One of macOS 15 Sequoia’s most noticeable additions is a new form of window tiling. Drag a window to the menu bar to expand it to fill the screen, to the left or right edge to resize it to half the screen, or to a corner to resize it to that quarter of the screen. As you drag, a white outline shows what will happen when you drop the window. Unfortunately, accidentally invoking window tiling can be surprising and disruptive. The easiest way to ensure that dragging windows tiles them only when you want is to open System Settings > Desktop & Dock, scroll down to the Windows section, and turn off “Drag windows to screen edges to tile” and “Drag windows to menu bar to fill screen.” The important setting to leave turned on is “Hold Option key while dragging windows to tile” because from now on, your windows will tile only when you Option-drag them.

(Featured image based on an original by iStock.com/Jakob Berg)

Employers and their employees part ways for all sorts of reasons. People may move on because of a contract’s completion, to take a new job, or because they’re retiring. Employees may also leave due to being laid off or fired. Whatever the reason, offboarding—the process of managing an employee’s departure from an organization—is essential.

Without a systematic offboarding protocol, organizations face significant risks related to data security, device mismanagement, operational disruptions, and compliance violations. In a particularly troubling example, a fired employee allegedly hacked Disney World’s menu creation system, changing prices, adding profanity, and—most problematically—adjusting allergen information in ways that could have caused someone allergic to peanuts to order food that contained them.

Obviously, offboarding has various administrative aspects. We’ll focus on those associated with technical infrastructure, but it’s also important to consider how you’ll communicate internally about the departure and any human resources and legal matters.

Our overarching advice regarding offboarding is to establish a formal protocol so everyone knows what’s involved. That’s particularly important for departures that happen with little notice. When building your offboarding plan, consider these three parts of the process: revoking access, retrieving devices, and preserving the organization’s data.

Revoke Digital Access

When offboarding an employee, the most important thing to consider is how you’ll revoke their digital access to organizational resources such as email, a shared password manager, and core service accounts. For those who are retiring or staying to train their replacement, access revocation can proceed gradually on a schedule. This approach provides sufficient time to transition ongoing projects and communications.

However, in most cases, it’s safest to revoke access immediately, especially when an employee has been terminated involuntarily due to layoffs, performance problems, or misconduct, or when dealing with employees in high-security roles, such as IT administrators, members of the legal team, or high-ranking executives. Even if their departure isn’t contentious, the risk of data leakage is too high.

Revoking access is significantly easier if you’re using Apple Business Manager and an MDM platform. Because Apple Business Manager lets you use federated Apple Accounts, it’s simple to revoke access to iCloud and other Apple services. Plus, because Apple Business Manager makes it possible to separate personal Apple Accounts and their associated data, employees can move their personal data off an organization’s device more easily.

MDM—mobile device management—is even more important because it enables administrators to revoke access to organization-managed email accounts, VPNs, Wi-Fi networks, and cloud services. If a device isn’t returned, an MDM platform can remotely lock, wipe, or reset it. For BYOD scenarios (Bring Your Own Device, where employees use their own devices rather than organization-owned ones), a properly configured MDM allows the removal of organizational data and profiles without affecting personal data.

Using an identity provider like Google Workspace, Microsoft Entra ID, or Okta with a single sign-on system makes revoking access even more straightforward. These services tie access to an organization’s apps, resources, and devices to a single login, so deactivating a departing employee’s account in the identity provider instantly cuts off access to all connected systems. Otherwise, you’ll find yourself doing the dance of deactivating Google, then Adobe, then Slack, and so on. It’s tedious and potentially error-prone.

Finally, the combination of an MDM system with single sign-on can also help monitor employee behavior during the offboarding period for unusual activities. You’ll want to know if a terminated employee logs in to a confidential database that they have no reason to access immediately after receiving notice.

Retrieve Organization Devices

Another key aspect of your offboarding plan should revolve around retrieving organization-owned devices. Even if you can use MDM to revoke access, you need to get your devices back so they can be given to other employees or held in reserve as backups. Apple Business Manager helps here, too, since it tracks all registered devices owned by the organization and can reassign devices to new users.

The real win of Apple Business Manager in this regard is that it lets you turn off Activation Lock on all supervised devices, whether it was turned on using a federated Apple or personal Apple Account. Without Apple Business Manager, you may have to work with the employee to regain access to the device. If that’s not possible, Apple support may be able to help unlock the device if you can provide proof of purchase and ownership.

To ensure you don’t end up in such an awkward situation, follow these best practices when using Apple Business Manager:

• Make sure to purchase Apple devices through Apple Business Manager-compatible channels.
• Use Automated Device Enrollment to ensure that devices are supervised and managed by MDM out of the box.
• Rely on federated Apple IDs to ensure the organization retains control over organizational content within Managed Apple Accounts.

Preserve Organization Data and Communications

Finally, think about what the departing employee was doing. You’ll want to transfer or archive everything they worked on, including their organizational email account. In most cases, someone else will have to take over their responsibilities and may need access to emails, files, contacts, and more.

An identity provider can help by transferring ownership of cloud-based files and other data stored in Google Workspace or Microsoft 365. Without one, you’ll have to review all their online files and reassign ownership manually.

Email requires additional thought. You’ll probably want to forward the departing employee’s email to whoever is taking over. If that’s not feasible, set up an auto-reply explaining that the employee is no longer available and providing alternative contacts. In that case, it’s also worth scanning the incoming email periodically to ensure essential communications aren’t being missed.

Next Steps

If you don’t have a formal offboarding policy, we recommend developing one soon to ensure that you aren’t at risk for data security, device mismanagement, or operational disruptions. It’s one of those tasks that are easy to put off until it’s too late, at which point you have to scramble. You can find offboarding policy templates and other resources online, and we’re happy to discuss the tech-specific aspects when you’re ready.

Of course, if you’re not already using Apple Business Manager and an MDM solution, getting started with them is even more important to implement right away. Contact us to discuss what’s involved.

(Featured image by iStock.com/yacobchuk)

In macOS 15 Sequoia, Apple made it more difficult to bypass Gatekeeper to run apps that aren’t notarized. (Notarization is one of the ways Apple ensures that apps distributed outside the Mac App Store are unmodified and free from malware.) Cybercriminals have responded to this increase in security with a new social engineering attack. They provide the victim with a disk image, ostensibly to install some desired piece of software, instructing the user to drag a text file into Terminal. Doing so executes a malicious script that installs an “infostealer” designed to exfiltrate a wide variety of data from your Mac. The simple advice here is to treat any guidance to drop a file into Terminal with extreme suspicion—no legitimate software or developer will ever ask you to do that.

(Featured image based on an original by iStock.com/Farion_O)

Finder icons sometimes hint at their file’s contents, but if you find yourself opening file after file to look at the contents quickly, the Mac has a little-known feature just for you: Quick Look. To give it a spin, select a file in the Finder and press the Space bar or Command-Y. If Quick Look supports that type of file, it instantly displays a standalone window showing the contents of the file without opening it in its native app. Press the Space bar again to close the window.

If the document you’re previewing has multiple pages, you’ll see thumbnails along the right side that you can scroll through using your mouse or trackpad, or by pressing the Page Up/Page Down keys. But you aren’t limited to just viewing a file: click the Open With button to open the file in its default app, or click the Share button in the upper right to send it to someone else via email, Messages, or another sharing service. PDFs and images will also show the Markup button that lets you annotate the file directly, and images have a Rotate button.

If you need to scan through a set of files in a folder, you can press the arrow keys while the Quick Look window remains open—how you move among the files depends on the Finder window’s view. In List view, for instance, using the Up and Down arrow keys can be a great way to browse through a collection of pictures. You can even interact with the Finder while using Quick Look, which means you can delete an unwanted photo by pressing Command-Delete while previewing it.

Quick Look works well for evaluating or comparing multiple files. Select a bunch of files and press the Space bar to open them all in Quick Look. The Left and Right arrow keys let you cycle through your selection; there are also Back and Forward arrow buttons at the top left of the Quick Look window. To the right, you’ll see a Thumbnail button that displays the selected files in a grid—click any thumbnail to focus on just that item.

To remove the distraction of your desktop, click the Zoom button in a Quick Look window. If you have multiple files selected, you can even start a simple slideshow from the zoomed Quick Look window—it’s a quick way to show off a folder of images. Another way to get to a zoomed Quick Look window is to select the files in the Finder and press Option-Space.

What file types does Quick Look work with? Not everything, but out of the box, Quick Look supports text files, RTF files, HTML files, images, audio, video, PDFs, iWork documents (Keynote, Numbers, and Pages), Microsoft Office files, fonts, and more. Third-party apps can extend Quick Look to support proprietary formats, and developers have released independent Quick Look extensions. Many people appreciate these three extensions:

• Folder Preview (free) displays the contents of folders in Quick Look.
• BetterZip (free for viewing) lets you look inside Zip archives and other compressed files.
• Peek ($7.99) not only supports 530 file types but also lets you copy, search, navigate, and more directly within the Quick Look window.

Although it’s best known in the Finder, Quick Look is available elsewhere on the Mac, including the examples below, so it’s always worth selecting what you want to preview and pressing the Space bar to see if it works.

• Spotlight: Preview search results to see if they’re what you want
• Open dialogs: Preview files before you open them
• Time Machine: Preview versions of files before restoring them
• File transfer apps: Preview files on remote servers before downloading
• Messages: Preview files added to conversations before opening them
• Mail: Preview attachments to email messages

To manage your Quick Look extensions, open System Settings > General > Login Items & Extensions, scroll to the bottom, and click the ⓘ button next to Quick Look.

Finally, note that if your Mac has a trackpad, you can invoke Quick Look by force-touching a Finder icon (press deeply until you feel a click) instead of pressing the Space bar.

Quick Look takes just moments to learn, but it can save you hours of time poring through files on your Mac!

(Featured image by iStock.com/megaflopp)

iPhones and iPads are highly personal devices, but you might want to let someone else use a particular app on yours without letting them poke through Messages, Mail, and Photos. For example, a child could play a game, a volunteer could check in attendees, or a friend could take photos. To allow this, Apple created Guided Access, which you turn on in Settings > Accessibility—give it an easily remembered passcode and decide if you want to let the display auto-lock. Then, to turn on Guided Access, open the app you want to share and triple-click the side or top button. Options let you control buttons, the accelerometer, software keyboards, touch input, and a time limit. To end a Guided Access session, triple-click the side or top button, enter the Guided Access passcode, and tap End.

(Featured image by iStock.com/Userba011d64_201)

We’ve seen an uptick in fake invoices from scammers using PayPal. Because they’re being sent through PayPal itself, spam filters won’t catch them, and they have few of the usual markers of phishing email (but look for sketchy names and email addresses at the top). Some are even forged to appear as if they come from Apple. Never pay a PayPal invoice that you can’t tie directly to something you’ve ordered, and don’t call the number listed—the scammer will try to convince you that the invoice is real. If you receive one of these invoices, click the “Report this invoice” link at the bottom to help protect others who might have received it, and forward the message to phishing@paypal.com. Don’t mark the invoice as spam, though, since that will train your email client to be suspicious of legitimate messages from PayPal.

(Featured image by iStock.com/Moostocker)

Is it time to make your Apple devices smarter? Apple has just released macOS 15.1 Sequoia, iOS 18.1, and iPadOS 18.1 with an initial collection of Apple Intelligence features and a promise of more coming in December. The company is making a big deal about Apple Intelligence, calling it out as a key feature of the recent updates to the iPad mini, iMac, Mac mini, and MacBook Pro.

You may need some of that new hardware to take advantage of Apple Intelligence. Its features work only on a Mac with Apple silicon, an iPad with an A17 Pro or M-series chip, or an iPhone 15 Pro or any iPhone 16. Intel-based Macs and older iPhones and iPads can’t play.

Although we have no problem with recommending that you upgrade your iPhone and iPad to iOS 18.1 and iPadOS 18.1, we recommend more caution when it comes to upgrading your Mac to macOS 15.1 Sequoia. There aren’t any general showstoppers, but you shouldn’t upgrade until you’re confident your particular workflows are fully compatible.

What will Apple Intelligence do for you if you upgrade? Here’s what you need to know.

Writing Tools Everywhere

The Apple Intelligence Writing Tools will help you craft and polish your prose—or just make your email sound more professional. Writing Tools provides three core functions:

• Proofread: The Proofread tool will significantly reduce spelling, punctuation, and grammar mistakes in your text. While it may not match up with a human proofreader, using it will make your text cleaner.
  
• Rewrite: If you’re unhappy with the tone of your text, use the Rewrite tool to improve it or make it friendlier, more professional, or shorter. Even if you don’t adopt the complete rewrite, some of its phrases or word choices might take your writing up a notch.
• Summarize: A straight summary might be useful for condensing text, and specialized summaries can list key points, make a list, or create a table. These features are probably most useful when working with text you’ve been given and need to edit into shape.

Writing Tools are available in nearly all apps that accept text. Either look for an Edit > Writing Tools menu or Control-click a text selection and look in the Writing Tools submenu. Right now, Apple apps like Mail and Notes provide proofreading controls that let you see (and revert) each change independently. With the Rewrite and Summary tools and Proofread in other apps, you have to compare the original and the rewrite manually, with your only options being to replace the selected text or copy the suggested revision.

Photos Enhancements

Photos benefits from Apple Intelligence in three ways as well:

• Clean Up: Many a great photo suffers from a random bystander or distracting telephone pole. Clean Up removes people and objects from your photos, either identifying them automatically or working from your manual selection. It’s not perfect, but Clean Up is a hugely welcome addition to Photos.
  
• Descriptive search: We’ve been able to search for objects in photos for several years now, but with Apple Intelligence, you’ll be able to find photos and videos based on more extensive and natural descriptions, like “Halloween in 2014.”
• Descriptive memory movies: The Memories feature in Photos automatically creates movies based on photos it thinks you might want to see together. With Apple Intelligence, you can describe the photos you’d like it to include.

Notification Summaries

Apple has long been sensitive about how distracting our devices can be due to numerous apps posting notifications throughout the day. Apple Intelligence tries to help by summarizing lengthy individual notifications and groups of notifications. Notification summaries probably won’t rock your world, but it can be nice to have a sense of what’s going on with a group of notifications before you wade into an involved conversation. If you don’t like the summaries for particular apps, turn them off in Settings > Notifications > Summarize Previews.

Mail (and Messages) Enhancements

Speaking of summaries, in Mail, the most welcome Apple Intelligence change is to replace each first-line snippet in message lists with summaries of the message or conversation content. It makes scanning email for important messages easier.

Other Apple Intelligence changes include moving priority messages—those that require a quick reply—to the top of the message list and the option to summarize long messages or conversations using a Summarize button at the top of the message pane. Both Mail and Messages also offer a Smart Reply feature that suggests reasonable replies. They’re like tapback responses on steroids.

Audio Recording, Transcription, and Summarization

Apple Intelligence offers major advances for the Notes and Phone apps: audio recording, transcription, and summarization. Be aware that the Phone app alerts participants when you start recording—just joke, “For quality assurance…” before tapping the record button.

The big win comes with Notes (on the iPhone, iPad, and Mac), which can record a meeting and provide a transcript for later searching and summarization. The clearer the audio, the better. It stumbles on many names and doesn’t differentiate between speakers, but transcripts can be hugely helpful. You can keep a transcript in its recording (left), where you can jump around in the audio by tapping the associated text, or you can use the ••• button to export it to its enclosing note (middle) or tap a button to get a summary (right).

Siri Enhancements

Apple has promised a lot for Siri but hasn’t delivered much. A new interface replaces the animated circle with a glowing light and the option to type your query rather than speak it. However, the only functional improvement from Apple Intelligence so far seems to be Siri’s awareness of the iPhone, iPad, and Mac user guides. If you’re unsure how to accomplish a built-in task, try asking Siri.

What’s Coming Next

Welcome though they may be, the initial wave of Apple Intelligence features won’t set the world on fire. But Apple has big plans for Apple Intelligence, with new features slated for release in December 2024 and more coming in 2025. Things you can look forward to in a few months include:

• ChatGPT will make its promised appearance, bringing world knowledge into Writing Tools and Siri.
• You can jazz up your conversations in Messages with original Genomoji merely by describing the emoji you’d like to see. “Penguin on a surfboard,” anyone?
• The Image Playground feature will let you generate original images in various styles, though none are photorealistic on purpose—no deepfakes from Apple.
• Image Wand will enhance your Apple Pencil sketches by turning them into polished images, and if you circle an empty space, Image Wand will create an image from the surrounding area.
• Writing Tools will let you describe a specific change you want to apply to your text, like adding more descriptive words to a blog post. We hope Apple puts more thought into the workflow so it’s easier to compare the before and after.
• The Camera Control button on the iPhone 16 line will tap Apple Intelligence to help users learn about objects and places in the iPhone’s viewfinder.

Further out, Apple says that Priority Notifications will surface your most important notifications, and Siri will learn how to draw from your personal context, take action in numerous apps, and gain awareness of onscreen information. We’re still curious to see how Apple will integrate a more intelligent Siri into the HomePod and Apple TV.

(Featured image by Apple)

Although the first wave of Apple Intelligence features won’t upend the user experience for most people, Apple is pushing hard to ensure that all its new devices can participate. That’s largely what’s behind the recently released seventh-generation iPad mini. It’s physically unchanged other than a few new colors, but under the hood, the iPad mini sports an A17 Pro processor that makes it compatible with Apple Intelligence. Other changes from the previous generation include Apple Pencil Pro support, 128 GB of storage at the base level (up from 64 GB), 10 Gbps USB 3 (twice as fast), Wi-Fi 6E and Bluetooth 5.3 (up from Wi-Fi 6 and Bluetooth 5.0), and cellular support only via eSIM (no more physical nano SIM). The price still starts at $499, with cellular connectivity adding $150. It’s a minor update, but one that keeps the iPad mini up to date for those who prefer a more compact iPad design.

(Featured image by Apple)

Recent news reports have revealed that a little-known company called Babel Street can track iPhone and Android user locations. Babel Street does this by leveraging data from mobile advertising data brokers. Investigators from data removal firm Atlas Privacy discovered they could use Babel Street’s Locate X tool to identify patients at a Florida abortion clinic, jurors in a New Jersey trial, attendees at a Los Angeles synagogue and a Dearborn mosque, and even children in a Philadelphia school.

Much of this is possible because people use apps that reveal their location to data brokers, who package the information and resell it to companies like Babel Street. Apple does have an advantage here—Atlas estimated they could locate roughly 80% of Android phones but only 25% of iPhones. That’s due to Apple’s App Tracking Transparency feature, introduced in iOS 14.5, which requires apps to get permission from users before tracking them for third-party advertising purposes. Unfortunately, many people unthinkingly grant such permissions, and location and identification data can also leak out in other ways.

Although it’s difficult to avoid being tracked by data brokers entirely, you can drastically reduce the likelihood and frequency of tracking, which helps ensure that any location information that does become available isn’t sufficient to identify you personally. Your employer may also consider your location to be sensitive information and want you to restrict it to the extent possible. To achieve this, you’ll need to adjust settings in several parts of Settings > Privacy & Security on your iPhone (and iPad, if you regularly use it in multiple locations).

Turn Off Allow Apps to Request to Track

You’ll find the most important setting in Settings > Privacy & Security > Tracking. At the top of the screen is a switch labeled Allow Apps to Request to Track. Make sure that is off! If it has been on in the past, apps that have requested permission will appear below.

By preventing apps from even asking if they can track you, you keep them from sharing a unique identifier associated with your iPhone with other apps and websites. Otherwise, advertisers can follow you from app to app and website to website, gathering information about you—often including your physical location—as you go about your life.

Don’t let apps persuade you to turn this setting on or allow them to track you. Apple’s rules explicitly forbid them from reducing functionality to those who refuse to allow tracking.

Allow Location Access Only for Apps That Need It

While you can turn off Allow Apps to Request to Track with a single switch, preventing apps from seeing your location requires more targeted work. Although Settings > Privacy & Security > Location Services has a big Location Services switch, turning that off will drastically reduce the utility of your iPhone. You won’t be able to get directions from Maps, tag photos with their location, share your location with family members, and much more.

Instead, for each app in the list, determine what level of location access you want to grant based on its function and description of why it needs access. Grant the minimal level of access necessary, which varies by app. Navigation apps need location access to work at all. Camera apps need it to geotag photos. Weather apps use it to provide custom weather reports and extreme weather notifications. But do you want to give a social media app access to your location at all times?

Apple provides five location access levels:

• Never: Choose Never for any app with questionable explanations of why location access is requested.
• Ask Next Time or When I Share: If you’re unsure if you want to allow or deny location access for an app, select this option. The app will prompt you the next time it wants your location, enabling you to make an informed decision based on your actions.
• While Using the App: For most apps you want to allow to see your location, choose While Using the App. It’s entirely reasonable that a location-requiring app be allowed to determine your location while you’re using it.
• While Using the App or Widgets: This option only appears for apps with widgets; choose it only if you use a widget that needs location access.
• Always: Grant Always access only to apps that generate location-related notifications when the app is not open. The most common example is a weather app that provides notifications of incoming storms.

The Precise Location option becomes available if you allow location access for an app. Turn it on only if the app needs to know your location within 15 to 200 feet (5 to 60 meters). An Uber or Lyft driver will need to know where to pick you up, for instance, so those apps should have Precise Location turned on, as should navigation and camera apps. For most others, turn off Precise Location. Your approximate location—a variable radius between 2.5 to 12 miles (4 and 20 kilometers)—is usually sufficient to locate you in the right part of the world.

Block Bluetooth and Local Network Access for Apps That Don’t Need It

Apps can use Bluetooth to infer your general location through interactions with other Bluetooth devices and movement patterns, so Apple requires apps to ask to use Bluetooth. As a result, just as with location, you should go through the apps listed in Settings > Privacy & Security > Bluetooth and revoke permission from any that don’t seem as though they should need it. Most will be legitimate—an app designed to communicate with a Bluetooth-connected device, for instance. Any app that needs access to Bluetooth and doesn’t have it should prompt you when you next open it.

Similarly, Apple now requires apps to request permission to use your local network. For the most part, these requests are reasonable—apps may need to discover network-connected devices like routers, printers, speakers, smart home gadgets, and more. Or games may need to discover other players on the network. However, because your network can reveal information about your location, it’s best to revoke access for any apps that don’t seem as though they should need it. There’s no harm in doing so; they’ll ask again if they need access.

Ultimately, all we can do is stay vigilant about what we’re allowing on our devices, encourage Apple to add even more privacy protections, and lobby our elected representatives for legal protection. It’s unconscionable that private companies can gather extensive location data on hundreds of millions of citizens.

(Featured image by iStock.com/Chayada Jeeratheepatanont)

Apple has included the Tips app with the iPhone and iPad since iOS 8 in 2014 and on the Mac since macOS 10.14 Mojave in 2018. Initially, it didn’t contain much useful content, and many longtime users ignored it. However, Apple has significantly increased the amount of information in Tips over time, adding device-specific tips, full device and app user guides, highlights of new features, and more. Many tips even include short demonstration videos. Tips is worth exploring or referring to the next time you have a question. Be sure to encourage anyone you know who’s new to the iPhone, iPad, or Mac to take a look—it even helps them practice key gestures!

(Featured image by Adam Engst)