Information security as a key aspect of client interaction at Janus Worldwide

We live in an era of innovations that are turning the world on its head.

Every company is seeking to enhance and accelerate internal processes, improve profitability, minimize costs, and gain a competitive edge. This can be achieved by implementing and harnessing a wide range of software.

A fundamental condition of using this software is ensuring information security, namely, protecting information and the supporting infrastructure from accidental and moderate threats.

During the first six months of 2022, InfoWatch, an expert analytics center, registered 2,101 leaks of restricted information and over 100 million leaks of personal data records worldwide, almost double (93.2%) the figures for the same period last year. We must realize that anyone can become a victim of a cyberattack.

For example, at the end of January, cyberthieves hit two subsidiaries of Marquard & Bahls—Oiltanking, a German gasoline distributor, and Mabanaft, an oil supplier.

The most common types of attack continue to include credential theft (19%), followed by phishing (16%), cloud misconfiguration (15%), and software vulnerabilities (13%).

In this situation, it would be naive to think that today’s translation industry, which has mostly gone online, is safe from the risks.

Many of our clients send us daily requests to translate documents containing commercial secrets, such as technical documentation, business plans and internal correspondence. This data can be a target for cybertheft, while corporate information may also be an enticement for competitors.

At Janus Worldwide, the management and the entire team understand that the trust of clients and partners is critical to our business and that handling personal data with due care and respect is essential to build loyalty, protect our company’s reputation and achieve our strategic goals.

For this reason, the company has adopted an information security management system based on three core pillars—people, processes and technology—and aligned with the ISO 27001 standard.

Guided by this standard, our company has developed and successfully implemented the following regulations:

• Information Security Manual
• Antivirus Policy
• Corporate E-mail Usage Policy
• Virtual Machine and Remote Work Policy
• Business Continuity Policy
• Personnel Information Security Policy
• Backup and Restore Policy
• Access Rights Management Policy
• Janus Worldwide Physical Security Policy

When we start building relations with clients, we sign a Non-Disclosure Agreement (NDA) at the earliest stage of our partnership to guarantee the security of confidential data and show our readiness to take responsibility for the integrity of the information they entrust to us.

People. The vigilance of Janus Worldwide’s senior management, thorough background checks of potential employees and ongoing staff training help us maintain high levels of protection for confidential information across all business processes.

All employees in our company:

• Maintain the confidentiality of commercial and production information that they have received access to as a result of their employment. This includes publicly unavailable information on commercial partners and clients. The confidentiality obligation remains in effect after their employment is terminated.
• Protect confidential company information from unintended disclosure by never creating, accessing or using our confidential information in public environments where it could be overheard or observed.
• Protect confidential information from theft by using only company-provided tools and software, and by creating and storing passwords in compliance with our policies and standards.
• Follow our policies and standards regarding IT infrastructure and disclosures on social media or via other channels.

Processes. We carry out regular IT audits to ensure the confidentiality, availability and integrity of information, as well as that the information security management system complies with laws, data protection standards and policies on personal data processing and identifying weaknesses in information systems.

• Any disclosure of confidential information inside the company is maintained under strict control to protect the interests of our company, partners, consumers and colleagues in the best possible way.
• With continuous support from IT specialists, our security team records all activities by all users (including unauthorized actions). This is a required procedure for translation project management.
• For security reasons, we use data anonymization and allocation. We split the material, as appropriate, into fragments and pass them to different vendors so that no one has complete or even sufficient information to jeopardize data confidentiality.

Technology. As mentioned earlier, to comply with information security standards, Janus Worldwide has set up an IT department that closely monitors compliance with key information security requirements. But its primary goal is to adequately protect the interests of our company, partners, consumers and colleagues, using best information security practices.

• All information is generated, encrypted, copied and stored in a digital format in our DMS system on backup servers.
• Each of our servers is located in an ISO 27001-certified data center and equipped with its own firewall and antivirus protection.
• Each of our offices uses an encrypted VPN connection and is protected by firewalls.
• All input and output traffic in our network is encrypted and constantly monitored, with immediate action taken if any abnormal behavior is detected.

In conclusion, I would like to emphasize that Janus Worldwide has clients all over the world, and your trust is our main priority. We are working hard to achieve superior security for your confidential data by deploying appropriate technical and organizational controls, and you can be confident in entrusting us with any linguistic project.