Rutter is SOC 2 Type II Compliant

Today, we are proud to announce that Rutter is officially SOC 2 Type II compliant.

June 27, 2022
By
Taishi Nojima
In this article
Example H2
Example H3
Example H4
Example H5
Contact Sales

Learn how Rutter can help you accelerate your product roadmap, save engineering headaches, and grow revenue

Book A Demo
Share this article:

At Rutter, security is our top priority. As a company that processes and stores sensitive data for our customers, we have always taken pride in our responsibility to ensure the security, confidentiality and integrity of their data, so that our customers can use our services with peace of mind. 

Today, we are proud to announce that Rutter is officially SOC 2 Type II compliant. Achieving this certification is a huge milestone for our company as it affirms our commitment to keeping customer data safe and secure. 

What is SOC 2?

Developed by the American Institute of CPAs (AICPA), SOC 2 is a compliance standard that ensures that a company is securely handling customer data. To meet the SOC 2 Type II standard, an organization must develop and maintain policies, procedures and security controls, and undergo an independent third-party audit each year. 

What did we do to achieve SOC 2 compliance?

We partnered with Vanta, the leader in continuous compliance monitoring, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data. 

With the help of Vanta, we spent most of Q1 2022 establishing the baseline security measures for the company. Highlights of the work include the following:

  • People processes, such as the introduction of mandatory security training and employee background checks;
  • Technical checks, such as the implementation of backup strategies, encryption, and multi-factor authentication;
  • Continuous monitoring of security events from our production and corporate systems; 
  • Assessment of our critical vendors; and
  • Implementation and testing of business continuity plans.

We then asked Johanson Group LLP to conduct an audit for a period of three months for the formal certification. 

What’s next?

We continue to invest in security at Rutter. For us, SOC 2 compliance goes beyond checking a box or collecting a badge - it signifies an ongoing commitment to operational excellence and data security.

A large portion of our security work comes from the Infra team - the team responsible for developing and maintaining the cloud infrastructure to help us move fast and scale. In this quarter, we are investing in the following security work to further strengthen our security posture.

  • Unified secret management
  • Detection and response strategies
  • Promotion of secure coding practices
  • Continuous vulnerability monitoring

But our security effort is not limited to the infra team, because at the core of our culture, we all know that security is everyone’s responsibility. Every team at Rutter is striving to implement security best practices and promote security initiatives via our vibrant Slack channels.

If you’re interested in Rutter, come learn more about our open roles!

Keep reading

Guides

Best Practices For SMB Lending During A Recession

Learn more
Industry

What is Quickbooks

Learn more
Product

January 2023 Rutter Product Updates

Learn more

Book A Demo

Add, read, and write integrations to many accounting, commerce, and payment platforms with a Unified API.

What is a Unified API
Read more
Resources
Blog
Article
June 27, 2022

Rutter is SOC 2 Type II Compliant

Taishi Nojima
,
Engineer
at Rutter
In this article
Example H2
Example H3
Example H4
Contact Sales

Learn how Rutter can help you accelerate your product roadmap, save engineering headaches, and grow revenue

Speak to an expert

At Rutter, security is our top priority. As a company that processes and stores sensitive data for our customers, we have always taken pride in our responsibility to ensure the security, confidentiality and integrity of their data, so that our customers can use our services with peace of mind. 

Today, we are proud to announce that Rutter is officially SOC 2 Type II compliant. Achieving this certification is a huge milestone for our company as it affirms our commitment to keeping customer data safe and secure. 

What is SOC 2?

Developed by the American Institute of CPAs (AICPA), SOC 2 is a compliance standard that ensures that a company is securely handling customer data. To meet the SOC 2 Type II standard, an organization must develop and maintain policies, procedures and security controls, and undergo an independent third-party audit each year. 

What did we do to achieve SOC 2 compliance?

We partnered with Vanta, the leader in continuous compliance monitoring, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data. 

With the help of Vanta, we spent most of Q1 2022 establishing the baseline security measures for the company. Highlights of the work include the following:

  • People processes, such as the introduction of mandatory security training and employee background checks;
  • Technical checks, such as the implementation of backup strategies, encryption, and multi-factor authentication;
  • Continuous monitoring of security events from our production and corporate systems; 
  • Assessment of our critical vendors; and
  • Implementation and testing of business continuity plans.

We then asked Johanson Group LLP to conduct an audit for a period of three months for the formal certification. 

What’s next?

We continue to invest in security at Rutter. For us, SOC 2 compliance goes beyond checking a box or collecting a badge - it signifies an ongoing commitment to operational excellence and data security.

A large portion of our security work comes from the Infra team - the team responsible for developing and maintaining the cloud infrastructure to help us move fast and scale. In this quarter, we are investing in the following security work to further strengthen our security posture.

  • Unified secret management
  • Detection and response strategies
  • Promotion of secure coding practices
  • Continuous vulnerability monitoring

But our security effort is not limited to the infra team, because at the core of our culture, we all know that security is everyone’s responsibility. Every team at Rutter is striving to implement security best practices and promote security initiatives via our vibrant Slack channels.

If you’re interested in Rutter, come learn more about our open roles!

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text

Emphasis

Superscript

Subscript

RESOURCES

See what we’ve been up to

What is Quickbooks

Today we dig into one of the most popular accounting software companies out there Quickbooks.

Rutter x Klippa Partnership: Automating Accounting Workflows

We are excited to announce the Rutter and Klippa Partnership to help companies better automate their accounting workflows

Working with Mercury: Digitizing the Venture Debt Diligence Process

We’re excited to announce that we’re officially working with Mercury to help provide banking* products that empower founders to build great startups.

Get up and running.

Building integrated products is hard. We can do that together. Let's chat.

By submitting your information, you agree to be contacted by a Rutter representative.
By submitting your information, you agree to be contacted by a Rutter representative.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.