Device Compliance - Mac

To protect data integrity and safeguard security when accessing University data and systems, it is very important to ensure that the computer is not infected with malware or compromised in any other way. Devices deemed as non-compliant (i.e. not fully protected from security threats and free from malware) will not be allowed access to selected University systems that store sensitive data. To meet Conditional Access security requirements, the device must be compliant with a number of minimum requirements and enrolled in device administration

In order for your Apple Mac computer to be deemed as compliant, it must meet all of these requirements:

  • macOS version must be one of these (with latest security patches​​​​​​ installed):
    • Tahoe ver. 26.0
    • Sequoia ver.15.7
    • Sonoma ver 14.8
    • Ventura ver.13.7.8 - End of Support in Nov 2025 1)
  • Firewall must be enabled
  • Must be running Microsoft Defender
  • System Integrity Protection2) must be enabled
  • Device must check-in with Intune service in the cloud at least once every 30 days

Note 1: Apple supports only latest three versions of macOS. Older versions are no longer supported and security patches are no longer being released for them. If you have an older Mac that cannot have its macOS upgraded to one of those three versions listed above, you need to purchase a new device (see Apple macOS | endoflife.date).  Apple is expected to end support for macOS Ventura (version 13) on November 30, 2025. After this date:

  • Ventura will no longer receive security updates, bug fixes, or technical support.
  • Macs running Ventura may become more vulnerable to cyber threats and compatibility issues.
  • Users are advised to upgrade to a newer macOS version (e.g., Sonoma or Sequoia) to maintain security and compliance or, if hardware does not support the upgrade, procure a new device.

Note 2: System Integrity Protection is a security technology designed to help prevent potentially malicious software from modifying protected files and folders on your Mac. System Integrity Protection restricts the root user account and limits the actions that the root user can perform on protected parts of the Mac operating system.

100% helpful - 1 review
Print Article

Related Articles (8)

Browser Support for University Apps and Systems
This article explains which browsers should be used for the optimal experience with systems and apps used at the University of Windows, such as Microsoft 365, Brightspace, UWinsite, etc.
Conditional Access
Any devices used by university employees and related that do not meet the minimum requirements, as defined in the device's assigned compliance policy, will not be granted full access to University apps, systems and data. This includes devices, both university-owned and personal, that are not enrolled in Intune
Device Administration - User Guide
At the University of Windsor, Microsoft Intune combined with Entra ID provides device and application administration, corporate data protection, identity management and directory services.
Device Compliance - Windows
In order for your work computer to be deemed as compliant, it must meet a number of requirements. Non-compliant devices will not be able to access some of the resources and systems starting in Q4 of 2023.
Known issue: "Your organization doesn't allow you to download, print, or sync using this device."
When accessing OneDrive or other Microsoft 365 Apps in a browser you may see a message displayed on the top of the browser window that says "Your organization doesn't allow you to download, print, or sync using this device (...) This can happen for three different reasons
Known Issue: Unable to see any apps on Company Portal
If you see a message "Your company hasn't made any apps available to you on this device" or "You don't have any apps yet" it means that your computer does not meet minimum requirements as defined in the device compliance policy (i.e. your device is not compliant).
MacOS Limitations with Intune Enrolment and Conditional Access
This article summarizes current limitations affecting macOS devices when it comes to Intune enrolment and conditional access.
Microsoft Company Portal
Microsoft Company Portal is an app that faculty and staff at the University of Windsor use to manage their workstations.