Skip to content
Close
LANGUAGE – en
fr-ca
Request a Demo
Login
en
fr-ca
Request a Demo
Login
marketing-pillar@2x
Marketing Managers
leasing-pillar@2x
Leasing Teams
resident-pillar@2x
Property Management
marketing-pillar@2x
Marketing Automation
reporting
Comprehensive Reports
fpn@2x
Floorplan Navigator
leasing-pillar@2x
Seamless Leasing
finance@2x
Property Finance Management
resident-pillar@2x
Resident Management
tenant portal@2x
Tenant Portal
agency@2x
Our Agency
digital mktg @2x
Digital Marketing
websitedesign_2x
Websites
lease up@2x
Lease Up Marketing
creative@2x
Branding
portfolio
Portfolio
Why RS@2x
Why Rentsync?
contact@2x
Support
rs-roadshow
Rentsync Roadshow
blog@2x
Blog & News
press-media2
Press
faq@2x
FAQs
case study@2x
Case Studies

Data & Security

TABLE OF CONTENTS
loading...

Governance


Rentsync’s Security and Privacy team establishes policies and controls, monitors compliance with those controls, and is working towards proving our security and compliance to third-party auditors.

Our policies are based on the following foundational principles: 

  1. Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.

  2. Security controls should be implemented and layered according to the principle of defense-in-depth.

  3. Security controls should be applied consistently across all areas of the enterprise.

  4. The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increased auditability, and decreased friction.


Data Protection

Rentsync uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks. We also use features such as HSTS (HTTP Strict Transport Security) where possible to maximize the security of our data in transit. Server TLS keys and certificates are managed by AWS for client websites, and Google for the Rentsync Platform, and are deployed via Load Balancers.

 

Product Security

Rentsync regularly engages with leading penetration testing organizations to periodically conduct comprehensive penetration tests. All areas of the Rentsync Platform are tested, and source code is fully available to the testers in order to maximize the effectiveness of testing. 

Rentsync also utilizes several vulnerability scanning tools internally as well to continuously monitor our code and software. 

  1. Static application security testing of code (SAST)

  2. Software composition analysis (SCA) to identify known vulnerabilities in our software supply chain

  3. Malicious dependency scanning to prevent the introduction of malware into our software supply chain

  4. Dynamic analysis of running applications (DAST)

  5. Network vulnerability scanning multiple times daily


Enterprise Security

Endpoint Protection - All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored 24/7/365. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

Security Education - Rentsync provides comprehensive security training to all employees upon onboarding and quarterly through a 3rd party training platform, KnowBe4. 

Rentsync’s security team shares regular threat briefings with employees to inform them of important security and safety-related updates that require special attention or action.

 

Responsible Disclosure

Looking to report a security concern? Please email security@rentsync.com. We’ll acknowledge your email within 1 week. 

 

Trust Report

Learn more about Rentsync’s cybersecurity posture, and compliance by visiting our Trust Report at: https://trust.rentsync.com