ModSquad's Secure Platform
When you work with ModSquad, your operations run on our secure platform — built on Cubeless and enhanced with policies, tools, and workflows specific to CS and T&S work. SOC 2 Type 2, HIPAA, and PCI-DSS compliant. Remote operations. Centralized control.
Cubeless is also available as a standalone product for companies securing their own distributed teams.
Platform Controls
| Isolated workspace | All work happens inside a secure workspace. No client data on personal devices. No local file storage. No persistent credentials. When a session ends, nothing remains. |
| Identity & access | SSO enforced. Risk-aware MFA required. Role-based permissions scoped to specific client programs. Optional continuous biometric authentication. Access revoked instantly when needed. |
| Data loss prevention | Screenshot and print capture blocked. Copy/paste outside the workspace restricted. Keylogging exposure prevented. Downloads routed to secure storage. Sensitive data masking via DLP rules. |
| Program isolation | Each client program runs in a separate, permission-controlled environment. No cross-client visibility. No lateral access between programs. |
| Audit & accountability | Centralized logging. User-level access tracking. Session-level attribution. Full visibility into who accessed what and when. |
| Access revocation | Credentials revoked centrally. Sessions terminated. No local data remains. No residual access. No dependency on the user's device to remove access. |
Compliance
| SOC 2 Type 2 | Independently audited controls for security, availability, and confidentiality |
| HIPAA | Compliant for healthcare data handling |
| PCI-DSS | Compliant for payment card data |
| GDPR | Privacy and data protection compliance |
Compliance documentation available upon request under NDA.
Operational Discipline
Technology enforces the guardrails. Operations reinforce them.
Background screening aligned to program requirements
Identity verification and confidentiality agreements before system access
Security orientation at onboarding, program-specific data handling protocols, ongoing refreshers
Structured offboarding with centralized credential revocation
Access is only granted after required screening and onboarding are complete.
Works with Your Systems
Our platform integrates with your existing tools — Zendesk, Salesforce, your internal platforms. No migration. Our team works inside your systems through the secure workspace.
FAQ
What is ModSquad's secure platform?+
ModSquad's secure platform is built on Cubeless — enhanced with policies, tools, and workflows specific to customer support and trust & safety operations. Mods operate within a secure, isolated, identity-managed environment. SOC 2 Type 2, HIPAA, and PCI-DSS compliant.
How does ModSquad secure client data?+
All work happens inside a secure workspace. No client data on personal devices, no persistent credentials, no residual access when a session ends. Each client program runs in a separate environment with no cross-client visibility. Every action is logged and attributable.
What is Cubeless?+
Cubeless is ModSquad's patent-pending secure workspace product. ModSquad uses it internally to secure client operations, and it's also available as a standalone product for any company securing a distributed workforce. Visit cubeless.io for details.
What compliance certifications does ModSquad hold?+
ModSquad holds SOC 2 Type 2, HIPAA, PCI-DSS, and GDPR certifications. Compliance documentation is available upon request under NDA.