We have an employee who was let go and hasn’t logged out of their expensive MacBook laptop. We paid for it but the laptop was mailed to their house in their name. Apple said whoever it’s mailed to owns it and they won’t unlock or reset it for us. HD is encrypted. Suggestions?

Going forward, you guys don’t have apple mdm setup? Otherwise your employees essentially do “own” the devices if you let them bind their apple id

Yeah, finding that out thanks to this experience and thread! Definitely going to set one up. We were spoiled at my last firm, employed a bunch of ethical hackers (most with clearances) and never once had an issue. Realizing that’s not reflective of our current setup.

Get Apple Business Manager. You get a discount on devices, they’re registered to your company but shipped to employee, and they will auto-enroll into MDM, giving you remote capabilities, such as remote wipe, lockout, etc (I suggest using JAMF). apple.com/business/it/

Yes, that’s the best advice I’ve gotten in this whole thread. We don’t have an IT department yet and I didn’t even know Apple finally had a solid business management platform now. Definitely signing up for the future, thanks.

Honestly, byod is the way to go. It sounds like you’ve had too much of a headache w/ asset management. Just setup azure or google identity and call it a day.