Jamf's AI governance tool names a problem you already have
Jamf shipped OS-level AI governance for Mac that discovers shadow AI like Claude Code and Codex on your fleet. The shadow-AI question isn't just an enterprise problem.
On July 1, Jamf shipped AI Governance, a native, OS-level control plane for AI tools running on Mac fleets. The feature list is aimed at enterprise IT, but the problem it names lands on every small team that's let AI onto its laptops: you probably can't say what's running where.
What actually happened
Jamf's new capability does three things inside the Mac management platform admins already use. Visibility: shadow-AI discovery surfaces the AI tools, agents, and LLM runtimes across a fleet — including CLI-based developer tools and background agents — using its existing telemetry agent. Control: IT can define a sanctioned list of tools, push access policy at scale, and scope different postures to different teams. Governance: an executive AI posture report gives leadership a snapshot of who's using what, with SIEM compatibility for compliance.
At launch it recognizes Claude Code, Claude Desktop, and OpenAI Codex — the exact tools a modern dev team is quietly installing. Jamf also cites its own survey finding that organizations with deeply integrated AI are 40% more likely to report an incident than those still in the exploration phase. Adoption and exposure move together.
Why it matters for your business
You don't need a thousand Macs to have this problem. A five-person shop where two engineers run Claude Code, someone's pasting customer data into a chatbot, and a background agent has a token to your repo — that's shadow AI, and nobody wrote it down. The risk isn't the tools; it's that no one can answer "what has access to what."
You probably won't buy Jamf for a team that size. But the discipline is free, and it's the same discipline: know what AI is running on your machines, sanction a short list instead of pretending nothing's installed, and keep an audit trail so a security question has an answer that isn't a shrug. The tooling going enterprise-grade is the signal that this graduated from "nice to have" to "table stakes" — the same way device management and password managers did.
The operators who get burned won't be the ones who banned AI. They'll be the ones who never knew what they'd already let in.
Key takeaways
- Jamf launched OS-level AI Governance for Mac (July 1) — shadow-AI discovery, sanctioned-tool policy, and an executive posture report
- It recognizes Claude Code, Claude Desktop, and OpenAI Codex at launch — the tools dev teams are already installing
- Jamf's survey: orgs with deeply integrated AI are 40% more likely to report an incident than exploration-phase peers
- The operator lesson: even a five-person team needs to know what AI is running, sanction a short list, and keep an audit trail
Not sure what AI tools have access to your systems? We map what's running, lock down the access that matters, and set up automation you actually control. Start with a conversation or see how we work.
Sources: PR Newswire (Jamf), Yahoo Finance.
- #ai-governance
- #shadow-ai
- #security
- #automation
Tommy Rush — Founder, Rush Commerce
Operator turned builder. 15+ years running operations — now shipping the systems businesses run on. More
Get The Rush Report weekly — one email, zero fluff.
Keep reading
Venice AI hits $1B on a privacy pitch: your prompts aren't the product
Venice AI raised $65M at a $1B valuation for a privacy-first AI platform that doesn't log prompts — a signal small businesses should read on data ownership.
Read itTogether AI raises $800M — open-source inference just went mainstream
Together AI's $800M round at an $8.3B valuation, led by Aramco's Prosperity7, signals open-weight models are now a serious cost play for small businesses.
Read it