Security at Pivot
Security is built into how we design, build, and operate Pivot. We protect the confidentiality, integrity, and availability of customer data with modern controls, independent testing, and clear ownership.
Security is built into how we design, build, and operate Pivot. We protect the confidentiality, integrity, and availability of customer data with modern controls, independent testing, and clear ownership.
All data to and from Pivot is encrypted in transit (TLS 1.2/1.3) and at rest (AES-256). Encryption keys are managed in cloud KMS with strict access controls and audit trails.
Pivot runs on hardened cloud infrastructure (AWS) with Cloudflare at the edge for DDoS protection and performance. Networks are segmented, access is tightly controlled, and environments are continuously monitored.
Pivot is developed in public under a Business Source License (BSL), which invites scrutiny of our codebase and accelerates fixes for security issues across app and dependencies.
For organizations with residency requirements (including EU), Pivot offers Private Cloud deployment with dedicated, region-scoped infrastructure. See /security/data-residency for options and regional coverage.
Centralized secrets management, regular rotation, and least-privilege access reduce the exposure of credentials and sensitive configuration.
SSO (including SAML) is available for enterprise customers and used internally, helping reduce password risk and centralize access control.
Automated dependency scanning, vendor due diligence, and monitored build pipelines help defend against supply-chain attacks and accidental exfiltration.
While we currently do not hold certifications like SOC 2 or HIPAA, we recognize their importance and are actively working towards achieving them. We are dedicated to ongoing efforts to attain key industry certifications, demonstrating our commitment to data privacy and security. Additionally, we ensure our platform aligns with evolving global standards and regulations.
We have a comprehensive incident response plan and real-time system monitoring to quickly address any security concerns. Our team of dedicated engineers is on-call 24/7 to detect, respond to, and mitigate potential security incidents. Additionally, our robust multi-cloud backup and recovery protocols ensure your data remains protected in the event of an incident.
Our security practices are constantly evolving to meet the challenges of operating a global cloud service that supports web, desktop, and mobile applications. We collaborate with industry experts and adopt the latest security best practices to provide a secure and dependable collaboration environment.
Create your own Knowledge Base
Experience the power of synchronized collaboration
Collaborate globally, instantly, together
Bring versatility to your course design
Blend community with content and learning
Unite internal and external teams
Consolidate wikis, projects, and messaging
Try dynamic multi-modal collaboration