It’s no secret that retailers must ensure the security of their digital customer experiences and protect the privacy of its customers.
Serving global customers with multilingual websites is an important piece of this responsibility. Here’s why: Many translation partners that are hired to localize e-commerce sites use legacy workflows and immature technologies that aren’t optimized to efficiently localize highly-complex websites. These shortcomings may lead to security gaps.
To mitigate this risk, retailers must thoroughly vet their translation partners to ensure they have the technical expertise required to offer secure, localized shopping experiences for global customers.
Keep these security best practices in mind as you review the capabilities of your current or potential website translation partner.
Best practices for protecting customer data
The best localization partners prioritize efforts to:
• Identify and mitigate security risks.
• Implement security and privacy best practices.
• Continuously find ways to protect sensitive data.
Partners should use technologies that never store personal information. Customer names, addresses and numbers should be automatically ignored. Some partners leverage special “directive tags” for extra security. When these tags are applied to website code, any content enclosed within them pass through the translation system completely unrecognized.
Superior translation partners also support industry-recommended secure encryption protocols by using your site’s SSL connection for receiving, translating, converting and delivering content.
Compliance is key
Ask your partner how they meet stringent industry requirements. Ask about stringent security controls such as:
• Completion of annual security assessments conducted by independent PCI.
• SSC Qualified Security Assessors, and ongoing compliance with PCI DSS.
• Compliance that supports customers in a variety of industries, such as HIPAA, ISO 27001, FedRAMP, ITIL and others.
• Fluency in GDPR regulations.
• Certification in Privacy Shield Organization frameworks.
Hosting infrastructures
Leading partners usually provide hosting for their website translation solutions, which includes the content of localized websites. Their hosting infrastructures should provide security, scalability and redundancy. It should be hosted in physically secure, geographically diverse data centers, too. Great partners also use real-time network monitoring and system defense.
Hosted solutions should use data centers that are always staffed by security teams, with access restricted to authorized personnel, enforced with multi-factor authentication and controls.
Third parties
Retailers should ask how their translation partners work with third parties to provide or support certain components of its hosting services. Those that emphasize security choose partners that are proficient at managing complex network hosting and application infrastructures.
These partners must also support stringent service level agreements and security controls that satisfy industry standards and third-party validation, such as SSAE 16, PCI DSS, and/or ISO 27001 compliance.
Work environment & programming practices
Aside from secure technologies and robust hosting infrastructures, superior localization partners also have work environment and programming practices that safeguard your critical business data.
Leading approaches follow Center for Internet Security system hardening guidelines, and routinely train employees about attack methods, and how to avoid them.
Ask if the partner integrates security into their training and HR practices. This includes personnel screening and ongoing training on topics such as:
• Physical security
• Workstation security
• Data privacy
• Common attack methods and prevention
• Incident reporting
They should also maintain robust operating environments with complementing layers of controls. Look for partners that:
• Strictly follow industry recommended practices.
• Conduct routine updates and management of access to systems.
• Continually test systems for potential weaknesses.
Security is a top priority
Data security and privacy are top priorities for global shoppers, retailers and the localization partners that power their localization customer experience.
Leverage a translation approach that safeguards sensitive data with industry best practices and compliance mandates, and only use solutions supported by localization experts dedicated to protecting your critical business assets.
Craig Witt is chief revenue officer at MotionPoint.