Let’s be real: Homebrew is amazing. It’s the missing package manager for macOS that every developer loves. However, in an enterprise environment, Homebrew can also be a security nightmare waiting to happen. World-writable binaries? Third-party taps from who-knows-where? Supply chain attacks through git remote hijacking? Yeah, that’s exactly what keeps security teams up at night. […]
Category: MDM
How to Update Your Apple Account When Your Organization Reclaims the Domain
Your Work Email Can’t Be Your Apple Account Anymore: Here’s What to Do A step-by-step guide to updating your Apple Account when your organization reclaims their domain So you just got an email from Apple telling you to change your Apple ID email address, and you’re wondering if it’s a scam.. It’s not. Your organization […]
Don’t Let Personal Apple Accounts Hijack Your Domain: The Complete Guide to Apple Business Manager Domain Capture
A deep dive into domain lock, domain capture, and managed Apple accounts for IT administrators Picture this: you’re the IT administrator for a large organization, and you’ve just discovered that over 5.000 employees have created personal Apple Accounts (Apple IDs) using their work email addresses. Their vacation photos, music libraries, health data, and app purchases […]
macOS Security with Intune – From Basics to Bulletproof
Letās be realāābulletproof securityā sounds cool, but in the world of cybersecurity, itās more of a myth than a reality. Threats evolve faster than we can patch things, and thereās always a clever hacker out there looking for a way to crack your macOS Security. The goal here isnāt perfection; itās about staying ahead of […]
macOS App Deployment with Microsoft Intune: An In-Depth Guide
In today’s modern workplace, where macOS is becoming more popular, the ability to deploy and manage applications is crucial. Microsoft Intune offers powerful and versatile solutions for managing macOS applications, enabling organizations to automate the deployment process, enforce security policies, and provide centralized management. Introduction to macOS App Deployment with Microsoft Intune This guide aims […]
Managing macOS with Intune: Into the belly of PLIST files
Most of my blogging journey has been all about Microsoft Intune and Windows devices ā But hey, change is the spice of life, or so they say. So, this year, I decided it’s time to mix things up a bit. I’ve jumped on the macOS bandwagon, got myself a shiny new Apple device, and have […]
Uninstall ESET Endpoint Security with Intune Proactive Remediations
This is going to be a short blogpost showing you how to uninstall ESET Endpoint Security with Intune Proactive Remediations. I was working on a project where the customer had Windows 10 and Windows 11 devices enrolled with Microsoft Endpoint Manager (Intune) but still used ESET Endpoint Security. One of the requirements was to migrate […]
Conditional Access policies in Report-only Mode. Now what?
Conditional Access policies in Report-only Modeā¦Now what? Conditional access policies in Report-only mode allow you to evaluate the impact of Conditional Access policies before you enable them. For instance, you can see conditional access policies in Report-only mode in the Azure AD sign-in logs, but thereās more to it and thatās what this post is […]
Blocking access to Microsoft 365 outside the Android for Work Profile with Endpoint Manager
This post is about blocking access to Microsoft 365 outside the Android for Work Profile with Endpoint Manager. After seeing a question on techcommunity I thought I might as well do a quick post on this topic. Please note: Normally you would block access to Microsoft 365 resources by using a combination of device compliance […]
What Zombies can teach you about Security Baselines
This month, we had a company event at Rapid Circle and I did a presentation about Security Baselines vs Endpoint Protection templates vs Settings Catalog vs device configuration policies. Yeahā¦ thatās a mouth full. For a change, I didnāt want to do a technical deep dive, but instead, talk more about some best practices and […]