Our multi-layered security processes ensure that your data and funds remain safe.
Pilot follows state-of-the-art security practices to ensure that your funds get safely from you to your team members.
Pilot uses licensed, regulated financial institutions to process payments. Our payment partners are compliant with money transfer regulations in all 50 states. Your funds never touch Pilot’s corporate accounts, remaining yours until your contractors receive them.
Your transactions stay secure with Pilot’s AML (Anti-Money Laundering) and sanctions screening processes. Payments are processed and sent in your name, and not Pilot’s, streamlining the financial KYC (Know Your Customer) verification process.
For added security, all Pilot companies are vetted during the onboarding process to verify their identity, helping to ensure that the employees and contractors that use Pilot are working with verified businesses.
We ensure that your data is protected by following international compliance standards and strict security protocols.
Pilot is compliant with the requirements of GDPR (General Data Protection Regulation) and the CCPA (California Consumer Privacy Act).
Sensitive data is encrypted with AES-256 block-level storage encryption to keep your data secure. All sensitive data is sent over SSL/TLS. We use HSTS and only allow TLS 1.2 and above.
Pilot’s platform data is securely hosted on AWS.
Pilot’s platform is designed to be secure for you and your team members.
Manage access to sensitive data with Pilot’s built-in permission management system. Administrators can manage which team members have the ability to make payments and who can see sensitive data.
Pilot offers two-factor authentication for all users, including administrators, managers, employees, and contractors, to keep your accounts secure.
Training. Every Pilot employee receives up-to-date training on security procedures.
2FA. Staff are required to use two-factor authentication for key systems.
MDM. Pilot uses Mobile Device Management for password enforcement, screen lock settings, and staff offboarding.
Restricted access. Access to sensitive data, including PII (Personally Identifiable Information) is limited to specific staff.