Last week, the SimpleMDM team packed our bags, donned our compression socks, and flew to the annual MacAdmins Conference at Pennsylvania State University.
At Penn State, we mingled with 600 other MacAdmins and attended workshops for every Apple topic a growing admin might need!
Overwhelmingly, our main takeaways and themes for this year’s conference are:
Learning how to work smarter, not harder, as a MacAdmin.
Finding new, community-made tools to make our jobs easier.
Making your organization phishing resistant.
Learning Platform SSO fundamentals and deployment.
But sadly, no Vision Pro workshops … yet. 👀
1. Work smarter, not harder
A theme at this year's conference was managing Apple devices more efficiently, and this even includes …
**Drumroll, please**
The heroic rise of preserving work-life boundaries and protecting your weekend with concepts like Read-Only Fridays!
This concept means not making any dev or prod changes on Fridays (or the last day before your weekend) and instead focusing on reading, planning, or professional development.
As a 4-day workweek company, we love to see it! 😍
Working more efficiently includes finding clever ways to cut time:
Biometric authentication (more on this later)
Text replacement prefills & quick keys
Bionic Reading for the neurospicy 🌶️ (seriously, try it)
Customizable hardware peripherals for your daily workflow, like Stream Deck Neo
Implement these strategies and you’ll find yourself working Pretty Damn Quick and protecting your valuable nap time.
2. Use your toolbox
I know why you’re here, so let’s get to the good part! Here’s a list of tools we loved that got lots of name-drops at this year’s conference:
Suspicious Package: Tool for inspecting the contents of macOS packages.
Packages.app: Free package creation tool.
Apparency: Tool for viewing app metadata.
Mist - macOS Installer Super Tool: A line tool for autodownloading macOS installers and firmware.
Low Profile: Mac utility for inspecting Apple Configuration Profile payloads.
Script2pkg: Tool that helps create payload-free installer packages.
Particulars: Tool that displays critical system information on your desktop.
Icons: Tool that creates PNG graphics for management tools.
Mactracker: Authoritative source of truth for all Apple hardware, no matter how old.
DFU Blaster: Tool that enables DFU mode with a single app button, bypassing time-sensitive Apple key commands. (I can’t wait to play with this one!)
The MacAdmin toolbox keeps improving, providing more ways to streamline your workflow and maintain efficiency.
And for even more tools, check out these GitHub resources on Tools for MacAdmins and the Awesome MacAdmin Tools list.
3. Become phishing resistant
Something I heard repeatedly in workshops this year was the term “phishing resistant.”
Joe Scalone (FIDO Alliance member) cited a 2021 statistic in his session that cybercrime cost the global economy $6 trillion USD annually — and that number has ticked up to $8 trillion in 2023. Your enterprise phishing defense plan needs to consist of more than just KnowBe4.
One of the best ways to prevent phishing attacks is to trust but verify your user accounts with multifactor authentication.
If you have not deployed MFA in your organization, you are behind.
Key points:
Implement MFA in your organization ... like yesterday.
Ideally, implement MFA with biometric methods like Touch and Face ID to significantly enhance security.
No biometric authentication method? No problem! Create a biometric Touch ID button with some DIY spirit! Or even print a Touch ID module.
Utilize passkeys, a new approach aimed at replacing traditional passwords.
As any seasoned admin can tell you, phishing attacks will only get more sophisticated over time. Deploying a defense strategy with biometric MFA could save your organization countless hours of stress, time, and money in the face of a cyberattack.
4. Platform SSO
Single sign-on was the it girl for lots of workshops this year, including a workshop on Best Practices for Deploying Platform SSO with Microsoft Entra ID (see slides).
Key points:
Microsoft recommends running a minimum of macOS Sonoma on endpoints for PSSO.
PSSO is not for use with Active Directory; it is only for Entra ID.
Deploy PSSO using the Secure Enclave key method for phishing resistance.
Remove MDM password policies altogether and let PSSO password sync take control.
Any MacAdmin using Entra ID as their IDP should be deploying Platform Single Sign-On.
Other workshops on SSO included:
The SimpleMDM team catching some golden hour at Penn State for MacAdmins 2024
We had a great time at this year’s PSU MacAdmins Conference, meeting friends from the Mac Admins Slack channel, playing mini golf, and swapping shiny stickers with other community members.
Grab the 2024 workshop slides and the 2024 workshop notes to relive the fun!
Visit the MacAdmins YouTube Channel for 2024 conference video sessions, or check out the live conference podcast recording.
Ready to try all your new tools, tips, and tricks from the PSU MacAdmins Conference? Deploy them through SimpleMDM! Start your 30-day free trial with SimpleMDM today!
