Apple MDM, Linux & Zero Trust Services for New Zealand Organisations
We architect Apple, Linux, and Windows environments to operate as one platform, secure, observable, and ready to scale with your team.
Every engagement begins with a discovery session to map your requirements and ensure strong alignment before we propose a solution.
View our approach to pricing →Apple MDM & Fleet Management
Enterprise-grade device management for macOS, iOS, iPadOS, and tvOS using Apple Business Manager and Jamf Pro.
The outcome:
Deploy 100+ devices in hours, not days. Eliminate most manual configuration and ensure every device is secure from day one.
What's included
- Zero-touch deployment via Apple Business Manager (ABM) and Apple School Manager (ASM)
- Jamf Pro automation for configuration profiles, app deployment, and compliance
- Device lifecycle management from enrollment to retirement
- Self-service app catalogues and automated patching
- Inventory tracking and hardware warranty integration
- FileVault encryption and recovery key escrow
Identity & Zero Trust Security
Unified identity management, multi-factor authentication, and device posture controls across your entire infrastructure.
The outcome:
Onboard and offboard users in minutes with automated identity provisioning and MFA. Dramatically reduce security risk by enforcing strong authentication and least-privilege access everywhere.
What's included
- Open-source or cloud identity platforms
- Single Sign-On (SSO) for SaaS, on-premise, and custom apps
- Multi-factor authentication (MFA) with push, TOTP, and hardware keys
- Device posture and compliance enforcement
- Directory federation and LDAP/SAML integration
- Conditional access policies based on user, device, and location
Windows Infrastructure Integration
Seamlessly integrate Apple devices and Linux services into existing Windows environments without compromising functionality or security.
The outcome:
Hybrid teams work efficiently across platforms, no more "Mac users can't access that" frustrations. Identity, access, and policy applied consistently whether users are on macOS, Linux, or Windows.
What's included
- Active Directory integration for Mac authentication and policy
- Hybrid identity sync between AD and cloud platforms (Entra ID, JumpCloud)
- SMB file sharing between Windows servers and Mac/Linux clients
- Group Policy alternatives via Jamf or Intune for unified management
- Microsoft 365 and Azure integration with Apple devices
- Migration planning from Windows-centric to hybrid or Apple first infrastructure
Networking & Wi-Fi Engineering
High-performance, secure network infrastructure designed for education, creative, and professional environments.
The outcome:
Support hundreds of concurrent devices without performance degradation. Eliminate chronic "Wi-Fi doesn't work" complaints with properly designed coverage, capacity, and segmentation.
What's included
- Enterprise Wi-Fi design for high-density environments (schools, offices, studios)
- Network Access Control (NAC) with PacketFence or ClearPass
- 802.1X authentication for Wi-Fi and wired networks
- VLAN segmentation and traffic shaping
- Guest network isolation with captive portals
- Network monitoring, troubleshooting, and capacity planning
Linux Infrastructure & Servers
Reliable back-end services for file storage, authentication, proxies, and business continuity, built on proven open-source platforms.
The outcome:
Achieve high uptime with infrastructure that scales as you grow. Reduce licensing costs significantly using enterprise-grade open-source solutions where appropriate.
What's included
- File servers with SMB/AFP/NFS and access controls
- Open-source identity and authentication services
- Nginx reverse proxy and load balancing
- Veeam backup and disaster recovery
- Container orchestration with Docker and Kubernetes
- System monitoring, logging, and alerting (Prometheus, Grafana, ELK)
Backup & Continuity
Comprehensive backup, disaster recovery, and business continuity planning to protect your data and operations.
The outcome:
Confidence that you can recover from hardware failure, ransomware, or human error. Meet your RTO targets with tested, documented recovery procedures instead of crossing your fingers.
What's included
- Veeam backup for virtual machines, physical servers, and endpoints
- Immutable backups and ransomware protection
- Off-site replication and cloud backup integration
- Disaster recovery planning and testing
- Recovery Time Objective (RTO) and Recovery Point Objective (RPO) design
- Backup monitoring, reporting, and compliance documentation
Virtual CTO / CIO / CSO
Part-time technology executive for SMBs that need security governance and strategic IT leadership without the full-time hire.
The outcome:
C-level technology strategy at a fraction of the cost. Confident decisions on security, vendors, and IT investment aligned with business goals, not vendor sales targets.
What's included
- Security posture assessment and remediation roadmap
- Technology vendor evaluation and procurement guidance
- Compliance and risk management (Privacy Act 2020, Essential Eight, ISO 27001)
- IT budgeting and cost optimisation
- Team capability building and knowledge transfer
- Incident response planning and tabletop exercises
How it all connects
Identity as the foundation
Every user, device, and service authenticates through a central identity platform (cloud-based or open-source). This gives you single sign-on, MFA, and unified access control across macOS, Linux, Windows, and cloud apps. Learn more about our Zero Trust security services.
Devices secured and automated
Apple devices enroll automatically via ABM/ASM and Jamf. Configuration profiles, apps, and security policies deploy without manual intervention. Linux servers are provisioned with Ansible or cloud-init. Windows joins the domain or syncs to JumpCloud. Explore our Apple MDM deployment services.
Network enforces policy
802.1X Wi-Fi and NAC ensure only authenticated, compliant devices can access network resources. VLANs segment traffic. Firewalls enforce least-privilege access. Guest networks are isolated.
Data protected and recoverable
Linux file servers provide centralised storage with snapshots and access controls. Veeam backs up VMs, servers, and endpoints with immutable copies and off-site replication. Recovery is tested, not assumed.
Interested in understanding project scope and pricing?
View Pricing & PackagesFrequently asked questions
Common questions about working with magnumit
How long does a typical migration or implementation take?
How long does a typical migration or implementation take?
Most projects take 4-12 weeks from scoping to go-live, depending on complexity. Simple MDM deployments can be completed in 2-3 weeks. Complex migrations involving identity platforms, network redesign, and Windows integration typically take 8-12 weeks. We provide a detailed timeline during your strategy session.
Can you work with our existing IT team or MSP?
Can you work with our existing IT team or MSP?
Absolutely. We collaborate with in-house IT teams and external MSPs regularly. We can provide strategic oversight, specialised expertise for Apple/Linux projects, or hands-on delivery, whatever fills the gap. Knowledge transfer and documentation are built into every engagement so your team can maintain systems confidently.
What if we're not 100% Apple?
What if we're not 100% Apple?
Most of our clients aren't. We specialise in hybrid environments, integrating Apple devices with Windows infrastructure, Microsoft 365, and Active Directory. Whether you're 30% Apple or 90% Apple, we design systems that work seamlessly across all platforms without forcing a one-size-fits-all approach.
Do you offer ongoing support after implementation?
Do you offer ongoing support after implementation?
Yes. We offer flexible retainer packages for ongoing infrastructure management, monitoring, and proactive optimization. Many clients start with a project-based engagement and transition to a monthly retainer once systems are operational. We also provide handover documentation and training if you prefer to manage systems in-house.
How do you handle security and compliance requirements?
How do you handle security and compliance requirements?
Security and compliance are built into every implementation from day one, not added afterward. We design for frameworks like ISO 27001, NIST, Essential Eight, and industry-specific requirements. All implementations include MFA, encryption, device posture controls, and audit logging as standard. We provide documentation to support compliance audits and certifications.
Let's map your requirements
Every organisation is different. Book a strategy session to discuss what you need—and what's possible.