Why Can’t We Use Intune for Network File Shares?

It sounds like your MSP might just be trying to upsell you on services. Generally, if you're only looking for file storage without the typical capabilities Intune provides, they might be steering you incorrectly. Instead of using an Azure VM just for file shares, consider if Azure File Sync or real compliance requirements justify this step. You're basically duplicating what you have and paying more without clear benefits. Really weigh whether this setup is necessary.

Just to add some context, if you're moving your file share to Azure because your existing server is outdated, it's valid. But you're right to question why Intune can't be integrated. Intune isn't designed for file shares; it’s more about device management. You might want to check if Azure File Sync could be a better fit for your large files instead of solely relying on VMs.

Honestly, Intune and file shares are pretty separate entities. Intune is mainly for managing devices and apps, while file shares are about storage. If you're reliant on big file storage, Intune isn't going to fit your needs and that’s why your MSP might be suggesting DUO instead for MFA—because it's reliable across your files and applications, unlike what Intune can offer.

There's definitely confusion here! WHfB (Windows Hello for Business) is indeed tricky with Azure VMs. If you're going with a Windows Server on Azure, you won't leverage WHfB like you do for regular M365 services on workstations. DUO seems to be a more flexible option for your MFA needs, especially if you need secure access both locally and remotely. Intune and large file shares often don’t mesh well due to their different use cases, so your MSP’s recommendation might come from those limitations.