Mountain Path Consulting

⛰️ Mountain Path Consulting

Apple-first, Linux-sharp. Device management and security, delivered directly.

Based in Andorra. Working with teams across Europe, the UK, and the Middle East.

🚀 What I do

I deploy and manage Apple devices across regulated environments, security-conscious startups, and organisations that have outgrown their current MDM. Linux endpoint support too — encryption, hardening, and fleet-level config for engineering teams.

iOS, iPadOS, Android, and Windows Autopilot supported where needed. Apple and Linux are the focus.

Introducing Macs in regulated or compliance-driven environments
Migrating or fixing legacy MDM setups
Zero-touch deployment and modern Apple fleet management
Linux encryption, hardening, and identity integration
Fleet for endpoint visibility across mixed fleets

👥 Who I work with

IT leads rolling out Apple in secure or regulated environments
Security teams closing device posture and identity gaps
Engineers rebuilding or migrating MDM setups
CTOs aligning device management with hybrid identity
Organisations inheriting messy Apple or Linux estates

If you're after the cheapest option or a large delivery team, I'm probably not the right fit.

🧰 Services

Secure MDM Architecture: Fleet, Intune, or Jamf — matched to your identity stack and compliance requirements, not a default template.
Apple Platform SSO: Entra or Okta via Platform SSO — and XCreds for every other IdP.
Fleet Visibility: SQL-based endpoint visibility across macOS, Linux, Windows, and Android — GitOps-managed query libraries, compliance policies, and Fleet OSS deployment.
Zero-Touch Deployment: Box to productive Mac in minutes. No IT ticket, no imaging, no babysitting.
Compliance-First Builds: CIS, Cyber Essentials+, SOC 2, ISO 27001 — device configs that pass audits and hold up in production.
Automation & Efficiency: App patching, onboarding flows, and compliance reporting — automated with Munki, Installomator, and SwiftDialog.
Cloud Migrations: From Jamf, Workspace One, or AD to Fleet, Intune, or Entra — parallel-run migrations with staged rollout and working rollbacks.
Modern Apple Deployments: Declarative Device Management, Managed Apple IDs, SSO-first auth — invisible to users, defensible to auditors.
Linux Endpoint Support: LUKS encryption, Entra ID or Okta via SSSD, and CIS-aligned hardening for Ubuntu and RHEL.
Security Reviews: MDM config, endpoint posture, identity scope, patch state, and data exposure — findings ranked by impact and effort, not severity theater.

Full service details →

✍️ Let's Talk

🟢 Available for new engagements

Typical engagements run 2–8 weeks. Project-based, no retainers.

Not sure if it's a fit? Get in touch directly.

Email: adam@mpc.ad

Phone: +376 647 764

WhatsApp: +376 647 764