Does Your Language Service Provider Keep Your Data Safe?

By Jake Schild

The translation industry has seen dramatic growth lately, and it’s only expected to get bigger.

GALA predicts the market will be worth more than $40 billion by 2020, and at the rate global business is growing, this shouldn’t come as a surprise.

Companies that work internationally can need language services for a number of different reasons, from product material translation to employee training. And if you’re in procurement, you’re likely pressured to find providers that provide services quickly and cheap.

But, what about security? How can you ensure your Language Service Provider (LSP) will keep your data safe? Source documents sent for translation can often contain confidential information, and it’s imperative to make sure a provider can safely watch after sensitive data before signing on the dotted line.

With that said, let’s look at cyber security traits every LSP worth its salt should have.

ISO Certs Matter – Especially 27001

In the language industry, the transfer of source and target language documents is done almost exclusively online. Usually LSPs will host projects within a Translation Management System (TMS), an online platform that allows vendors to communicate with clients and work on projects.

And, while this is convenient, it can be dangerous, too. For this reason, it’s important to look for an LSP with ISO 27001 certification, a security standard that shows it has established an Information Security Management System (ISMS) to mitigate the risk of data leaks.

ISO 27001 certification makes it more likely a translation company has established a “secure translation environment,” too. This means that access to project documents is password-protected and the transfer of data is only done over a 256-bit, encrypted connection.

In that same vein, make sure your LSP has an established breach response method. We’re all aware of the frightening statistics: The Identify Theft Resource Center reported 1,093 breaches in 2016, a 40 percent increase from 2015. And, what’s even scarier is that the average cost of a data breach hovers around $ 4 million.

Hiring an LSP with a system in place to react to breaches and notify clients is a must.

NDAs and Translator Background Checks

Due to the diverse needs and industry-specific nature of the language industry, many translation companies hire freelance linguists to do their work. This makes for potentially larger pools of workers than in-house employees, and allows companies to find translators who work within their specific industry.

As a prospective translation buyer, it’s important to make sure LSPs run background checks on their employees and have linguists sign non-disclosure agreements upon contract. Make sure your LSP has set clear guidelines for their translators when it comes to the handling of sensitive client information.

Translators and LSP employees should also undergo at least yearly security training as a way to refresh their memory on processes and procedures established by an ISMS.

Back It Up

No matter how robust a certain security system is, there’s always a chance that data will be corrupted. So, make sure your LSP has a backup plan in the event of a data emergency.

TMSs usually host the majority, if not all, of your personal data submitted with language projects. Not only do they store your translation projects, but they also probably house your company information and credentials once you’ve decided to work with them.

Storing data on remote servers in the event of a data breach is a must. And if your LSP doesn’t, you should look the other way.

Machine Translation – Friend or Foe?

Machine Translation (MT) has garnered quite a few different opinions in the language industry. On the one hand, it’s a great way to get the “gist” of a source document; on the other, its ability to decipher nuanced text is still far from its potential.

It’s important to make sure your LSP has an MT system that is safe – that is, it doesn’t store data without your knowledge. Ask whether translation providers use encrypted MT applications and how the data entered into their system is stored.

Since MT serves as a such a handy tool for translating internal documents (emails, internal communications, etc.), security is especially important. And this makes it all the more important to skip workarounds, as tempting as they may seem.

Google Translate, for example, keeps your information once entered into its translate function. From its “terms and services:”

“When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.”

Exposing any information you’re not aware is being stored can be damaging. And in industries like legal or human resources, the consequences can be catastrophic.

Do Your Homework

As is the case with any industry, the bedrock of a strong digital security strategy is knowledge. And knowing whether an LSP takes security seriously could be the difference between a stress-free translation experience and company-ending data leak.

Take time to vet your LSP options and be assertive and forthright in the RFP process. Seeing that the language industry is especially niche, it pays off to do your homework.

Speaking the same language as your global clients is a must in today’s economy, and as the language industry continues to evolve, so will the need for digital safeguards.


About Jake Schild

A former newspaper reporter and native Minnesotan, Jake Schild is United Language Group's content strategist.

More About Jake