Rentsync Platform & Services Achieve SOC 2 Type 1 Certification
We’re proud to announce that we’ve achieved SOC 2 Type 1 certification for the Rentsync Platform and Services. This achievement reinforces our unwavering commitment to providing secure, reliable solutions for multifamily marketing professionals across Canada.
What is SOC 2 and Why Does it Matter?
SOC 2 (System and Organization Controls 2) is a framework designed to ensure organizations manage customer data securely.
Developed by the American Institute of CPAs (AICPA), it focuses on key trust service criteria such as security, availability, confidentiality, processing integrity, and privacy. A SOC 2 audit is one of the highest recognized standards of information security compliance in the world.
For our customers, leaders in the multifamily marketing space, this certification offers peace of mind.
It demonstrates that Rentsync is committed to safeguarding data, meeting regulatory requirements, and providing a secure environment for their business operations.
Why SOC 2 is Great for You, Our Customers
Multifamily marketing is a data-intensive industry, and trust is paramount.
By achieving SOC 2 certification:
- We demonstrate accountability: Your data is handled with care, following industry-leading security practices.
- We support your compliance efforts: Working with SOC 2-certified vendors simplifies your own compliance reporting.
- We reduce risk: Our adherence to strict security measures minimizes the likelihood of breaches or downtime.
For our clients, this means more than just a certificate on the wall—it’s a guarantee that your business operations are supported by a platform designed to protect what matters most.
How We Did It and Lessons Learned
Leveraging Vanta and Partnering with Johanson Group LLP.
Our journey to SOC 2 was supported by Vanta, a continuous monitoring platform that streamlined much of the preparation work, and Johanson Group LLP, our expert auditor. Vanta helped automate tasks and maintain compliance across our systems, while Johanson Group LLP provided invaluable guidance and support throughout the audit process.
Lessons Learned Along the Way
- Start SOC 2 Early: If you’re thinking about SOC 2, start when your company is smaller.
- Invest In Continuous Monitoring Tools: They reduce manual effort and make it easier to scale compliance efforts as your organization grows.
- Automate Wherever Possible: Automation is critical for managing the growing complexity of a cybersecurity program.
- Engage Your Auditor Early: Signing on with your auditor well before your audit ensures you have the support needed for pre-audit questions and nuanced challenges.
- Take Your Time: If you can, take your time to build a strong cybersecurity program from the start, it’ll make future compliance frameworks easier to achieve.
- Run SOC 2 In-House: We tried using third-party consultants initially but found they couldn’t understand the nuances of our business and how our company runs.
- Be Strict and Comprehensive: SOC 2 allows you to scope evidence and tests in or out. While it’s tempting to exclude problematic areas, we chose to tackle challenges head-on.
- Define Your Tech Stack Around SOC 2: For companies without a pre-defined cybersecurity stack, align your technology decisions with SOC 2 requirements.
Looking Ahead
Achieving SOC 2 Type 1 certification is just the beginning. Here’s what’s next for Rentsync:
SOC 2 Type 1 for Building Stack
Our focus now shifts to obtaining SOC 2 Type 1 certification for Building Stack, our other enterprise product, ensuring it meets the same high standards for security and trust.
SOC 2 Type 2 for the Rentsync Platform
We’ll advance to SOC 2 Type 2 certification for the Rentsync Platform, which will demonstrate our ongoing ability to maintain compliance over time.
SOC 2 Type 2 for Building Stack
Once Building Stack has achieved Type 1 certification, we’ll work towards its SOC 2 Type 2 certification, further solidifying our commitment to security and reliability.
GDPR and US Data Privacy Compliance
Alongside our SOC 2 Type 2 efforts, we’ll be focusing on GDPR and US data privacy law compliance. These initiatives will ensure our operations and services align with global privacy standards and regulations, giving our customers even more confidence in our data-handling practices.
A Big Thank You
We’re incredibly proud of the hard work and dedication of our staff, partners, and vendors who made this achievement possible. Thank you for your continued support as we build a safer, more reliable platform for multifamily marketing professionals.
Stay tuned for more updates as we take the next steps in our SOC 2 journey!
You can request access to our SOC2 Type 1 report on our trust page at https://trust.rentsync.com. We’ll post our other certifications there as we achieve them.