Security model
DockPilot separates the customer portal, licence profile, client runtime, and Dock policy profile. The client can keep local Dock features available while pausing managed Dock actions when a licence or trial is not active.
Device identity
- DockPilot uses a hashed device identity rather than storing raw serial numbers.
- The hash is used to identify a Mac for licensing, support, and duplicate detection.
- Only a short hash prefix is shown in diagnostics.
Tokens
- Enrolment tokens are delivered through an organisation licence profile or managed preference.
- Raw enrolment tokens and device tokens are not displayed in customer-facing UI.
- Device tokens are stored on the Mac and used for future licence check-ins.
- Enrolment tokens can be rotated or revoked if needed.
Dock safety
- DockPilot uses soft enforcement.
- Expired or offline licence checks pause future managed Dock updates.
- DockPilot does not intentionally remove a user's whole Dock when licensing fails.
- User-added Dock items can be preserved when policy allows flexibility.
Operational data
The customer portal shows release downloads, licence state, support tickets, and a basic installed-client count for support purposes. DockPilot does not attempt to replace your MDM inventory.