On an entirely separate tangent... Why are you remotely managing macs? That seems like a cluster of nightmarish proportions without even getting to this issue.
If you don't trust people, give them Windows and use the tools that have been around for decades for this.
That doesn’t sound right. Most of SOC compliance boils down to having a plan to check enterprisey checkboxes.
So, you pay someone that can write a report explaining how the boxes will be checked in a way that minimizes the blast radius of security theater stuff like broken approaches to remote management. Consider fixing your soc compliance plan.
Anyway, assuming the remote management tool has root, you can use brew to install docker desktop from the cli.
In principle yes. The implementation however is rarely defined (if you have examples, feel free to share). In my experience it's by choice that companies use compliance to turn their dev environments into a micromanaged hell that engineers hate working in (our company went through multiple compliance certifications including SOC1 and SOC2).
Not at the level John was talking about. My last company had SOC 2 and yes, there was remote management, but the developers still had admin access to their machines, and didn't need some BOFH to use docker.
If you don't trust people, give them Windows and use the tools that have been around for decades for this.