Whether you’re starting from scratch or inheriting a legacy setup, I design MDM architectures that hold up under real-world pressure.

What this looks like

• Fleet, Jamf, or Microsoft Intune — matched to your context, not my preference
• Identity-integrated enrollment via Entra ID or Okta
• Configuration profiles built to baseline, with compliance drift detection
• Separation of dev, staging, and production device policies
• Clear documentation your team can maintain after I’m done

Which platform and why

Fleet is my default recommendation for teams starting fresh or moving away from per-seat vendor costs — it’s open source, GitOps-native, and doesn’t lock you in. Jamf is the right call for established Apple-first environments with complex smart groups and integrations. Intune fits organisations already deep in Microsoft 365 or running mixed Windows and Apple fleets.

Who it’s for

IT leads scaling from a handful of Macs to several hundred. Security teams who need to close gaps quickly. Organisations that have outgrown ad-hoc MDM.

What I don’t do

I don’t sell MDM licenses or take referral fees. My recommendation is whichever platform fits your context.