Cloud Data Storage and Security
By Joseph Wojowski
I have been getting questions about internet security and cloud solutions, and rightfully so; everything these days seems to be about the cloud. Cloud-based data storage, cloud-based computer backup and restore, cloud-based applications, cloud-based translation memory… These all are words that are floating around the internet, TV, radio, blogs, and discussion boards. The cloud, abstract while the idea may be, has revolutionized the way we store our data—for better or worse.
What is the Cloud and how does it work?
Cloud data storage and computing, simply put and just as a quick overview, refers to online access to data or applications which are stored in a centralized location – a server. Public clouds, like Amazon AWS, allow clients to rent space on a larger server which contains or may contain data from other clients. Private clouds have an entire server dedicated to one client and can be hosted locally or by a third party. Applications such as translation programs can also be hosted on the cloud server for executable application data, as well as for documents and resource data. The biggest appeal to these types of applications is that a lot of them are not limited to a specific operating system. Whether someone is using Windows, OS X or Linux, he or she need only have a browser to access the application.
Breaches in Data Security
In recent years in the United States, we’ve learned (the hard way) how vulnerable our IT systems can be. Solutions that companies trusted with secure information, such as customers’ credit card information, have been found to not be as secure as previously thought. If nothing else, these incidences have shown that in order to hack into a program or database, all someone really needs is malicious intent and time (See Bloomberg Business
from 21 October 2014).
In 2010, the US and Israel were able to hack into Iran’s Natanz Nuclear Facility and disrupt operations, by way of a worm that found its way onto a worker’s USB flash drive, which was then inserted into one of the facility’s computers (See Wired
from 3 November 2014).
Furthermore, August 2014demonstrated that even individuals can be at risk, as celebrities’ personal cloud accounts were hacked and personal, discriminating photos were leaked (See Forbes
from 2 September 2014).
While I am not condoning these acts, I wish to use them to illustrate that threats to data clouds, servers and computers are numerous, and only intent and time are needed to break into any networked computer or server.
Cloud-based data storage
Risk awareness is essential to the use of any form of technology, and this begins with being cognizant of where items are being stored. For example, some programs will go so far as to automatically save documents to a connected cloud-storage server. (I discovered that little nugget when I accidentally saved a list of planned blog articles to my One Drive instead of my local folder and tried to go back and find it.) It goes without saying, therefore, that sensitive documents do not belong on a cloud server, nor do files and resources related to those documents – like project backups, translation memories, and glossaries. While it may be very convenient to be able to work with a document or resource at home, leave for the office empty-handed and work with that same document at the office, there is still a risk (if only very minimal) of that cloud server being hacked, resulting in the unintentional disclosure of the information contained.
So what about cloud-based TM Solutions?
I would first like to establish and make clear that cloud-based translation environments are great tools in a Language Service Provider’s toolbox. The ability for project managers, translators, editors, proofreaders, terminologists, et cetera, to collaborate and work on a project is an incredible advancement and does great things from a project management standpoint.
Internet security-wise, while cloud-based TM tools may not be the specific target of hackers, the potential is still there and, again, it would only take intent and time for someone to hack into TM cloud servers.
So, while cloud-based TM applications are highly beneficial for their collaborative capabilities in an industry dictated by tight deadlines and high expectations on quality, as a technology-oriented person and as someone who understands the risks involved with the use of networked devices, I cannot say that cloud-based TM solutions have replaced local applications in my project manager or translator toolbox… yet.
Retail transaction records and governments are common targets because they deal with information that people know is valuable. While information we as translators deal with is just as important, it’s not as well known that we deal with this type of data as well. As a member of the industry I’m addressing, I would rather we be aware of the risks involved and actively exploit every measure possible to secure the data we work with, than be subject to an information breach and wish we had done more, sooner.
And when you're looking into Cloud solutions, do not simply accept the sales pitch on how seriously a company takes information security. Ask for details: how exactly are they actively preventing an incident? The more a company touts having the most secure anything, the shinier it appears to those with malicious intent, which makes them want to hack into it that much more.
Joseph Wojowski is Director of Operations at Foreign Credits, Inc. in Des Plaines, IL, Chief Technology Officer at Morningstar Global Translations, and A Certified MemoQ Trainer. This article was originally posted on Wojowski's blog on January 29, 2015.