Best practices for securing enterprise machine translation

SUPPORTED BY LANGUAGE WEAVER

Best practices for securing enterprise machine translation
How Language Weaver enables global organizations to secure their AI advantage

By Bart Maczynski and Arnaud Simon

Organizations today find themselves dealing with an ever-growing volume, velocity, and variety of multilingual content and data. Digital transformation, including the recent rapid advancements in artificial intelligence (AI), has expanded the use cases for approaching multilingual content, often leaving enterprises and government organizations without the professional expertise required to navigate the international implications.

At the same time, more than ever before, the ability to accurately and quickly translate content at scale, generated both inside and outside the organization, is crucial to enable communication, collaboration, and market access across geographies and cultures.

AI-powered machine translation (MT) is a potent tool enabling organizations to transcend language barriers and address their expanding multilingual needs. However, this also raises significant security concerns. MT systems process vast amounts of textual data, from internal communications to confidential client information. Any breach could lead to a significant loss of trust and/or intellectual property, which could have long-term impacts on the organization’s reputation and business potential.

Enterprises are also required to navigate a complex web of regulatory requirements, with non-compliance leading to severe consequences, including potential financial penalties or loss of certifications. It is therefore crucial for organizations to ensure that any AI or MT system they employ adheres to the highest standards of data security and privacy.

Given the complexity of the current landscape of MT solutions, which ranges from free publicly available services to proprietary tools, sometimes with multiple deployment options (on-premises, cloud and hybrid), the choices may seem daunting and overwhelming.

It is against this complex and evolving backdrop that we aim to provide a comprehensive understanding of the main security aspects that a viable enterprise AI platform must exhibit. To help organizations assess and make informed decisions about MT solutions, we will explore the best-practice approach, architecture, features, and capabilities that have been deployed to secure Language Weaver.

The unique security imperatives of machine translation

In the dynamic landscape of enterprise security, MT introduces a distinct set of challenges. Located at the crossroads of technology and linguistics, MT processes an extensive range of potentially sensitive textual data across multiple languages. This data ranges from internal communications and financial documents to customer-specific details and proprietary research. Naturally, keeping such content secure and protected is a top priority for any organization that utilizes MT.

Given the sheer volume and variety of the data that can be handled by MT, the risk of data leakage is significant and serious. Moreover, the complex linguistic algorithms powering MT necessitate advanced software resources and complex computing architectures, potentially drawing the attention of cybercriminals. This raises important security concerns as any breach in the MT system can potentially result in regulatory penalties, erosion of trust, and long-term damage to business performance.

Selecting a security-centric machine translation solution

As organizations navigate these risks, a standard off-the-shelf public cloud MT system and its underlying security options may not suffice. The nature of enterprise MT use cases calls for a robust, comprehensive and tailored security approach — an MT system that not only provides flexible translation capabilities but also incorporates security as a core fundamental principle of its design and function at all levels.

Such an MT solution should embody a secure-by-design approach, where security parameters are woven into every facet of its build and operation, rather than being an added feature or an afterthought. This approach ensures that security is deeply and natively embedded within the system’s architecture, offering a secure foundation for all other functionalities.

In the following sections, we will explore the critical security features deployed by Language Weaver, illustrating the role of each in ensuring a secure and dependable system. We will highlight the security measures and capabilities to ensure that your chosen MT solution not only meets its functional requirements but also aligns with your security policies to safeguard valuable data assets and retain stakeholder trust.

Language Weaver: secure by design

Reliable cloud infrastructure

The cloud-based architecture of Language Weaver has been designed to embody strength and reliability, reflecting a robust foundation of industry-leading infrastructure principles. The system is hosted on Amazon Web Services (AWS), a platform renowned for its security, scalability and flexibility.

The adoption of AWS allows Language Weaver not only to inherit the platform’s inherent resilience, but also its exhaustive measures across physical, infrastructure, and service-level security — all meticulously designed to safeguard data, protect against potential threats, and secure application interface functionality.

By capitalizing on the strengths of AWS, Language Weaver is able to provide a secure, dependable, and powerful solution that meets the highest industry standards and expectations.

Cloud data residency

Language Weaver maintains two fully separated and segregated instances of its cloud infrastructure: one in Europe and one in the US. This allows clients to choose where their data will reside, safe in the knowledge that there is no data transfer between the two instances. This is particularly important for organizational data that must remain within designated geographical boundaries — for example, within the European Union — to meet certain regulatory requirements.

Self-hosted: on-premises/private cloud solution, Language Weaver Edge

Language Weaver Edge brings a differentiated value proposition as an on-premises or private cloud solution, offering considerable adaptability to cater to various enterprise security requirements. Its deployment is versatile; it can be installed on physical hardware, run on virtual machines, or encapsulated within containers, thus delivering excellent flexibility.

An essential feature of Language Weaver Edge its completely isolated environment if necessary. It can operate when entirely disconnected from the external world, adding an extra layer to its security capabilities.

This deployment model bolsters the security position significantly. It ensures that sensitive data remains within the boundaries of the organization’s secure IT infrastructure. This data containment strategy reinforces control over

Hybrid deployment model

The capabilities of Language Weaver Cloud and Language Weaver Edge can be combined to create a secure hybrid deployment model, providing additional flexibility to clients without compromising their on-premises security provisions. Thus, Language Weaver Edge application can be deployed on-premises, securely connected to the Language Weaver translation engines in the cloud to allow, for example, access to additional languages available there. They exchange data via an encrypted link, but the original source content and documents never leave the secure IT infrastructure provided by Edge.

With today’s rapidly evolving AI landscape, global organizations require an innovative security approach that addresses the new challenges and opportunities, which this hybrid model delivers.

Secure communication

Language Weaver uses HTTPS with TLS 1.2 to ensure secure communication between client and platform. This encrypted communication protocol prevents unauthorized access and interception of data during transmission, safeguarding the confidentiality and integrity of processed content. The platform also employs AES-256 encryption and key management best practices to protect sensitive data at rest.

Secure API integration

The API interfaces of Language Weaver solutions use secure HTTPS connections and support best-of-breed authentication mechanisms to ensure that data is protected while being transferred between systems.

Data handling and retention

Language Weaver is designed to minimize data retention and ensure that customer content is not stored beyond the time strictly required to perform the translation and return the results. Uploaded files and directly entered text are treated with the same level of sensitivity, and no customer content is used for any purpose other than the requested translation. This approach ensures that customer data is not exposed to unnecessary risks and adheres to strict data minimization principles.

Access control and authentication

Access to Language Weaver solutions is restricted to authorized users with valid service accounts. The platform verifies user permissions before allowing access, ensuring only authorized personnel can log in. Only essential sign-on information is collected.

Working together, Language Weaver Cloud and Language Weaver Edge allow for single sign-on and centralized access control, enhancing security and user management.

User roles and permissions

Language Weaver solutions implement role-based access control (RBAC) to manage user permissions and restrict access to sensitive data and functionality. The platform supports the primary user roles of admin, linguist, and translator. Additional roles are available in Language Weaver Edge for comprehensive access to reporting information..

Optional feedback mechanism

Language Weaver solutions offer an optional, real-time feedback mechanism for end users to contribute to the improvement of the MT models. Users can submit feedback on translation quality and suggest translation improvements for enhanced performance of the platform. By default, collection of feedback data is explicitly triggered by the user. Administrators can automate feedback approval based on the data handling guidelines of their organization. Collected data is used only to improve the specific translation models of the client. It is never reused for any other purposes.

Ongoing security assessments and monitoring

Language Weaver solutions undergo regular and rigorous security assessments and monitoring to identify and address potential vulnerabilities:

Internal security and vulnerability assessments are performed before every release.
Static code analysis is conducted using best-of-breed applications, and manual code reviews are enforced alongside automated tests (unit and regression tests) for all code committed to the repository.
External penetration tests are performed at least annually by third-party qualified auditors.

This continual monitoring and assessment process ensures that the platform remains secure and up-to-date with the latest security best practices and policies.

Auditing and logging

Auditing and logging are vital components of a secure platform to ensure continuous assessment of the security, integrity, and system resources.

For Language Weaver Cloud, full audit and logging is enabled and stored for one year.

Language Weaver Edge, which is designed for self-hosting, provides all the capabilities for enterprises to enable auditing and logging. The solution supports log forwarding, full audit for REST API and http calls, and also exposes Prometheus metrics for a native integration with popular monitoring tools.

The power of adaptability

A key differentiator of Language Weaver Cloud and Language Weaver Edge is their adaptability.

Understanding that every enterprise and organization has unique needs, these platforms offer adaptive models that can be trained by clients themselves to cater to their specific requirements. Notably, this allows clients to create models attuned to their needs, without having to share any data with Language Weaver or any other third-party organization, further enhancing the security and privacy of their sensitive information. The result is an MT system that is not only robust and secure, but also uniquely private to the client organization.

Preparing for an AI-augmented future

As we anticipate the addition of large language models (LLMs) and other AI advancements to augment neural MT capabilities, the need to define and align with enterprise standards becomes even more critical. These upcoming developments will likely introduce further complexity, underlining the importance of such technology aspects as security, adaptability, ease of integration, scalability, and reliability. In this rapidly evolving landscape, Language Weaver’s secure-by-design principles and application put us in an excellent position to meet these enterprise-grade requirements.

Why Language Weaver?

Language Weaver solutions employ a secure-by-design approach and enterprise alignment focus, ensuring that they are prepared not only to meet the needs of enterprises today but for the future challenges that AI advancements will bring.

These principles, combined with their robust features and proven performance, have made Language Weaver and Language Weaver Edge the preferred enterprise solutions across a wide range of sectors. Financial institutions, law firms, life-science companies, high-tech businesses, law enforcement agencies, allied military forces and the intelligence community all rely on Language Weaver for their machine translation needs. Their choice is a testament to the security, scalability and adaptability that these solutions are designed to deliver.

With a proven track record of serving many of the top brands and government organizations across the world, Language Weaver continues to prioritize security and other enterprise-grade requirements in order to deliver best-in-class machine translation.

Bart Mączyński is VP of Machine Learning at Language Weaver. Since 2000, when he joined Trados, Bart has held consulting roles helping enterprise and government customers with translation management platforms, terminology systems, and machine translation. His current focus is the practical application of linguistic AI in emerging use cases.

Arnaud Simon is VP of Technical Product Management at Language Weaver. Responsible for developing linguistic AI and machine translation technologies to solve multilingual challenges faced by global organizations and their users, Arnaud drives product innovation and advancement at Language Weaver.

Back to Issue

Culture, Tech

Language Technology in the Year 2022

By Arthur Wetzel

The Nimdzi Language Technology Atlas 2022 comprehensively assesses the language-technology landscape, as it does every year. It is a comprehensive, free resource — which you…

→ Continue Reading

Analysis

The State of Hiring and Retaining Talent

By Annette Hemera Claire Brovender Liliedahl, Marcia Sweezey

Everybody already knows that language services providers (LSPs) are growing rapidly, and like many industries today, there are more job openings in the localization industry…

→ Continue Reading

Translation

Education after Singularity

By MultiLingualStaff

When we reach the singularity in machine translation, there’s a good chance it will change the way we teach our future language professionals — MultiLingual…

→ Continue Reading

WEEKLY DIGEST

Subscribe to stay updated between magazine issues.

MultiLingual Media LLC