Akritos

Services

Services

Lead with the audit so you know what you own. Then pick what you actually need help with — Apple Business, MDM, Google Workspace, training, or something specific. No bundled lock-ins. Each service is independently scoped.

Core Services

Vendor Independence Audit

You don't need to own your whole tech stack. You need to own the keys to move. We work through a checklist of common gotchas — domain registration, DNS console, cloud account root, Workspace owner role, backups, password vaults — and identify what's in your name vs. someone else's. You leave with a written plan you can keep, hand to your existing IT, or hire us to execute. Most owners can't answer the whole list off the top of their head; that's normal, and exactly what the audit fixes.

  • Checklist of vendor lock-in gotchas tailored to your business
  • Identification of who currently controls each piece
  • Facilitated conversations with your IT, MSP, or vendors
  • Written summary: what you own, what you don't, what to take back
  • Prioritized plan of action — DIY-able or implementable by us
  • No ongoing engagement gating the document

Apple Business Setup & Management

Apple's new all-in-one platform for device management, business email, and local presence — free, and for most small businesses running Apple devices, enough on its own. We handle DUNS registration, account verification, managed Apple account provisioning, Automated Device Enrollment, and identity federation with Google Workspace or Microsoft 365. Then we manage it alongside your team.

  • Apple Business account registration and verification
  • Managed Apple account provisioning
  • Identity federation with Google Workspace or Microsoft 365
  • Automated Device Enrollment (ADE) configuration
  • Volume purchasing and app distribution
  • Built-in MDM setup — no separate platform required
  • Business email with your custom domain
  • Local presence (Apple Maps, Spotlight, Siri, Wallet)

Enterprise MDM — When You Actually Need It

For most small businesses, Apple Business's built-in MDM is enough. When it isn't — regulated industries, complex deployments, large fleets — we deploy Mosyle, Jamf, Iru, or Addigy based on fit, not kickbacks. We'll tell you which path makes sense for you. Already running Intune? Keep it for Windows; purpose-built Apple MDM alongside.

  • Honest evaluation: Apple Business or something more?
  • Mosyle, Jamf, Iru, Addigy — chosen for fit, not markup
  • Zero-touch deployment for new hires
  • Apple MDM deployed alongside Intune for Windows
  • Migration from existing MDM or from no MDM
  • App deployment, patching, and security policy configuration

Google Workspace Setup

Google Workspace, domain, email, SSO, and directory — configured correctly from day one and federated with Apple Business for seamless identity. You own the domain, you own the accounts, you hold the keys. We handle SPF, DKIM, DMARC so your email actually arrives.

  • Google Workspace deployment and domain configuration
  • SSO and identity provider setup
  • Identity federation with Apple Business
  • DNS and email authentication (SPF, DKIM, DMARC)
  • User lifecycle automation
  • Domain registration and management

The Differentiator

Mac management training for Windows teams

Your IT team knows Windows — Group Policy, SCCM, Active Directory. Then the company buys Macs and nothing transfers. MDM is not Group Policy. Apple IDs are not AD accounts. The management model is fundamentally different. We bridge that gap.

What we teach

  • How MDM works vs. Group Policy — the mental model shift
  • Apple Business and device enrollment workflows
  • MDM console operation — profiles, policies, app deployment
  • macOS security model vs. Windows security model
  • Troubleshooting Mac-specific issues your team will actually hit
  • Ongoing self-sufficiency — new hires, offboarding, OS updates

How it works

  • We set up Apple Business + MDM alongside your team
  • Hands-on training during the deployment, not a separate class
  • Your team operates the MDM console from day one
  • Knowledge transfer documentation specific to your environment
  • Post-training support period for questions that come up in practice
  • Goal: your team runs this independently within 60–90 days

This is NOT outsourced IT. We want your team to be confident managing their own Macs. We set it up, train your people, and make sure you can run it without us — even if you choose to keep us around.

Goetch Stone presented a hands-on workshop on exactly this topic at the PSU MacAdmins Conference.

Advisory & Specialized

Payment Processing & PCI Scope Reduction

Most businesses are in a broader PCI scope than necessary and paying higher card processing rates than they should. We audit your current setup, negotiate better rates, and reduce your compliance surface. Less scope means lower audit costs, fewer requirements, and reduced breach liability.

  • Payment processing rate audit and negotiation
  • PCI scope assessment and reduction planning
  • SAQ level optimization (C/D → A/A-EP where possible)
  • Tokenization and scope-reducing architecture guidance
  • Processor contract review and competitive benchmarking

Executive IT

C-suite runs on Apple. Home office network, devices, security, and seamless integration with the company environment. Discreet, thorough, and available when they need it — not when the help desk gets around to it.

  • Home office network and Wi-Fi optimization
  • Personal and company device management
  • Security hardening for high-profile targets
  • Seamless integration with corporate environment
  • Priority response and direct access

Digital Legacy & Account Recovery

Your Apple ID, your passwords, your accounts — what happens to them if you get locked out, or if you die? Most people have no plan. We set up Apple Legacy Contact, configure account recovery options, build a password manager that actually works, and document everything so the right people can access the right things when it matters.

  • Apple Legacy Contact and Account Recovery Contact setup
  • Recovery key generation and secure storage planning
  • Password manager setup — iCloud Keychain, 1Password, or both
  • Shared family vault configuration and emergency access
  • Digital estate documentation — accounts, access, instructions
  • Ongoing review as accounts and services change

IT Advisory

Vendor negotiations, contract reviews, architecture planning, and the hard questions that need senior experience. No retainer required. We work for you, not the vendor.

  • Vendor audit and cost analysis
  • Contract review and exit clause analysis
  • Architecture and infrastructure planning
  • Technology strategy and roadmap
  • RFP development and vendor selection

AI Risk & Guardrails for SMBs

Your team uses AI. Most aren't AI experts. We help leadership put guardrails on AI use — what's safe to delegate, what isn't, and how to spot polished-and-wrong output before it ships. Pro-judgment, not anti-AI. Read the prompt jockey post for the full framing.

  • AI use policy — short, real, enforceable
  • Workflow review — where AI helps vs. where it adds risk
  • Vendor evaluation — data terms, audit trail, exit risk
  • Team training — spotting confidently-wrong output
  • SME workflow design — keeping the human as decision-maker
  • Linked: detailed page at /ai-risk

We intentionally limit the number of clients we work with. Every business we partner with gets direct access to senior-level expertise — not a help desk. If we're at capacity, we'll tell you and refer you to someone we trust.

Not sure where to start?

Book a free consultation. We'll look at what you have, tell you what needs fixing, and give you a clear plan with real numbers. No sales pitch — if we're not the right fit, we'll say so.

Book a free consultation View pricing