Security FAQ about Website and UI Translation
LinguaSol is a LanguageTech company and continuously innovates cutting edge technology products for the translation industry. From globalizing websites to localizing applications or translating documents in an effortless, quick and cost-effective way, LinguaSol provides localization and translation solutions for all business needs. With an installed base of more than 150 customers and more than one million satisfied users, LinguaSol is located in Pune.
1. What are the security implications of Linguify implementation?
Linguify has been built for enterprise web applications, and hence security has been given prime consideration. Linguify is deployed either inside your data centre or on server (or VM) provisioned by you. Hence, your security team is always & completely in control of the security implementations.
Moreover, Linguify strictly implements following key protocols:
- LinguaSol team does not require any direct access to Production instance of server where Linguify is deployed. LingaSol team deploys Linguify on Testing or Staging server, and deployment on Production server can be carried out through automated scripts or by your IT team. This way, the Production server is always within sole control of your IT team.
- Linguify does not store any customer data. The only data captured or stored by Linguify run-time is new text (not found in the translation repository) or logging data. Even this captured on Production server and handed over to LinguaSol team by your IT team, and hence your IT team is in complete control.
- Linguify makes page requests only to the designated domain (your main domain or internal IP address) for fetching the web page. Other than this, Linguify does not make any other outbound connection or request.
- All the configuration data & translation repositories required by Linguify for translation are stored on your server only (where Linguify is deployed), and Linguify does not require any API call or fetch translations from any external source or server.
Following are the points related to security for different deployment scenario:
- On-premise deployment (inside data centre): Linguify server gets deployed behind the firewall, and is assigned local IP address. Due to this, any request going in or coming out of Linguify server is fully controlled by the firewall, and Linguify server cannot be accessed from outside. Additionally, Linguify makes page request to main server on local IP address only. Finally, LinguaSol team does not require any direct access to the server where Linguify is deployed. Moreover, this server (where Linguify is deployed) is not required to be assigned any domain name, thereby helping security considerations.
- Deployment on Hosted server (AWS, GCP, Azure or other): Since the Production Server is under full control of your IT team, all security constraints can continues to be as per your policies.
2. Does Linguify have any security certification?
Since Linguify is a middleware which gets deployed on infrastructure provisioned by you, any security audit or certification of Linguify as subject to (and subordinate of) the overall security framework. Linguify has cleared several such audits as a part of security audit of overall system commissioned by our customers carried out by 3rd party security audit companies (e.g. Veracode, Cert-in). LinguaSol personnel assists customer’s executive during such process.
3. Can Linguify be used for secured transaction?
Yes. Linguify has been extensively deployed for translation of applications that require high security e.g. Internet Banking.