Security and Confidentiality

Intertranslations’ policy and practice regarding data and document translation security is unrivaled as we are experienced and certified in storing and managing sensitive information while protecting it from unauthorised use.

Security and Confidentiality

Security of Translations

At Intertranslations, we take your data security seriously. Here’s how we protect your sensitive information:

ISO 27001:2022 Certified Security. Intertranslations is certified for information security management, ensuring your data is handled with the highest industry standards.

Advanced Protection Systems

• Secure customer and vendor portals with state-of-the-art encryption
• Protected FTP servers and robust firewalls
• HTTPS secure protocols
• Anti-phishing and intrusion prevention systems
• Data loss prevention (DLP) technology to prevent unauthorized transfers

Ironclad Confidentiality

• Comprehensive confidentiality agreements with all customers
• Strict NDAs with every employee and translator
• Secure data disposal protocols for both digital and physical documents
• Complete accountability tracking for all actions and tasks
• GDPR Compliance

25+ Years of Trusted Service

Our security systems have been thoroughly audited by multinational corporations, making us a trusted partner for organisations requiring the highest level of confidentiality in their translation projects.

Perfect for:

• Organisations needing to meet specific security requirements
• Businesses handling sensitive information
• Companies requiring compliance with security regulations
• Enterprises seeking reliable, security-conscious translation partners

IT Infrastructure and Equipment

The design of our IT infrastructure integrates the latest technologies ensuring 99.95% system availability, enhanced security, advanced manageability, Disaster Recovery and Business Continuity operations.

The IT Infrastructure design consists of:

• Microsoft Azure Cloud Servers and Services infrastructure with uptime SLA 99.95%
• Citrix on Microsoft Azure, allowing internal and external staff 24/7 remote access to our systems
• Company ERP (Entersoft EBS) system on Microsoft Azure
• Microsoft Office 365 email system
• Local infrastructure based on Microsoft Hyper-V clustered virtualisation solutions
• 300 Mbps double fiber optic leased internet lines with SLA 99.95%
• Fully managed and configurable Firewalls in High Availability mode
• 3CX VoIP system for internal and external communications
• Video Conference equipment for internal and external meetings
• Trend Micro full suite solution used for Antivirus / Antispam / Firewall / Email Filtering / DLP / Disk Encryption
• Microsoft Operations Management Suite, Microsoft Log Analytics, and Microsoft Power BI reporting services
• Daily servers, systems, and data backups to Microsoft Azure Cloud, in 2 different regions and data centres located within Europe, as and local repositories
• Disaster Recovery & Business Continuity plans
• Systems error monitoring 24/7
• Helpdesk support available 24/7.

In-house staff work from the company network using Terminal and Citrix technologies on Azure. External staff connect to work remotely in a fully restricted and controlled Citrix on Microsoft Azure Cloud environment, for enhanced security and High Availability 24×7 service. In order to prevent any data leaks, Citrix & Group Policy rules among other restrict access to email providers sites (e.g. Gmail), Cloud Storage sites (e.g. Dropbox), and social media sites (e.g. Facebook), while drag&drop and copy/paste functions from within Citrix desktop to end-user machines is also disabled. All sessions are recorded for quality and support purposes.

The technology used allows our staff to work together in an “in-house” environment, and adoption of this technology improves productivity and the collaboration between external and internal staff. Additional security methods to prevent any data leaks from internal users include use of Trent Micro DLP suite on the local physical machines (to lock USB and media drives), and Trend Micro Full Disk Encryption to safeguard Hard Disk Drives (SSDs) from unauthorized data access in case of steal.

Freelancer vs Intertranslations inlancer®

“In-house linguists” is becoming more and more an outdated concept in the translation business. In order to provide top quality translation services in a globalized market, Intertranslations works with translators who are native in the target language of the requested translation; these people usually live in and work from literally every corner of the earth. The translation of a document from English into Swedish, for instance, will be allocated to a native Swedish speaker, who most probably – even though not necessarily – lives in Sweden.

The need to work with numerous people from all over the world, confidentiality restrictions and data protection considerations have resulted in Intertranslations:

• Following a business model that does not involve in-house linguists;
• Introducing the term inlancer® as opposed to freelancer; an inlancer® is considered in-house staff since they work on the same virtual corporate environment as in-house staff, while they maintain their independence from the company;
• Adopting a unique methodology for recruiting, vetting, training and working with inlancers.

Intertranslations has set up a virtual, controlled IT environment based on Citrix™ technologies to which inlancers® connect via encrypted SSL connections. This allows our IT Department to centrally manage applications and computing resources in a secure data center. The Citrix applications “live” in this data center, not on the endpoints (the computer of an inlancer®), and the IT Department can protect them more efficiently. Therefore, no data is at risk when a device is lost or stolen. The translators access the files for translation and other project-related material via corporate user accounts, provided by the IT department. For this, they use a Citrix software component that allows remote devices to connect to desktop virtualisation services. While on this environment, translators cannot upload from, download, or copy files to their computer, have no internet access or access to any of their own personal email accounts. Citrix ensures that project files do not leave the virtual premises of the company and that no data is lost or stolen. This technology also allows both internal and external staff to work remotely together in a safe in-house environment, facilitating teamwork and ensuring best end-results.

Intertranslations has a large network of more than 3,500 inlancers all over the world who have been recruited, tested and approved through rigorous recruitment procedures. Their performance is also monitored and recorded by evaluating every translation task they are allocated.

Help Desk Support

Helpdesk support is available 24/7 to both internal staff and freelancers.

Back-up Methods and Tools Used

Intertranslations applies the following backup schedule:

• For Servers, Systems, and Data hosted on Microsoft Azure Cloud:
  • Daily full backups to Microsoft Azure Cloud Backup, with data automatically saved in 2 different European Regions-Datacentres for DR/HA,

• For Servers, Systems, and Data hosted on our local premises Hyper-V infrastructure:
  • Daily full backups to Microsoft Azure Cloud Backup, with data automatically saved in 2 different European Regions-Datacentres for DR/HA, and
  • Daily full backups to local repositories using Acronis Backup Software: Storage IBM Storwize V3700 and 2 NAS (Network Attached Storage) disks; every week one of them in rotating order is removed from our premises and stored offsite.

Daily backups start late night to morning hours schedule plans to keep overall network traffic low. Retention policies: 10-days for Daily Backups, 2-weeks for Weekly Backups, 1-month for Monthly Backups.

The IT security tools used in Intertranslations are the following:

• Microsoft OMS
• Microsoft Log Analytics
• Microsoft Azure Web Application Firewall
• 2xStormShield SN510 Firewall Appliances in clustering mode for High Availability
  • (IDS/IPS/Antivirus/Antispam/VPN/Web Filtering/Application Control)
• Trend Micro OfficeScan (Antivirus & Firewall for Desktops & Servers)
• Trend Micro Mobile Security (Antivirus for Mobiles & Tablets)
• Trend Micro Data Leak Prevention
• Trend Micro Full Disk Encryption

Data Loss Prevention Methods

Intertranslations has the following measures in place, in order to prevent data loss,:

• We have adopted and deployed the security suite products from Trend Micro, including Antivirus / Antispam / Antimalware / Firewall / Email Filtering / DLP / Disk Encryption, across all corporate resources, all PC’s, Servers (local / physical and Virtual Machines, both on local Hyper-V virtualized infrastructure and on Microsoft Azure Cloud), and Office 365 mailboxes and resources, to enhance corporate security and control.
• Office 365 suite Advanced Threat Protection -ATP- and Data Classifications prevent accessing or sharing of sensitive data.
• Domain Group Policies based on security user groups permissions enforce user restrictions for data access on internal resources and File Servers. Additional stronger Group Policies restrictions apply for external users-linguists working remotely on our Azure Citrix infrastructure on assigned tasks, to prevent any data leaks (in or out) from within the working environment to the outside world or the user-machine.
• All media (USB, CD/DVD) are locked and inaccessible across company resources; upon request evaluated per case, an audited permission is granted by the Information Security Manager.
• Full Disk Encryption is applied across machines to safeguard machine Hard Disk Drives (SSDs) from unauthorized data access in case of loss/robbery.
• File Servers access monitoring and reporting to audit users and files moves and alert for any suspicious behaviour or policy violations.

Information Management, Data Protection, GDPR

The Information Security Management System (ISMS) in place, which was only recently updated and successfully audited by an accredited organisation, fully complies with the provisions of the EU General Data Protection Regulation (GDPR) regarding the management of personal data. The ISMS, in full compliance with GDPR:

• Includes the pseudonymisation and encryption of personal data
• Ensures ongoing confidentiality, integrity, availability and resilience of processing systems and services
• Incorporates the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
• Includes a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

When new linguists are recruited, and their personal data recorded, Intertranslations informs them that their personal data will only be used for the purpose it was requested for, that it shall not be shared with any third party without their written permission and that it will be securely stored in state-of-the-art IT systems. Linguists are asked to confirm their agreement.

Business Continuity

The company possesses a 24/7 system for error monitoring and disaster recovery process as well as in-house and remote back-up files.

Intertranslations has put in place a detailed Business Continuity and Disaster Recovery Plan. The DRP examines fifteen (15) different disaster scenarios (e.g. server failure, mail server failure, domain controller failure, systems failure, fire/earthquake/loss of building, etc.) and details the required actions, the people responsible and the estimated time-frames when these actions must be concluded.

In case of mail server failure for instance, the company has spare servers in store which can be used, while maintenance work takes place on the failed server. The estimated time to use the spare server is three (3) hours, while the time to get back in business on the normal mail server is one (1) working day.

State-of-the-art IT infrastructure that includes:

• Specialised tools (Azure Web Application Firewall, StormShield Firewall, Trend Micro tools, etc.) and specific backup methods in order to ensure data security and prevent data loss. Our procedures regarding cyber security are certified according to the Cyber Essentials (UK government-backed and industry-supported scheme against cyber-attacks).

Penetration Tests

External & internal penetration tests are performed yearly from dedicated Security Companies to ensure the security and efficiency of our systems and services.