CJIS endpoint controls (+ Illinois LEADS)

The CJIS Security Policy requires technical controls that limit access to Criminal Justice Information (CJI) and reduce risk on agency endpoints. Illinois LEADS adopts CJIS as a baseline and adds state-specific provisions. Codeproof provides centralized MDM and security configuration for iOS, Android, Windows, and macOS to help you deploy consistent controls at scale.

Download CJIS/LEADS checklist (PDF)

What CJIS expects on endpoints

Access control: Unique user authentication, session lock, and least privilege on devices and apps that handle CJI.

Encryption: Protect data at rest and data in transit with approved algorithms and trusted certificates.

Configuration management: Standardized baselines, change control, and detection of unauthorized settings or software.

Audit and accountability: Activity logging and retention for access, configuration, and administrative actions.

Incident response: Remote lock and wipe for lost or stolen devices, and procedures for containment and evidence.

Your agency remains responsible for overall CJIS compliance. Codeproof provides endpoint controls and evidence to support your program.

Illinois LEADS (CJIS-aligned)

LEADS (Law Enforcement Agencies Data System) is administered by the Illinois State Police and requires adherence to the FBI CJIS Security Policy, plus Illinois-specific provisions. Codeproof’s CJIS-aligned endpoint controls—encryption, MFA, app governance, mobile device security, and audit evidence—also support LEADS participants.

Advanced/Multi-Factor Authentication: Enforce strong authentication for remote/mobile access to CJI.
Encryption in transit & at rest: Use approved algorithms; deploy certificates and trusted roots at scale.
Mobile device security (CJIS Policy Area 13): Jailbreak/root detection, OS posture, and BYOD containers with selective wipe.
App governance: Allowlists/denylists, managed configs, data sharing restrictions, per-app VPN.
Audit evidence: Export device inventory, baseline configs, activity logs, and remediation history.

How Codeproof helps

Encryption and auth: Enforce FileVault and BitLocker policies, device encryption on mobile, passcodes, auto-lock, and idle timeout.
Integrity posture: Detect jailbroken or rooted devices and block access for noncompliant endpoints.
App governance: Allow or deny lists, kiosk mode for single app or multi app use, and silent app updates where supported.
Secure connectivity: Deploy Wi-Fi, per app VPN, and certificate trust stores at scale.
Patch posture: Track OS and app versions and restrict access for unpatched devices where policy requires.
Remote actions: Lock, selective wipe, full wipe, and optional location where allowed by agency policy.
Evidence for audits: Device inventory, configuration history, activity logs, and exportable reports.

Related: Windows MDM · macOS MDM · Android MDM · iOS MDM

CJIS & LEADS FAQs

What is CJIS?

CJIS (Criminal Justice Information Services) refers to the FBI’s CJIS Security Policy—a set of requirements for protecting Criminal Justice Information (CJI) across agencies and their vendors.

What is Illinois LEADS, and how does it relate to CJIS?

LEADS (Law Enforcement Agencies Data System) is the Illinois state implementation of CJIS. Agencies must meet the CJIS Security Policy along with any state-specific LEADS provisions administered by the Illinois State Police.

Does Codeproof help us align with CJIS and LEADS?

Yes. Codeproof enforces device safeguards—encryption, access control, audit logging, and remote actions—that support CJIS and LEADS endpoint requirements. Policy alignment still requires agency procedures and training.

Is MFA required for LEADS/CJIS?

Advanced authentication (e.g., MFA) is required in several scenarios, especially for remote or mobile access to CJI. Pair device posture enforcement with your identity provider to meet these requirements.

How do we protect CJI on mobile devices?

Require passcodes and encryption, restrict data sharing to approved apps, disable risky features (where supported), and use remote lock/wipe with activity logs for incident evidence.

How do we handle lost or stolen officer devices?

Trigger Lost Mode or remote lock, revoke certificates/keys, and wipe corporate data. Use inventory and logs to document timelines and actions.

Can cameras, Bluetooth, or sharing be restricted in secure areas?

Yes—use policy to block camera, screen capture, AirDrop/Nearby Share, and unmanaged sharing in designated profiles or locations (where the OS supports it).

Customer stories

Aculabs Inc. Android

Champion National Security Android

Compass Foundation Android, iOS

Daniel Mullins Trucking Android

Horizon Health Network iOS

MWPOL Android, iOS

Sprint Android, iOS

Always Dream Foundation Android

TetraTech Android

Terrapin Android

Gersh Android

Atlantic City School District Android

Regional Express Inc. Android

United Taxi Android

Miami Beach Medical Group Android, iOS

NHBlacklabs Delivery Android, iOS

Innovapptive Pvt. Ltd. Android, iOS

"Throughout my experience with Codeproof, it has worked flawlessly. Even more importantly, Codeproof support is unrivaled."

— Bob Baerwalde, CTO, United Taxi

Working with Codeproof has been a relief, it allows our company to have control over software and devices and visibility to ensure our employees have the proper equipment to do their job each and every day.

— CJ Brown, Vice President, Operations at Regional Express Inc.

We didn’t make a single compromise to get the protection we wanted and needed.

— Patrick Delaney, Daniel Mullins Trucking

We have site phones that we need locked and tracked. We have recovered lost or stolen phones...and pushed new apps remotely.

— Rachel Gutzke, Champion National Security

The Codeproof platform not only assists in fleet management, it has made retrieving company property far more reliable.
Customer support is always accessible, and the team consistently goes out of their way to ensure the MDM platform meets all of our needs.

— Dylan Smith, Aculabs Inc.

Codeproof had the right balance of easy individual device configuration and group-level settings, as well as an excellent support team and willingness to add new features to meet our needs, all at a competitive price.

— Marvin Martin, Compass Foundation

Having our employees work in remote locations, Codeproof has really helped us manage our devices...They are very helpful and detailed when explaining thing.

— Natalie McCall, Director, Finanace & Business Operations.

Codeproof has made device management much easier than some larger MDM solutions. From the beginning of our trial Console, up to the present, we were able to easily contact the development team at Codeproof with any ideas for improvements.

— Merle Bauman, MWPOL

With Codeproof, the first thing I noticed is that the UI is much more intuitive and simpler to navigate. I feel like there are as many, if not more, features available to me in Code Proof but they are a little easier to find.

— Pamela Ward, Account Manager II, Sprint

Foundation is so grateful for the partnership with Codeproof and their willingness to support students and families in need of literacy resources. While our technical needs are likely less than that of other companies, we have found great value in the Codeproof product.

— Lori Yamaguchi, Executive Director, Always Dream Foundation

Codeproof has great customer support. If there is an issue, or if we need assistance with anything, they are very quick to respond and lend a hand.

— Irvyn Mamwell, Mobile/Asset Management IT Manager, TetraTech

Terrapin Pharmacy’s Executive Management and Technology Developers would be extremely likely to recommend Codeproof to others based upon the interactions we have had with the Codeproof team and the can-do culture within their organization.

— Terry Peters, Director Product Development & Project Management

Codeproof is a very comprehensive MDM product. We received great service at all times from their technicians when we had issues. They are continually working on improving the product with feedback from customers like us, so we can have better control of our remote equipment.

— William Burke, IT Director and CISO at Gersh Management.

[An] upbeat, well-organized, and helpful company. Codeproof provided superior customer support during a time of uncertainty.

— Tracy Slattery, District Teacher Coordinator - Assessments & Technology, Atlantic City School District

Codeproof has been an asset in maintaining security, control and reducing liability of our mobile devices by allowing us blanketed control of our mobile fleet at all times regardless of day and location. It will continue to be the foundation for our mobile security for now and the future. Their security options and scalability is priceless.

— Daramid Mercado, Director of Information Technology at Miami Beach Medical Group

<b>Jeffrey Falkingham</b>,<br>Owner of NHBlackLabs Delivery LLC

I chose Codeproof over other players in the market because it's simple and customizable dashboard caters to the needs of my business. Codeproof tries to find solutions and treats you as partners rather than just a customer.

— Jeffrey Falkingham,
Owner of NHBlackLabs Delivery LLC

I chose Codeproof for our internal MDM solutions over other options because the case study and utilization of the system were very understandable. It decreased our potential costs related to device investments while increasing device security and reducing operational costs.

— Krishna Sharma, Senior Lead - Cyber Security, Innovapptive Inc.

Maximize employee productivity through Codeproof

Start free 14-day trial Book a live demo