SECURITY & DATA PROTECTION
Security tools you can trust
Rippling combines enterprise- grade security features with regular audits to ensure you’re always protected.
Compliance
Rippling meets industry-standard compliance—SOC, CSA, and ISO.
Infrastructure
Industry best practices inform all of Rippling’s services.
Personnel
Every Rippling employee is vetted and trained on strict security policies.
App & development
Rippling products are built with security and quality top-of-mind.
COMPLIANCE
We comply with global data protection and security frameworks
Rippling complies with all applicable privacy and data protection laws, including GDPR and CCPA. Learn more about our approach to privacy here.
SOC 1 Type ll
Rippling’s SOC 1 Type 2 report covers 11 different control areas from information security and operations to changement management and payroll processing, and is audited annually.
SOC 2 Type ll
Rippling's SOC 2 Type 2 report covers the trust services categories of Security, Confidentiality, and Availability, and is audited annually.
SOC 3
Rippling's SOC 3 report is a publicly available version of our SOC 2 that covers the same trust services criteria. Download our SOC 3 here.
CSA STAR Level 2
We ensure policies, processes, and controls comply with CCPA requirements, and have even built CCPA employee notices directly into our software.
ISO 27001 Certified
Rippling's ISO 27001 certification demonstrates our commitment to operating a mature security program.
ISO 27018 Certified
Rippling's ISO 27018 certification demonstrates our commitment to protecting personal information of our customers.
ISO 42001 Certified
Rippling’s ISO 42001 certification demonstrates our commitment to secured and governed AI management.
DATA & INFRASTRUCTURE SECURITY
We're built to secure your most sensitive data
Secure infrastructure provider
Data redundancy and resiliency
Formal security policies and incident response plan
Strict onboarding and offboarding process
PERSONNEL SECURITY
We hold our employees to the highest standards
Formal security policies and incident response plan
Strict onboarding and offboarding process
Continuous security training
Office security
APP & DEVELOPMENT
Our developers keep security top of mind
Penetration testing and bug bounties
Application monitoring and protection
Development and change management process
Third-party vendor security review process
“As the CISO of Rippling, I am dedicated to our mission of freeing smart people to work on hard problems. The foundation of this mission is our unwavering commitment to security. By choosing Rippling, you are choosing a platform that prioritizes the protection of your data, enabling you to focus on what is most important for your business.”
Duncan Godfrey, CISO AT RIPPLING
Resources
Dig deeper into our security posture
Trusted by 16,000+ companies
