Microsoft and Apple just made the macOS onboarding experience a lot cleaner. With the new “Enable Registration During Setup” setting in Intune, Platform SSO registration can now happen directly during Automated Device Enrollment (ADE). That means: ❌ No more post-login popup asking users to register their Mac for […]

We spend months hardening endpoints – baselines, compliance, Conditional Access.Then we leave years of sensitive data sitting in Downloads. Cleanup has no owner in most environments. It runs on neither a schedule nor a strategy. The result is predictable: disks fill up, profiles bloat, and endpoints quietly accumulate […]

One of the most common challenges when implementing Conditional Access with “Require compliant device” is fear. Because of this, many organizations delay enforcing compliance for years.But it doesn’t have to be that way. A simple approach is to introduce compliance in phases, starting with visibility and moving towards […]

Managing macOS privacy permissions in enterprise environments can quickly become complex. Permissions such as Screen Recording, Full Disk Access, Accessibility, Camera, and Microphone require properly configured PPPC profiles — and creating those manually can be time-consuming and error-prone. That’s why I built PPPC Builder: a lightweight web tool […]

Introduction In our first article, we explored the concept of the AI PC and what it means when language models move onto the device itself.  Now we take the next step. Because if AI is a new runtime, where should it run? In the cloud, on the device, […]