Sponsor
Keep your apps up to date and your Macs secure with Alectrona Patch
With Alectrona Patch you can install or upgrade over 500 Mac apps automatically to keep your users protected with the latest security updates. Alectrona Patch works with your existing MDM by simply deploying a package and a configuration profile for ongoing management. It’s cloud-native, so no server or package hosting is required, and the latest updates are delivered directly from the software vendor. You control which apps are installed or updated, so you deploy only what you need. Alectrona Patch is customizable to ensure your users can update without interruption, so you can keep your security team and your end users happy.
📰 News and Opinion
Six Colors: 2025 Apple Enterprise Report Card
Jason Snell with Six Colors is seeking entries into their annual "Apple in the Enterprise Report Card Survey" again. Anyone who is "part of the Apple IT community" can participate. Follow the link to the survey.
Here are last year's results for inspiration.
Stop Conflating Genius With Asshole
Genius doesn’t look like domination. It looks like collaboration. It looks like the humility to know you’re not the smartest person in every room, and the strength to make space for those who are.
🔐 Security and Privacy
TCC and the macOS Platform Sandbox Policy
The sandbox kernel extension supports triggering TCC prompts when a program accesses specific resources, rather than being limited to merely allowing or denying the access, and the platform sandbox policy makes use of this facility
🔨 Support and Tutorials
How changes to macOS 15.4 impact the use of Jamf Setup Manage
the Location Services pane now appears after the user signs in.
Apple Terms and Conditions: A Better Way for MSPs to Avoid Downtime
Apple requires that an administrator of the Apple Business Manager or Apple School Manager account accept any updated agreements before key services—like Automated Device Enrollment or app deployments—can resume.
A Workflow with the macOS Security Compliance Project and Jamf Compliance Editor
Tony Young on Patch Notes and Progress
how to document macOS compliance baselines using mSCP and Jamf Compliance Editor. Build audit-ready workflows with tailored spreadsheets and guidance.
Identifying MDM-managed user accounts on macOS Sequoia
Rich Trouton on DerFlounder
It’s not obvious from the Mac’s end to see which local user account is the MDM managed user, but it is possible to use the mdmclient command line tool to get this information.
🤖 Scripting and Automation
Script compacting script
Bart Reardon on Stuff About Things
So I nerd sniped myself made a script that compacts other scripts.
rsync replaced with openrsync on macOS Sequoia
Rich Trouton on DerFlounder
Now with macOS Sequoia, Apple has replaced rsync 2.6.9 with openrsync, an implementation of rsync which is not using any version of the GPL open source license.
Also see Mat X's reaction.
♻️ Updates and Releases
📺 Watch
AI & Device Management: Future Trends and Security
Event by Jamf on LinkedIn
we dive into how AI is shaking things up in the world of Apple device management and security
🎧 Listen
Is your phone listening to you?
Electronic Frontier Foundation Staff Technologist Lena Cohen about the most mind-boggling forms of corporate surveillance—including an experimental ad-tracking technology that emitted ultrasonic sound waves—specific audience segments that marketing companies make when targeting people with ads, and, of course, whether our phones are really listening to us.
Secure communication methods in the enterprise
Jeremy Gottschalk, founder and CEO of Marketplace Risk, about how organizations should think about communication tools and balancing with security, convenience, and privacy.