Security at Rentals United
Rentals United software is trusted by thousands of companies around the world including top world’s OTAs, Property Management Software, Property Managers and other innovative tech partners.
Our application is designed to support large, security-sensitive enterprise organizations. We continually protect our customers and partners through efforts like SOC 2 Type II compliance (in progress)
People often represent the weakest link
Our staff’s commitment to security
All Rentals United employees/contractors/partners are under Non Disclosure Agreements ensuring your privacy.
All Rentals United employees periodically undergo security awareness training.
We partner with Vanta for employee on-boarding and device security.
At Rentals United, we continuously invest in security best practices to ensure that our customers’ and partners’ data is safe. We are currently partnering with Vanta which helps us become and remain SOC 2 compliant.
Rentals United physical infrastructure is hosted and managed within Amazon’s secure data centers and utilizes the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
Amazon’s data center operations have been accredited under:
SOC 1, SOC 2 and SOC 3 / SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
PCI DSS Level 1
AWS also continually works to comply with any new or changing regulations, such as:
View the full list of Amazon AWS certifications here.
The Rentals United application runs within an isolated environment in AWS (eu-west, eu-central), a cloud platform that manages infrastructure configuration, scaling and security.
All Rentals United’s applications run in the Virtual Private Cloud environment that isolates processes, memory, data transfer and utilises host-based firewalls.
Rentals United encrypts all data in transit using TLS 1.2.
Penetration and Vulnerability Testing
Rentals United processes are designed to proactively remediate security risks. Rentals United is notified of vulnerabilities through internal and external assessments, system patch monitoring, and third party mailing lists and services. Each vulnerability is reviewed to determine if it is applicable to Rentals United’s environment, ranked based on risk, and assigned to the appropriate team for resolution.
Bug Bounty – the crowd security testing
Rentals United uses Open Bug Bounty which is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible and ISO 29147 compatible vulnerability disclosure.
Rentals United is committed to adhere to Europe’s General Data Protection Regulation (GDPR). We’ve implemented technical and organisational security measures that better protect our customers’ personal data. We’re committed to assisting our customers with satisfying their GDPR data security and privacy requirements.
Rentals United’s infrastructure provider is PCI Level 4 compliant.
Best in class service
Rentals United is committed to providing reliable service and quick support responses to issues. Our application has 99.9% uptime; the current status of our application performance and any past incidents can be seen on our status page.
Rentals United provide security features free of charge including
Single Sign-On (Google, LinkedIn)
Enhanced Password Security
Multi Factor Authentication
Responsible Disclosure Policy
Data security is a top priority for Rentals United, and Rentals United believes that working with skilled security researchers can identify weaknesses in any technology. If you believe you’ve found a security vulnerability in Rentals United service, please notify us; we will work with you to resolve the issue promptly.
If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at firstname.lastname@example.org. We will acknowledge your email within one week.
Please provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within ten business days of disclosure.
Make a good faith effort to avoid violating privacy, destroying data, or interrupting or degrading the Rentals United service. Please only interact with accounts you own or for which you have explicit permission from the account holder.
Rentals United is providing this service to help ensure a safe and secure environment for all of its users. As such, any users believed to be engaging in the below activities will have their user credentials immediately deactivated.
While researching, we’d like you to refrain from:
Social engineering or phishing of Rentals United employees or contractors
Any attacks against Rentals United’s physical property or data centers
This policy applies to the Rentals United Applications hosted at rentalsunited.com and to any other subdomains or services associated with the Rentals United system.
Thank you for helping to keep Rentals United and our users safe!
Rentals United is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at email@example.com.