tradeoffs that administrators must consider before treating the change as an immediate win. For example, while licensing becomes simpler, migration and rollout still require planning, training, and potentially tooling updates, and these front‑loaded costs can slow adoption. In addition, some organizations may face integration challenges with legacy systems or third‑party security tools.

Moreover, operational complexity can rise even as licensing simplifies because teams must reconcile policy frameworks, adjust support processes, and validate that automation behaves as expected at scale. Malone stresses that testing in controlled environments, staged rollouts, and updated runbooks are crucial steps. Ultimately, the move shifts the burden from license justification to disciplined implementation and change management.

Implementation Considerations

Malone’s demo sequence offers practical guidance that administrators can use to get started quickly, such as configuring suite licenses in the tenant, deploying Remote Help to pilot groups, and validating user experience flows. He recommends beginning with a limited pilot that includes helpdesk staff, security analysts, and a sample of end users so teams can refine policies and train support technicians before broad rollout. Consequently, this approach helps reduce risk while giving stakeholders hands‑on experience.

Finally, Malone points out that monitoring and reporting must be part of any rollout to measure impact and tune policies over time, and he encourages integrating Intune telemetry into existing dashboards. He also suggests revisiting endpoint and identity controls to align with Zero Trust goals, since these new capabilities are most effective when combined with conditional access and identity hygiene. By balancing speed with careful testing, organizations can turn this licensing change into a meaningful operational upgrade.

Keywords

Intune feature E3 E5, Microsoft Intune update E3 E5, Intune licensing change, Intune premium features, Endpoint Manager E3 E5, Conditional Access Intune, MDM Intune E3 E5, Microsoft 365 Intune benefits