| All that follows is from someone who mainlines linux (just mild ubuntu) and macos but wouldn't complain too much about a windows workstation. > Hot (and perhaps tangental) take here, Indeed. > but I can't understand why companies that attempt to enforce these policies for security reasons, do not just mitigate their largest attack vector and move to macOS for their endpoints where possible. Citation needed that Macos is more secure than windows. > Far more reliable in terms of stability and security, In my experience, macos/windows are about par for security and the "stability" also seems par. If anything, windows is _more_ stable since it is backwards compatible to a fault. > and dramatically less patch management required for macOS clients. Fair, but I think this is mostly a boon to IT teams who want more control from windows. > I'd argue a more productive user experience also, instead of fighting the advertising, new AI integrations, Candy Crush and layout changes that Windows generously provides every 30 days These concerns are not generally applicable in an enterprise environment. I feel them on my gaming machines, but corporate is generally locked down pretty tightly. Also, I mean, Macos is famously getting new AI integrations in 18.2 so this seems like a false comparison. > Hardware is also pretty easy to resell Admittedly this is a boon to Macos, but I think there is an argument that the cheaper windows machines may have a better full cost-of-ownership metric than macs. > AppleCare covers replacements Everywhere I have worked, the company pays for replacements out-of-pocket or has _very_ generous enterprise agreements. > and the fleet can be pretty uniform with stock available anywhere if needed. Fair. I'm not sure that it matters for enterprises that already have a locked down hardware procurement process but its pretty hard to argue against the 2023MBP16GB is more uniform than {windows soup}. > Keep incompatible apps that are required in a Citrix Workspace or equivalent for isolation. This doesn't address social engineering or file leaks due to malicious employees obviously. I'm not sure what you're saying here, but I'm hard pressed to see how this applies to any specific OS and not others. |