The Iru Blog

Endpoint Drift: Why EDR coverage breaks down at scale [+ Take the quiz to see where you stand]

How to build a tech stack that runs itself

Zero-Trust Endpoint Security: How To Defend Your Largest Attack Surface

In January 2026, the Dutch Data Protection Authority (the agency responsible for protecting citizens' personal data) had its own employee's work-related data accessed and stolen. Attackers exploited critical zero-day vulnerabilities in Ivanti's endpoint mobile management software before patches were even available. That same day, bad actors attacked the European Commission, and Finland's government IT provider lost data on up to 50,000 employees. All three incidents traced back to a single point of failure: endpoint management tools that granted access based on device identity alone, without verifying whether those devices were actually secure.

Securing Windows: Vulnerability management, auto patching, and OS updates

Unpatched software is behind roughly 60% of breaches. And with AI models getting better at finding exploitable vulnerabilities faster than most teams can remediate them, the window between disclosure and exploitation is shrinking fast.

Local admin cccounts on Mac: should IT teams create them?

Updated May 2026. For IT teams deploying Mac computers, the question is: To create local IT admin accounts on those computers or not? What Are Mac Admin and Standard User Accounts? To be clear on what we’re talking about: A local IT admin account is a user account with admin privileges created on a Mac in addition being used as to the primary user account. There are several reasons IT teams might want to distribute such accounts—but there are also good reasons why they might not. There are also several ways to do so, as well as a couple of alternatives that could obviate the need to deploy such accounts altogether. Let’s walk through each of those decisions.

12 IT and security voices shaping the conversation in 2026

Finding good information in IT and security has never been the hard part. Finding the people who are genuinely advancing the conversation — the ones with fresh perspectives who are helping shape where the industry is heading — takes more effort.

How endpoint security shaped Bindplane's ISO 27001 journey

Getting ISO 27001 certified is one thing. Building a compliance program that actually holds up between audits, without consuming your engineering team, is another problem entirely.

The Sprawl Report: What Too Many Tools Is Doing to IT and Security Teams

Tool sprawl is breaking IT & security teams. The data from 1,011 IT and security professionals makes the mechanism clear: the more tools a team manages, the worse everything gets. More burnout. More time on maintenance. Less time for the work that actually matters.

The Guide to Managing Mac Clusters for AI Workloads

Mac clusters for AI workloads are real infrastructure now. Here’s how to provision, secure, and manage them from day one.

The right Blueprint, every time: how Iru's Blueprint Routing automates device deployment at enrollment

Enrolling a fleet of devices sounds simple in theory: pick a Blueprint, assign some settings, and you're done. But in practice, most organizations are managing a mix of Mac computers, Windows computers, iPhone devices, iPad devices, kiosk tablets, and meeting room devices, each with their own configurations, user types, and provisioning requirements. Keeping all of that straight at enrollment time, without manual intervention or a tangle of enrollment codes, has historically been one of the more tedious parts of device management.

The Apple OS 26 Era Begins. Iru Has You Covered.

Deploy, manage, and secure Apple’s latest operating systems as soon as they’re released Apple has officially released its latest operating systems iOS 26, iPadOS 26, macOS 26, tvOS 26, watchOS 26, and visionOS 26. For the first time, Apple has standardized version numbers across every OS, creating a unified baseline for developers, IT teams, and end users alike. This alignment not only simplifies communication and compatibility but also underscores Apple’s commitment to delivering a consistent experience across the entire ecosystem.

User-Based vs. Device-Based Security Exclusions: Finding the Right Balance

Security exclusions represent one of the most nuanced decisions admins face when designing effective security policies. These exceptions to your standard security rules require careful consideration - apply them too liberally, and you risk creating security gaps; too restrictively, and you might impede legitimate work. But before you can determine how many exclusions to implement, you need to decide what type of exclusions make the most sense for your environment.

No More Pitchforks: How to Build User Trust During Security Rollouts

The scene is familiar to anyone who's worked in IT or security: an urgent vulnerability needs patching, a new control must be deployed immediately, or a policy change can't wait. You execute the technical implementation flawlessly. Then come the Slack messages and emails.

Apple Intelligence in the Enterprise: an Admin’s Perspective

The Six Colors 2025 Apple in the Enterprise Report Card has sparked plenty of conversation about Apple’s direction, areas of growth, and continued challenges with enterprise products. Jason Snell, founding editor of Six Colors, and Weldon Dodd, Iru Distinguished Solutions Engineer unpacked the report’s findings and what they mean for Apple device administrators on a recent MacAdmins Podcast episode.