TBSJ’s IT department – Information & Language Technology Services (ILTS) – develops and maintains at dedicated platform for managing our translation projects as efficiently and securely as possible.

TBSJ builds custom machine-translation engines for specific needs. For security and quality reasons, we do not use generic online machine-translation services (free or paid) to translate client documents.

Clients can use our project management system to securely upload/download files of any size without the need for email or third-party file sharing services.

Our platform is developed in accordance with Microsoft C# coding conventions. Defensive coding and regular security audits defend against SQL-injection, cross-site-scripting, and other such attacks.

All servers are located in the AWS Japan region. Inbound/outbound communication is limited in accordance with security group settings. Our project management platform resides in a sub-net within AWS virtual private cloud to prevent malicious access.

Security tools such as AWS CloudTrail, CloudWatch, and GuardDuty identify potential threats and suspicious activity and perform other security monitoring.

Anti-virus is installed on servers and individual PCs. Virus definitions are updated as soon as each device/instance is powered up after vendor release, usually within one day. We carry out central monitoring of any threats on individual staff PCs.

Data in-transit is protected with TLS v1.2 encryption. Data at rest is protected with 256-bit AES encryption. AWS server-side encryption is employed by default; client-side encryption is used for sensitive files.

Within the platform, document data is logically separated on a client-specific basis. Access permissions are managed at the individual document level. Large-volume assets only accessible by administrators.

Data-access logs are retained and monitored. Data is regularly backed up to highly durable storage in order to ensure system resilience.

Organization Validation (OV) SSL certificates provide additional online trust by authenticating our business identity and legitimacy.

GeoTrust SiteLock Security verifies that our website is free from malware, viruses, hackers, and spam.

We only work with practitioners (i.e., individual translators, editors, DTP specialists, and advisers, etc.) of the highest caliber. Before they are permitted to work on or with any client documents, all are required to sign a Non-Disclosure Agreement (NDA) that is no less stringent than TBSJ’s NDA with the client in question. In addition, all practitioners must undergo a security review before they can work with TBSJ, and our support team provides assistance in addressing any areas of weakness. Some of the areas reviewed are as follows:

• Use of anti-virus and anti-malware software
• Use of MFA
• Password security
• Physical security
• Connectivity

Practitioners are required to delete work files on completion of their assignment and notify TBSJ of deletion on a monthly basis.

Project managers must also comply with all requirements for practitioners and work on TBSJ-managed PCs. A list of authorized software for staff PCs is maintained by support staff, and authorized software can be installed only by administrators. PC hard disks are encrypted with BitLocker; decommissioned devices are physically destroyed.

Staff passwords must be created in accordance with company-wide rules and maintained in a central password management system. Each user has a unique ID and password for our project management system, and MFA is enforced.

All staff undergo regular security awareness training and are subjected to simulated phishing attacks to identify and address weak points. Incoming email is filtered through a company-wide blacklist and additionally analyzed for potential phishing threats.