Security is a hot topic. Whether it’s in business, politics or on your own personal laptop, everyone has to be more aware and more secure of the real threats that exist out there.
The translation & localization industry is no different.
One could even argue that translation companies, LSPs and the like might become more attractive targets due to the massive number of files/documents/texts they deal with as well as the large number of multinationals, governments and international organisations they serve.
If any hacker or commercial spy wanted to go looking for documents to make some money, a translation agency may not be a bad place to look!
In terms of security, the three main areas LSPs & translation companies need to be aware of are:
- Data protection: the law will differ depending on where in the world you are but some countries or regions have strict data protection laws. For example, the GDPR (General Data Protection Regulation) is an EU-wide law that comes into force in May 2018 which will make it an offense if businesses do not protect EU citizens’ personal information and data. It will have to be stored, transmitted and used under strict rules. For companies that sell translations to private individuals this is going to mean not only being able to cover all the technical infrastructure, but also ensuring your people know how to handle such data properly.
- Cyber Crime: no longer just a problem for governments and security agencies, even SMEs are having to fight off cyber criminals who plant viruses, shut down websites, hack into systems, sometimes even steal data and demanding ransoms, what has become known as “cyberextortion”. Not paying attention to and underinvesting in proper IT security measures and protocols is no longer an option for any professional LSP.
- Industrial Espionage: yes, companies pay people to steal information about their competitors. Stealing plans, designs, proposals, documents and intelligence isn’t just about hacking into servers and copying files. Oh no! It can get seriously undercover as spies can sometimes be planted into companies to steal files or employees are bribed to copy information. Translators are an obvious target as they may not necessarily have the sophisticated security measures of their LSP clients, yet still work or access files from their homes.
Security is therefore a 3-way affair…
- You need to protect your company
- You need to protect your clients
- You need to protect your people
…and the only way you are going to do that is with a holistic approach.
Much of the dialogue within the translation & localization industry when it comes to IT security and dealing with cyber crime is about safe servers and high spec IT-security systems that allow for enclosed working spaces. This is all of course absolutely fundamental, crucial in fact. IT security has to be top of the priority list.
However, the strength of your IT security is not everything. Next this must also sit other means and measures, especially procedures, processes and practices that meet recognised standards and ensure you maintain levels of security. For example, ISO 27001, ISO 9001 and ISO/IEC 17799 can help companies provide security assurances by adhering to their benchmark standards as well as undergoing external audits.
The last piece to the puzzle is to raise awareness in your team about security, cyber crime and corporate espionage. It is vital for them to understand the ramifications of security being breached and the number of different ways in which it can be done. Employees need to be clear how security may impact everything from the suppliers they can work with to what they can access on public Wi-Fi to what they are allowed to save on USBs they take out of the office.
The people in the company are just as important as the firewalls and servers.
It is critical that stakeholders invest in raising levels of awareness within employees about security, not only to guarantee a safe & secure environment, but to also give them the confidence to talk about this with clients and prospects, enhancing the image of the company in an increasingly security-conscious word.
Now, if you were a translation & localization company looking for a training course on data protection & cyber security, where might you find one?