Brandon Axtmann

Leading Rentsync to SOC 2 Type I

Achieving SOC 2 compliance is rarely about checking boxes. It’s about building trust through systems, processes, and discipline.

In 2023, I had the opportunity to lead Rentsync’s effort to achieve SOC 2 Type I certification across our platform services. This work represented a significant milestone for the company, and one I’m personally proud to have driven from planning through execution.

Why SOC 2 Mattered

Rentsync supports a wide range of customers who rely on us to handle sensitive operational and customer data. As the platform grew — both in scale and in complexity — it became clear that we needed a formal, externally validated security and controls framework.

SOC 2 provided exactly that:

  • A structured way to define and validate our security posture
  • A common language for trust with customers and partners
  • A foundation we could continue to build on as the organization evolved

My Role

As Manager of IT & Cybersecurity, I led the SOC 2 initiative end-to-end. This included:

  • Defining the scope of systems and services included in the audit
  • Designing and documenting security, access, and operational controls
  • Coordinating closely with engineering, product, and leadership teams
  • Implementing technical and procedural changes required to meet the Trust Services Criteria
  • Acting as the primary point of contact during the audit process

SOC 2 touches nearly every part of an organization — infrastructure, development practices, access management, incident response, vendor risk, and more. A large part of the work was aligning teams around consistent processes without slowing down delivery.

More Than an Audit

One of my core goals was to ensure SOC 2 didn’t become a one-time exercise or a purely compliance-driven effort. Instead, we focused on:

  • Building controls that made day-to-day operations better, not heavier
  • Improving visibility into systems and access
  • Establishing repeatable processes that could scale with the company

By the time the audit took place, most of the work was already part of how we operated — the audit simply validated it.

The Outcome

Rentsync successfully achieved SOC 2 Type I certification, confirming that our controls were properly designed and in place at the time of the audit.

For customers and partners, this provided independent assurance of how we protect data and operate our platform. Internally, it gave us a strong baseline to continue improving security, reliability, and operational maturity.

Rentsync maintains ongoing transparency around security and compliance through its trust center at trust.rentsync.com, and the original announcement can be found on the Rentsync blog.

Looking Back

Leading this effort reinforced something I strongly believe in: good security and good engineering go hand in hand. When done correctly, compliance isn’t a blocker — it’s an accelerator for trust and growth.

I’m grateful to the teams across Rentsync who contributed to this work and helped make it successful. It remains one of the most meaningful projects I’ve led, both technically and organizationally.