ULG's Language Services Blog

Does Your Language Service Provider Keep Your Data Safe?



The translation industry has seen dramatic growth lately, and it’s only expected to get bigger.

GALA predicts the market will be worth more than $40 billion by 2020, and at the rate global business is growing, this shouldn’t come as a surprise.

Companies that work internationally can need language services for a number of different reasons, from product material translation to employee training. And if you’re in procurement, you’re likely pressured to find providers that provide services quickly and cheap.

But, what about security? How can you ensure your Language Solutions Partner (LSP) will keep your data safe? Source documents sent for translation can often contain confidential information, and it’s imperative to make sure a provider can safely watch after sensitive data before signing on the dotted line.

By adhering to quality control standards and taking the necessary precautions, LSPs allow peace of mind for clients and ensure they have the infrastructure in place to prevent data loss and are prepared for vulnerabilities in the meantime.

With that said, let’s look at cyber security traits every LSP worth its salt should have.

ISO Standards Matter – Especially 27001

In the language industry, the transfer of source and target language documents is done almost exclusively online. Usually LSPs will host projects within a Language Mastery Platform (LMP), an online portal that allows vendors to communicate with clients and work on projects. 

For this reason, it’s important to look for an LSP that is certified as confirming to ISO 27001, a security standard that shows it has established an Information Security Management System (ISMS) to mitigate the risk of data leaks.
 
ISO 27001 certification makes it more likely a translation company has established a “secure translation environment,” too. This means that access to project documents is password-protected and the transfer of data is only done over a 256-bit, encrypted connection.
 

In that same vein, make sure your LSP has an established breach response method. We’re all aware of the frightening statistics: The Identify Theft Resource Center reported 1,093 breaches in 2016, a 40 percent increase from 2015. And, what’s even scarier is that the average cost of a data breach hovers around $ 4 million. 

Hiring an LSP with a system in place to react to breaches and notify clients is a must.

NDAs Background Checks

Due to the diverse needs and industry-specific nature of the language industry, many translation companies hire freelance Language Masters, or qualified linguists to do their work. This makes for potentially larger pools of workers than in-house employees, and allows companies to find Language Masters who work within their specific industry.

As a prospective translation buyer, it’s important to make sure LSPs run background checks on their employees and have Language Masters sign non-disclosure agreements upon contract. Make sure your LSP has set clear guidelines for their employees when it comes to the handling of sensitive client information.

LSP employees should also undergo at least yearly security training as a way to refresh their memory on processes and procedures established by an ISMS.

 

Back It Up

No matter how robust a certain security system is, there’s always a chance that data will be corrupted. So, make sure your LSP has a backup plan in the event of a data emergency.

LMPs usually host the majority, if not all, of your personal data submitted with language projects. Not only do they store your translation projects, but they also probably house your company information and credentials once you’ve decided to work with them.

Storing data on remote servers in the event of a data breach is a must. And if your LSP doesn’t, you should look the other way.

Machine Translation – Smart application

Machine Translation (MT) has garnered quite a few different opinions in the language industry. On the one hand, it’s a great way to get the “gist” of a source document; on the other, its ability to decipher nuanced text is still far from its potential.

It’s important to make sure your LSP has an MT system that is safe – that is, it doesn’t store data without your knowledge. Ask whether translation providers use encrypted MT applications and how the data entered into their system is stored.

Since MT serves as such a handy tool for translating internal documents (emails, internal communications, etc.), security is especially important. And this makes it all the more important to skip workarounds, as tempting as they may seem.

Google Translate, for example, keeps your information once entered into its translate function. From its “terms and services:”

“When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.”

Exposing any information you’re not aware is being stored can be damaging. And in industries like legal or human resources, the consequences can be catastrophic.

Do Your Homework

As is the case with any industry, the bedrock of a strong digital security strategy is knowledge. And knowing whether an LSP takes security seriously could be the difference between a stress-free translation experience and company-ending data leak.

Take time to vet your LSP options and be assertive and forthright in the RFP process. Seeing that the language industry is especially niche, it pays off to do your homework.

Speaking the same language as your global clients is a must in today’s economy, and as the language industry continues to evolve, so will the need for digital safeguards.

This article originally appeared in ITSP Magazine.