Data Security At UlatusEfficient, Reliable Service Every Time
With increased globalization and digitization, the need to share documents across the World Wide Web has become paramount, even if the document contains highly sensitive information. How do you then safeguard your document from web based security threats such as viruses and malware, Trojan horses, worms, spyware, dishonest adware, ransomware, phishing, DDoS attacks, data & identity thefts?
Empowered with ISO 27001:2013, Ulatus’ information security management system adequately manages all security risks and ensures the confidentiality, integrity and availability of information by applying globally recognized risk management processes.
Translation Management System
to Prevent Unauthorized Access & Exchange of Files over Emails
- Majority of translation agencies distribute files for translation by email or FTP. Even if files are sometimes password-protected when emailed or when a secure FTP is used, security is still very low in this scenario.
- After the client hands over files to a translator or a translation agency, the client loses all control over the files and their security.
- There is no control over who has access to the files, where the files are stored and multiple copies of the files get stored on multiple devices with absolutely no client control of the data.
- With Ulatus, customers do not need to send files over emails as emails are always exposed to risks!
- To protect exchanged information from interception, copying, modification, mis-routing and destruction, we provide customers with a highly secured quick access portal for uploading and downloading files for translation.
- Users can also set up 2-factor authentication for additional protection.
- Translators are directed to our secured cloud based Translation Management System, which helps prevent any data from being stored locally on third-party devices.
- Data is protected by providing access only to authorized personnel as data owners can sets access rights, can revoke them at any time, and can prohibit downloads for highly confidential documents.
Data Encryption Measures
to Prevent Unauthorized Reading, Editing or Deletion of Files
- All communication is encrypted by default and is true for the communication between our cloud servers and the user's web browser.
- The connection to our cloud servers is encrypted using latest security standards. The connection uses TLS 1.2 and is encrypted using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism.
- Through strong cryptography based on industry-tested and accepted algorithms, along with key lengths that provide a minimum of 228-bits of effective key strength and proper key-management practices, customer data is encrypted, both in transit and at rest.
- Even when data is stored in a high security data center, encrypting data at rest provides an extra layer of protection. Therefore, even in the case of an unauthorized user accessing our servers, the attacker would not be able to read the data.
- Moreover, data is never transferred to any portable device and all transfer of data over the wire is encrypted using SSL & TLS security.
- Ulatus holds high assurance SSL & TLS certificates – a globally accepted security certificate standard which is the highest measure to prevent threats and plagiarism.
– Highly Secured Data Centers & Firewalls
- Our cloud servers are hosted through high security data centers located right inside two global premises and the entire facility is monitored with 24/7 video surveillance, motion sensor systems and access allowed only through an RFID access card system.
- Only the IT-Head, IT-Infra Head and CEO can access the server room.
- Ulatus has established and implemented ISMS and PCI DSS compliant firewall and router configuration standards that:
˗ Restricts all traffic, inbound and outbound from “untrusted” networks (including wireless) and hosts
˗ Identifies and records all connections, successful or failed between our data centers and other networks (including wireless)
˗ Prohibits direct public access between the Internet and any system component in Ulatus’ data environment.
Always One Step Ahead
Through Ulatus’ Penetration Testing & Vulnerability Management Program
- Hackers and spammers are continuously evolving new ways of entering secured systems and Ulatus puts its security procedures, system designs, and internal controls through a Penetration Testing & Vulnerability Management program for finding weaknesses that could potentially be exploited to violate system security policies.
- Systems are protected against current and evolving malicious software threats through anti-virus software’s that are:
˗ Deployed on all systems (which include servers, desktops, laptops and network devices) and configured to prevent any user from altering, disabling or bypassing antivirus software
˗ Virus scans are done at gateway and workstation level
˗ Are kept current, performs periodic scans and generates audit logs
˗ Virus Logs generated by anti-virus application are monitored continuously.
˗ Any removable media, floppy/ CD / USB drives received from a known / unknown source is first scanned for viruses before using it. It is also applicable in case of copying data from a standalone system that is connected to the Internet or to any network/desktop system.
Redundancy and Backups
To ensure availability, all components are in a 2+redundancy model
- Redundant architecture ensures that data is not just secured but also accessible with 99.8% availability.
- To ensure availability, all components are in a 2+redundancy model and servers are located in two geographically distant data centers.
- Additionally, all data is secured through near real-time incremental backups as well as daily full backups to a geographically remote location.
Security awareness camps are also regularly conducted
- It is important that employees and translators are aware of the potential security threats they can encounter in their daily work routines and the security measures they need to follow to ensure a safe and effective translation ecosystem.
- All Ulatus employees and translators are kept up to date on matters concerning data protection through monthly refresher trainings and quizzes.
- Security awareness camps are also regularly conducted to educate employees and translators on ISMS 27001 policies and procedures such as:
˗ Good Desktop and Password Management practices.
˗ Not to download files from unknown or suspicious sources.
˗ Delete Spam, chain, and other junk email without forwarding to any other user.
˗ Not to open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Users shall delete these attachments immediately, then "double delete" them by emptying Trash.
˗ Retention and disposal guidelines for all business correspondence, including messages, in accordance with relevant national and local legislation and regulations
Secure Remote Access
through Virtual Private Network (VPN)
- Ulatus offers its clients and freelance translators the flexibility to securely connect to our network through SSL VPN with IPv6 addressing which is available for all the java applets (Telnet, VNC, RDP, and so on).
IPv6 configurations for security policies and addressing include:
˗ Policy matching for IPv6 addresses / Support for DNS resolving in SSL VPN / Support IPv6 for ping / FTP applications / SMB
- SSL VPNs establish connectivity using SSL, which functions at Levels 4 - 5 (Transport and Session layers).
- Information is encapsulated at Levels 6 - 7 (Presentation and Application layers), and SSL VPNs communicate at the highest levels in the OSI model.
- All data is encrypted with SSL and TLS, including cached user credentials, browser history, cookies, temporary files, and user files created during the session.
- VPNs also ensure that the data transmitted between computers cannot be intercepted by unauthorized users. Users can be authenticated with a number of strong forms of authentication including smartcards and various token-based methods, or from any authority that supports RADIUS or LDAP protocols.
- Scenario-based access control policies are deployed to determine which documents or applications can be accessed and administrators can easily control access to web applications, file sharing, email, FTP, and any other applications.
- Action rights control policies are deployed that can control the functionality of applications to ensure files can’t be saved on the translators PC, and that local printers can’t be accessed.
At Your Doorstep
- No matter how strong our security systems are, we understand and respect your security apprehensions for your most valuable asset – your data.
- To help you overcome this challenge we can arrange for our linguists to work from right inside your premises and give you complete control over the entire process.
with access to your information including employees and translators
- All parties with access to your information including employees and translators are bound by our strict non-disclosure agreements.
- Clients may also present us with whatever additional confidentiality agreements they require prior to sharing confidential data and we are ready to abide by the same.
private, confidential and secure Server
- Data that our customers upload to our servers remains their sole property, and it is our utmost priority to keep their data private, confidential and secure.
- Content submitted to our servers, including translations of that content, will remain the customer’s sole property.
- Ulatus will not share personally identifiable information with any third party without the customer’s express consent, or unless compelled by applicable laws.
By establishing a secure governance perimeter such as the ISO/IEC 27001:2013 certification, PCI DSS compliant best practices and through workflow automation, Ulatus maximizes productivity by providing authorized employees and translators secure access to your documents and ensures 100% safety of your data from prying eyes and data thieves.