Frequently Asked Questions

MGB requires that Mac devices run MacOS 13 or newer. Older versions of MacOS do not support Intune and you will need to update your device before continuing.

1. Ensure your Mac is up to date.

You can check which version you are running this by clicking the Apple logo in the top left corner of the screen and choosing "About This Mac".

Look here to find which version your device is running.

If your Mac is running MacOS 12 or older you will need to update the operating system on your device.

You can update your Mac by clicking the apple logo in the top right and choosing "system settings", then choosing "General -> software update". You can see this support article from Apple for more detailed instructions.

Note: if your device cannot update to MacOS 13 or later then it will not be able to connect to phswifi3. As a temporary alternative you can use the mgbguest network, however this comes with limitations such as slower speeds and no access to printing. You can check this page to see if your model of Mac is compatible. All our students are required to have laptops that meet the minimum requirements for school work here at the MGH IHP. These requirements can be found at

2. Unenroll from PEAS (Skip this step if your device is not enrolled in PEAS)

1. Open a Finder window, go to Applications, and open Self Service

2. Find the Switch to Intune button in Self Service and click Install.

Intune does not support escrowing FileVault Encryption keys for personal devices. If you don't have your FileVault Recovery key, IT IS UP TO YOU to decrypt your Mac, and re-encrypt after enrolling in Intune to generate a new FileVault recovery key that will be your responsibility to keep track of. Keep it safe. Keep it secure. For more information on decrypting your Mac, see this Apple article.

3. When your device is fully removed from PEAS, Company Portal will open up. Company Portal is the replacement for Self Service.

3. Enroll in Intune

This section will guide you through the process of enrolling your device with Intune.

Note: You may be prompted to change your password to an MGB compliant password. If your password is already compliant, you can re-enter your existing password the first time you are prompted. Your password will need to be at least 8 characters and include at least one number and one capital letter.

• 1. Download and install the Company Portal app from this link.

• 2. Click “OK” when the “Required Data Notice” screen from Microsoft AutoUpdate pops up.

• 3. In Finder, open the Company Portal app located in your Applications folder.

• 4. Click “Sign In”.

• 5. Enter your primary MGB Email address.

• 6. Enter your MGB credentials and Sign In.

• 7. If you are enrolled in Okta Verify 2FA, click Send Push. NOTE: If you are using SMS Authentication, change the dropdown, click Send code, and enter in the code sent to you via your SMS text message.

• 8. Verify the Push in Okta Verify on your phone.
• 9. Review the Intune information, and click Continue

• 10. Click Download to install the MDM Profile

• 11. On your Mac, navigate to System Settings> Privacy & Security> Profiles, and double click
• the Management Profile

• 12. In the bottom left corner, click Install

• 13. Enter your local Mac password, and click Enroll

• 14. When prompted, click Allow

• 15. Intune may prompt you to enable FileVault. See section 6 in this document for more details about FileVault.

• 15. Click Done.

• 16. You are now enrolled! Click on “Done”.
• 17. The next time you log into your device you will be prompted to update your laptop login password.

After you restart your device, log out of your account, or lock your screen, you will be presented with this password reset screen when you log back in. Your password will need to be at least 8 characters and include at least one number and one capital letter. If your password already meets these requirements then you can re-enter your current password in the “New password” and “Verify Password” fields.

Click “Reset Password” and restart your laptop.

4. Install Forescout SecureConnector

Forescout SecureConnector is an app that MGB requires for your device to be in compliance with their security requirements.

Open the Company Portal app. Navigate to the "apps" tab.

Search for "Forescout SecureConnector" or find it in the list of apps.

Click on the app in the search results and then click "install".

Wait for the app to install. You can check that it installed by navigating to your applications folder and looking for the application there.

5. Install Crowdstrike Falcon Sensor

Crowdstrike is an antivirus app that is required by MGB.

Open the Company Portal app. Search for "CrowdStrike Falcon Sensor" in the search bar. Click on the app and then click the install button. Wait for the app to install. You can verify that it installed by finding it in the application folder.

6. Encrypt your device with FileVault

MGB requires devices connected to the campus network to be encrypted. On Macs this is done by enabling FileVault in settings.

Open the System Settings app and navigate to the "Privacy and Security" pane. Scroll down to the bottom and you will see the option to turn on FileVault.

It might already be enabled. If it’s not, you can enable it by clicking on “Filevault” and then clicking “turn on”.

Choose your recovery method. You can choose to use your iCloud account or to create a recovery key.

IMPORTANT: if you choose to create a recover key you must keep it somewhere safe as the data on your laptop could become unrecoverable without it.

See this document from Apple for more information on FileVault.

7. Connect to phswifi3

Open the System Settings app. Click on "Wi-Fi" in the sidebar. Hover over the phswifi3 network and click "connect".

Enter your MGB username and password in the login screen that appears.

Click "Continue" on this dialog box.

Wait a few moments for your device to connect to the network.

If it didn't work:

If it doesn’t connect or you see an error message, then you may need to "forget" the phswifi3 network and rejoin it.

To do this open the "System Settings" app, click "Wifi" in the side bar. Click the three dots to the right of the phswifi3 network, then choose "Forget This Network"

Select "Remove"

Now go back and try to connect to phswifi3 once again.