Lunch & Learn: How to Build Bill Pay Automation 101
Sign Up
Lunch & Learn: Building an Accounting Integration 101
Sign Up
June 27, 2022

Rutter is SOC 2 Type II Compliant

Taishi Nojima
at Rutter
Contact Sales

Learn how Rutter can help you accelerate your product roadmap, save engineering headaches, and grow revenue

Speak to an expert

At Rutter, security is our top priority. As a company that processes and stores sensitive data for our customers, we have always taken pride in our responsibility to ensure the security, confidentiality and integrity of their data, so that our customers can use our services with peace of mind. 

Today, we are proud to announce that Rutter is officially SOC 2 Type II compliant. Achieving this certification is a huge milestone for our company as it affirms our commitment to keeping customer data safe and secure. 

What is SOC 2?

Developed by the American Institute of CPAs (AICPA), SOC 2 is a compliance standard that ensures that a company is securely handling customer data. To meet the SOC 2 Type II standard, an organization must develop and maintain policies, procedures and security controls, and undergo an independent third-party audit each year. 

What did we do to achieve SOC 2 compliance?

We partnered with Vanta, the leader in continuous compliance monitoring, to help us automate the collection of our audit evidence. Vanta provides us with the strongest security foundation to protect our customer data. 

With the help of Vanta, we spent most of Q1 2022 establishing the baseline security measures for the company. Highlights of the work include the following:

  • People processes, such as the introduction of mandatory security training and employee background checks;
  • Technical checks, such as the implementation of backup strategies, encryption, and multi-factor authentication;
  • Continuous monitoring of security events from our production and corporate systems; 
  • Assessment of our critical vendors; and
  • Implementation and testing of business continuity plans.

We then asked Johanson Group LLP to conduct an audit for a period of three months for the formal certification. 

What’s next?

We continue to invest in security at Rutter. For us, SOC 2 compliance goes beyond checking a box or collecting a badge - it signifies an ongoing commitment to operational excellence and data security.

A large portion of our security work comes from the Infra team - the team responsible for developing and maintaining the cloud infrastructure to help us move fast and scale. In this quarter, we are investing in the following security work to further strengthen our security posture.

  • Unified secret management
  • Detection and response strategies
  • Promotion of secure coding practices
  • Continuous vulnerability monitoring

But our security effort is not limited to the infra team, because at the core of our culture, we all know that security is everyone’s responsibility. Every team at Rutter is striving to implement security best practices and promote security initiatives via our vibrant Slack channels.

If you’re interested in Rutter, come learn more about our open roles!

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text




Get up and running.

Building integrated products is hard. We can do that together. Let's chat.

By submitting your information, you agree to be contacted by a Rutter representative.
By submitting your information, you agree to be contacted by a Rutter representative.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.