---
name: device-setup
description: Apollo.io laptop setup, MDM enrollment, VPN configuration, and security requirements for new and existing employees
---

# Device Setup

## New hire device
- [FILL: company-issued vs. BYOD policy]
- Standard device: [FILL: MacBook Pro M3/M4, spec]
- Ordered by: [FILL: IT / manager / self-purchase with reimbursement]
- Delivery: [FILL: shipped to home address, timeline]

## Required setup steps
1. **Enroll in MDM**: [FILL: Jamf / Kandji / Mosyle — step by step]
2. **Install Okta Verify**: [FILL: link and steps]
3. **Set up 2FA**: [FILL: required for all accounts]
4. **Install security agent**: [FILL: CrowdStrike / SentinelOne]
5. **Configure VPN**: [FILL: tool, config file, instructions]
6. **Full disk encryption**: [FILL: FileVault / BitLocker — must be on]

## VPN
- Tool: [FILL: Tailscale / WireGuard / Cisco AnyConnect]
- When required: Accessing [FILL: production systems, internal tools]
- Not required for: [FILL: Slack, Google Workspace, etc.]
- Troubleshooting: [FILL: common issues and fixes]

## Security requirements (non-negotiable)
- [ ] MDM enrolled
- [ ] Full disk encryption enabled
- [ ] Screen lock after [FILL: 5 minutes]
- [ ] No jailbroken / rooted devices
- [ ] Automatic OS updates enabled
- [ ] Password manager installed

## Lost or stolen device
1. Immediately notify #security-incident
2. IT will remote-wipe the device
3. File a police report if stolen
4. IT will ship a replacement within [FILL: X days]