Security

1. Security Overview

Every immigration firm on VisaPilot CRM operates in a completely isolated multi-tenant environment. Row-level data isolation, enforced by a global scope on all queries, ensures one firm can never access another firm's data — even from the same database.

Our platform processes sensitive immigration data including passports, financial records, and personal identification. We apply enterprise-grade security controls throughout.

2. Encryption

In Transit

• All connections to VisaPilot CRM are encrypted with TLS 1.2+
• HTTPS is enforced — HTTP requests are automatically redirected
• HSTS headers prevent downgrade attacks

At Rest

• Database and file storage encrypted with AES-256
• Passwords hashed with bcrypt (never stored in plain text)
• Payment data is tokenized by Stripe — we never store raw card numbers

3. Access Controls

VisaPilot CRM enforces strict role-based access control (RBAC) with four distinct roles:

Role	Access Level	Data Scope
Admin	Full firm access	All branches, all applications, full team management
Sale Agent	Branch-scoped access	Only their assigned branch's applications and clients
Client	Portal access only	Only their own visa applications and documents
Platform Owner (Superadmin)	Platform management	Firm accounts only — cannot access application data

4. Two-Factor Authentication (2FA)

VisaPilot CRM supports two methods of two-factor authentication:

• Email OTP — A one-time code sent to your registered email address on login
• Google Authenticator / TOTP — Time-based one-time passwords via authenticator app (Growth and Agency plans)

Admins can enforce 2FA as mandatory for all team members from the Security settings panel.

5. IP Restriction

Growth and Agency plan subscribers can restrict platform access to specific IP addresses or CIDR ranges. This prevents login from unauthorized networks.

• IP restriction can be applied per role (e.g., Sales Agents only)
• Firm Admins are never subject to IP restrictions — they always retain access
• Supports IPv4, IPv6, and CIDR notation
• Proxy/forwarded IP headers are respected (X-Forwarded-For)

This feature is particularly useful for firms with office-only policies or those in compliance-regulated environments.

6. Infrastructure Security

• Hosted on enterprise-grade cloud infrastructure (AWS-compatible)
• Firewalled environments with restricted ingress/egress rules
• No direct database access from the public internet
• Regular OS and dependency security patches
• 99.9% uptime SLA with automated failover
• CSRF protection on all form submissions
• SQL injection prevention via parameterized queries (Laravel Eloquent ORM)
• XSS prevention via automatic output escaping in all Blade templates
• Rate limiting on login, OTP, and API endpoints
• Strict Content Security Policy (CSP) headers

7. Backups & Recovery

• Automated daily database backups with 30-day retention
• Encrypted backup storage, geographically separated from primary data
• Point-in-time recovery capability
• File storage backups for uploaded documents
• Recovery Point Objective (RPO): 24 hours
• Recovery Time Objective (RTO): 4 hours

8. Security Audits & Monitoring

• Periodic internal security reviews and penetration testing
• Dependency vulnerability scanning (Composer audit, npm audit)
• Real-time anomaly detection for unusual login patterns
• Audit logging: all admin actions are logged with timestamp, user, and IP
• Failed login attempt monitoring with account lockout after repeated failures

9. Reporting a Vulnerability

We take security reports seriously. If you discover a security vulnerability in VisaPilot CRM, please report it responsibly:

• Email: security@getvisapilot.com
• Subject: [SECURITY] Brief description
• Include: Steps to reproduce, affected component, potential impact

We appreciate responsible disclosure and will acknowledge your contribution publicly (with your permission).