06 Feb/18

Securing Sensitive Data in Translation

Securing Sensitive Data in Translation - EVS Translations
Securing Sensitive Data in Translation – EVS Translations

Sensitive corporate information is being send for translation and converted from one language to another at rates and volumes never seen before. In parallel, the translation industry has never been as decentralised as it is today. And while the concept of decentralisation, especially in the realm of blockchain, has the potential to change how we do business and significantly improve data integrity and security, it is quite the opposite when it comes to decentralised processes in the translation industry.

Imagine a network of freelance translators located at different corners of the world, working under different regulations and capacities when it comes to data security, using the Internet and cloud-based solutions to process your sensitive information, and even pasting strings of it into machine translation solutions, making it visible to everyone. In September 2017, a variety of sensitive information of the Norwegian state-run oil giant Statoil was to be found online by anyone conducting a search, with the massive data breach resulting from the input of data into a leading cloud-based machine translation service where translations sent to the community to improve the accuracy landed up indexed by major search engines.

Now consider the fact that the storing of data in the cloud equates to storing your data on someone else’s computer and that the loss of industrial information and intellectual property through cyber espionage is still defined as the greatest transfer of wealth in history in the US, and that nearly 1/3 of companies in Germany report cases of industrial espionage, with those resulting from online data leaks – bringing in the biggest financial damages.

At times when economic espionage is offered as a service, common security concepts like encryption, TLS, and two-factor authentication are only the basic mere steps against corporate data breaches. A calculator, developed by IBM Security, could help your company examine the cost of a potential data breach: https://databreachcalculator.mybluemix.net/, but it is up to your organisation to not fall into the trap of not having control or understanding of where your sensitive data resides.

Choosing EVS Translations as your preferred single-source solution for all your language requirements, would equal the storing of your data in a bomb-proofed former bank. And that is meant literally, as after its DIN ISO 17100 certification for translation services, EVS Translations now stores all data at an external computer centre with a guaranteed service levels of 24/7/365, full video monitoring and armed security, three-level authentication, a fully-certified ISO 27001 and a CAT III+ (99.982% availability) and availability class 3 in line with EN 50600, and last, but not least, subject to German laws and strict security policies. Entrusting your corporate data to EVS Translations, guarantees that it will be securely encrypted both in transit and at rest.

Furthermore, EVS Translations offers its corporate clients a secure data transfer via own E-mail exchange server, providing individual encryption options for both senders and receivers. Plus, a secure transfer of unlimited amounts of data via TLS and access for customers to the transfer server with a user-friendly interface.

And for clients who prefer to use their own secure e-mail portals or VPNs, the secure log-in of EVS employees is guaranteed by a two-factor authentication of username / password + generated codes that are transmitted via tokens or SMS, and the secure data transfer – by encrypted VPN Servers.

Access to data is restricted to a list of experts, approved by the client, with all log-ins and processes – strictly documented and archived. In the absence of contacted terms, the access is restricted to only the account and project managers responsible for the particular language project.

EVS Translations ensures that all your data remain secure from the initial quote stage right through to the final delivery. All client data is kept access controlled on a secure ERM and PM platforms, that ensure a seamless data storage and disaster recovery. All actual work is done on secure local servers. Access to sensitive information is allowed only to persons who require it and is not possible from outside the network. Each of the international offices across Europe and North America has an in-house IT team to monitor and maintain security measures and assist clients with customized data security solutions.