SOC 2 and SOC 3 endpoint controls

SOC 2 evaluates controls related to Security, Availability, Processing Integrity, Confidentiality, and Privacy. Codeproof provides endpoint and app controls that help satisfy common requirements for secure configuration, monitoring, and evidence collection. SOC 3 is a public summary report based on SOC 2 testing.

Download SOC 2 checklist (PDF)

What SOC 2 expects on endpoints

Security: Access control, malware defenses, secure baselines, and change management.

Availability: Device health monitoring and incident response readiness.

Processing integrity: Approved OS and app versions and controlled configuration changes.

Confidentiality: Encryption at rest and in transit and data loss prevention settings.

Privacy: Minimize personal data on endpoints and apply BYOD separation.

How Codeproof helps

  • Baseline policies: Enforce passcodes, encryption, screen lock, and network configurations across platforms.
  • App governance: Approve required apps, block risky apps, and push managed configurations.
  • BYOD separation: Android Work Profile and Apple User Enrollment with selective wipe for privacy.
  • Update posture: Track OS and app versions and control maintenance windows.
  • Audit evidence: Device inventory, activity logs, configuration history, and exportable reports.

Related: BYOD · App management · Windows MDM · macOS MDM

SOC 2/3 FAQs

What is SOC 2?
SOC 2 is an attestation report evaluating how an organization designs and operates controls aligned to the Trust Services Criteria (security, availability, processing integrity, confidentiality, privacy).
Does Codeproof make us SOC 2 compliant?
No. SOC 2 is an attestation over your controls. Codeproof supports Trust Services Criteria (security, availability, confidentiality) with device hardening, access controls, logging, and reporting.
Which device controls map to SOC 2 Security?
Encryption at rest, passcode/biometric policies, app allowlists, OS/update enforcement, remote wipe/lock, and conditional access for non-compliant devices.
How do we provide audit evidence?
Export inventory, configuration history, policy assignment, activity logs, and compliance reports. Tie exports to change tickets for traceability.
Can we limit vendor/contractor device access?
Yes. Use group-based policies, app restrictions, and network/VPN profiles. Block access from devices failing posture checks.

Customer stories

Bob Baerwalde, CTO, United Taxi

"Throughout my experience with Codeproof, it has worked flawlessly. Even more importantly, Codeproof support is unrivaled."

— Bob Baerwalde, CTO, United Taxi

CJ Brown, Vice President, Operations at Regional Express Inc.

Working with Codeproof has been a relief, it allows our company to have control over software and devices and visibility to ensure our employees have the proper equipment to do their job each and every day.

— CJ Brown, Vice President, Operations at Regional Express Inc.

Patrick Delaney, Daniel Mullins Trucking

We didn’t make a single compromise to get the protection we wanted and needed.

— Patrick Delaney, Daniel Mullins Trucking

Rachel Gutzke, Champion National Security

We have site phones that we need locked and tracked. We have recovered lost or stolen phones...and pushed new apps remotely.

— Rachel Gutzke, Champion National Security

Dylan Smith, Aculabs Inc.

The Codeproof platform not only assists in fleet management, it has made retrieving company property far more reliable.
Customer support is always accessible, and the team consistently goes out of their way to ensure the MDM platform meets all of our needs.

— Dylan Smith, Aculabs Inc.

Marvin Martin, Compass Foundation

Codeproof had the right balance of easy individual device configuration and group-level settings, as well as an excellent support team and willingness to add new features to meet our needs, all at a competitive price.

— Marvin Martin, Compass Foundation

Natalie McCall, Director, Finanace & Business Operations.

Having our employees work in remote locations, Codeproof has really helped us manage our devices...They are very helpful and detailed when explaining thing.

— Natalie McCall, Director, Finanace & Business Operations.

Merle Bauman, MWPOL

Codeproof has made device management much easier than some larger MDM solutions. From the beginning of our trial Console, up to the present, we were able to easily contact the development team at Codeproof with any ideas for improvements.

— Merle Bauman, MWPOL

Pamela Ward, Account Manager II, Sprint

With Codeproof, the first thing I noticed is that the UI is much more intuitive and simpler to navigate. I feel like there are as many, if not more, features available to me in Code Proof but they are a little easier to find.

— Pamela Ward, Account Manager II, Sprint

Lori Yamaguchi, Executive Director, Always Dream Foundation

Foundation is so grateful for the partnership with Codeproof and their willingness to support students and families in need of literacy resources. While our technical needs are likely less than that of other companies, we have found great value in the Codeproof product.

— Lori Yamaguchi, Executive Director, Always Dream Foundation

Irvyn Mamwell, Mobile/Asset Management IT Manager, TetraTech

Codeproof has great customer support. If there is an issue, or if we need assistance with anything, they are very quick to respond and lend a hand.

— Irvyn Mamwell, Mobile/Asset Management IT Manager, TetraTech

Terry Peters, Director Product Development & Project Management

Terrapin Pharmacy’s Executive Management and Technology Developers would be extremely likely to recommend Codeproof to others based upon the interactions we have had with the Codeproof team and the can-do culture within their organization.

— Terry Peters, Director Product Development & Project Management

William Burke, IT Director and CISO at Gersh Management.

Codeproof is a very comprehensive MDM product. We received great service at all times from their technicians when we had issues. They are continually working on improving the product with feedback from customers like us, so we can have better control of our remote equipment.

— William Burke, IT Director and CISO at Gersh Management.

Tracy Slattery, District Teacher Coordinator - Assessments & Technology, Atlantic City School District

[An] upbeat, well-organized, and helpful company. Codeproof provided superior customer support during a time of uncertainty.

— Tracy Slattery, District Teacher Coordinator - Assessments & Technology, Atlantic City School District

Daramid Mercado, Director of Information Technology at Miami Beach Medical Group

Codeproof has been an asset in maintaining security, control and reducing liability of our mobile devices by allowing us blanketed control of our mobile fleet at all times regardless of day and location. It will continue to be the foundation for our mobile security for now and the future. Their security options and scalability is priceless.

— Daramid Mercado, Director of Information Technology at Miami Beach Medical Group

<b>Jeffrey Falkingham</b>,<br>Owner of NHBlackLabs Delivery LLC

I chose Codeproof over other players in the market because it's simple and customizable dashboard caters to the needs of my business. Codeproof tries to find solutions and treats you as partners rather than just a customer.

Jeffrey Falkingham,
Owner of NHBlackLabs Delivery LLC

Krishna Sharma, Senior Lead - Cyber Security, Innovapptive Inc.

I chose Codeproof for our internal MDM solutions over other options because the case study and utilization of the system were very understandable. It decreased our potential costs related to device investments while increasing device security and reducing operational costs.

— Krishna Sharma, Senior Lead - Cyber Security, Innovapptive Inc.

aculabs
champion
compass
daniel mullins
horizon
mwpol
sprint
tetratech
always dream
spacex
t-mobile
alliance schools
piper fire
canadian armed forces
nissan
sims crane
university academy school
terrapin

Maximize employee productivity through Codeproof

Start free 14-day trial Book a live demo