SmartRent Resident Data Security and Compliance

How we protect and secure data

When building our solution, we created secure methodologies that protect information and ensure we are creating error-free and secure technologies.

• Being transparent that we employ security researchers to review our platform and the new services that are introduced.
• Perform third-party penetration testing on our platform website, mobile apps API and our platform core.
• Follow a secure software development lifecycle that includes peer-review, static code analysis and quality assurance testing.
• SmartRent is ISO 27001:2013 compliant (certification no. IS 719023).
• SmartRent is an SSAE 18 SOC II Type II compliant company and we regularly undergo a series of rigorous audits to maintain our compliance status.
• Utilization of strong password and 2FA.
• Utilizing CDN/WAF to ensure availability and continuous testing of our web application and system with a vulnerability management system that tests utilizing, OWASP, CVE and zero-day security feeds.
• Information Security Program (ISP) that evaluates, identifies and remediates risk. Our ISP program also ensures we evaluate our vendors and suppliers to ensure that we are not introducing any risk to our platform as well as keeping our highly-trained professionals up-to-date with the ever-changing cyber risk.
• Compliant with CCPA and will continue to comply with other state privacy laws as well as international privacy laws like GDPR and applicable data service requests.
• Layered security technologies and hardware controls to include;
  • CDN for data throttling to mitigate DOS and DDOS
  • WAF for OWASP security threats
  • IAM and role-based administrative access
  • Utilizing strongest encryption for data being sent across the internet
  • Encryption of data being stored at rest
  • Security information and event monitoring
  • Highly available environment with strong segmentation
  • System policy compliance and malware scanning