Translation Data Security: Is Your Confidential Content Safe?
Due to the fundamental role that data plays in supporting the ongoing digital transformation, entire systems could crumble in the event of security breaches. In fact, most of the CEOs who attended last year’s World Economic Forum insisted that data privacy and cybersecurity are currently more valuable to their organization’s success than ever. That is, without data security, governments and businesses are known to collapse.
The Costly Risk of Data Breaches
- Take Translate.com, for example, a leading automated translation software that recently exposed highly confidential data to unauthorized users and lost public trust/confidence in their product. The company attracted users to their platforms with the promise of free translation services but ended up leaking sensitive corporate and personal user content. From passwords and contract information to outsourcing and employee dismissal data, users were counting millions in losses.
- When IBM conducted a study in 2019 to determine the financial cost of data leakages, they concluded that America alone loses nearly $10 million every year even though the global average per country is no more than $5 million. Surprisingly, these costs have steadily increased over the last half a decade at an average annual rate of 12 percent. So if you think your company can continue to bury its head in the sand as you wait for this problem to simply go away, you are taking a shot in the dark. Fortunately, you’re not alone.
- In 2019, Deloitte interviewed 500 managers to gauge their opinions about the importance of cybersecurity and what they were doing about it. The researchers reported that even though the study respondents acknowledged the contribution of data security to digital transformation, most of them do not prioritize privacy enough. A significant proportion of the executives confessed to allocating no more than 10 percent of their aggregate budgets to cybersecurity endeavors.
Best Practices for Data Security
To avoid security breaches when translating your confidential data, awareness of and investments in action against cybersecurity threats should be the cornerstone of your digital transformation strategy.
1. Monitor and control access to computers
All the measures you take to keep translation data secure would be pointless if you forgot to password-protect your personal and company computers. When you encrypt your hard drives and backup drives, only authorized personnel will be able to access sensitive information, even if the machines are stolen.
Another way to limit access to your computers is through well-known, up-to-date antivirus and firewall protection software. These are some of the typical hackers’ greatest pet peeves because they can detect malicious network activity and lock specific users out of the system.
2. Beware of publicly available machine translation tools
Online automated translation software like Google Translate might be alluring because they help reduce operational costs, but they can also introduce your company to unnecessary risks — as The Nomura Group, a Japan-based bank, recently discovered. The bank trusted Google to keep its company emails secure only to be embarrassed when the documents ended up in the wrong hands. Once their confidential translation data was leaked online, they had no means of deleting it from the Internet. What’s worse, they discovered that Google and its ilk have the authority to harvest such data and use it however they see fit. If they had read Google’s terms and policies before agreeing to the conditions, they wouldn’t have become a laughing stock.
3. Avoid free cloud services and public Wi-Fi networks
Just like online machine translation tools, free cloud services, and public Wi-Fi promise to lower your operational costs but end up introducing you to unnecessary risks. Did you know that hackers can easily intercept your translation data while it’s in transit or stored on shared cloud servers? So the next time you want to share sensitive company information with your translators, don’t use Coffee Lab’s public Wi-Fi. If you must use a shared network to transfer confidential data, you can at least install a reputable VPN to hide your user activity.
4. Can you trust your Language Service Provider?
When choosing a translation provider or LSP, businesses should consider the quality, cost, and reliability of the provider. It is also crucially important to make sure that you can trust the third party who you’ll be sending your confidential company documents to. If you don’t do the right checks on your provider, you could be risking costly data breaches. Before deciding which LSP you’d like to partner with, check the following:
- Security accreditations – When it comes to keeping information assets secure, an ISO 27001 certification is the internationally recognized security standard. An organization that is certified in ISO demonstrates that it has identified risks and put in place preventative measures to protect itself from information security breaches. The most reliable translation vendors have such accreditations that demonstrate professional security measures.
- Encrypted translation technologies – Many translation vendors integrate technologies such as translation management system into their workflow. You need to make sure that your vendor’s software is encrypted so that only you and the vendor have access to your content. Ask about the protocols and data encryption measures to make sure security measures cover both the employees and the physical infrastructure of its systems.
- Security policies – Go through your agency’s security policies to determine if there are any vague legal jargon they are using to avoid accountability in case of data leakages. Also, check if they have the appropriate security measures to protect you and their employees against liability to see if they are your safest bet.
5. Don’t rely on emails to transfer your confidential data
Sometimes sending an email can feel like you’re playing a game of Russian Roulette. And this is not all fun and games — especially when client information is involved — as it can lead to a grave security breach. This has happened to many big corporations like Canva, Adobe, Equifax, LinkedIn, MySpace, My Fitness Pal, Yahoo, and eBay. In fact, only a few big businesses can attest to having flawless communication systems.
Why are Emails Unsecure?
It’s very alarming to realize that emails, which are the most common means of communication for many professionals, are technically not secure. Let us look at a few reasons why that is.
SSL Security: When you send an email, by the time it reaches its destination, it passes through what we is referred to as relays. SMTP SSL prevents the detection of traffic during transmission, but that does not mean the emails are encrypted. The emails are vulnerable to tampering when they go through one of the many relays. To put it into perspective, the encryption occurs between SMTP relays but not between the sender and recipient.
It is rather improbable that emails do reach their destination while under total encryption. This is because it is up to each relay to decide whether or not it will support the encryption. The email will need to be decrypted before delivery if either the sender or recipient has not enabled SSL. A potential solution to this might be encryption by PGP or ‘Pretty Good Privacy.’ Not the most convincing name to guarantee the security of your communications, but no encryption plan is foolproof.
Relays receive copies of your emails: Remember those relays we mentioned earlier? When you write an email, it is not delivered to its destination in a direct fashion. It first goes to a local DSL provider, then to the central server, then to another server that routes emails and again to a few more. Through all those passages, there is no guarantee that every server deleted your email after passing it on.
Tips for Securing Your Communication
- Translation management systems help streamline communication so that you don’t need to rely on emails going back and forth between team members. A TMS acts as a central environment for you and your translators where you can upload, translate, and publish your content securely.
- If you must use emails to transfer your content, there are some measures you can take to ensure that your email reaches its predetermined destination undisturbed. Apart from being careful when entering the address in the address field, you can also add an email footer on every email you send. The following is an excerpt of a common email footer from emaildisclaimer.com:
“This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify the system manager …”
6. Take necessary measures with hard copies
A thought is to be spared for the security of the information contained in hard copies as well. If your workflow involves making hard copies of client information, it would be best advised to purchase a shredder, especially the newer models that can also shred the CDs often used to store data.
In A Nutshell;
Keeping your confidential translation data secure requires a trade-off between low operational costs and impenetrable IT infrastructure and software. The most porous platforms are promising you cheap machine translation and communication tools, but most of them won’t warn you about potential risks. It is, therefore, your job to separate the wheat from the chaff.
From ISPs to translation agencies and email servers, most of the tools and people you work with might become additional sources of risk if you do not vet them and examine their history prior to collaborations. Keep in mind that free service providers are crowded with hackers who are confident that the platform owners are cannot afford to invest in the advancement of cybersecurity due to limited funds.
Don’t put your business at risk of a data security breach; choose Tarjama for enterprise-grade translation services that you can rely on.
Tarjama is internationally recognized for its commitment to security and customer data protection. With our secure portal, industry-specific translators, translation technology, and certifications such as ISO 27001:2013, you can rest knowing you have sole ownership of your company data.