| Pages in topic: [1 2] > | Agency has new list of security requirements Thread poster: Natalie Soper
|
|---|
Natalie Soper 
United Kingdom
Local time: 20:32
French to English
+ ...
Hey all, I've been working with an agency for a number of years, but they've just sent out an updated service agreement for their freelancers to sign. This included a new document of security requirements, where they said they might ask to see evidence that the rules are being followed. Aside from the usual requests for password protection, anti-virus software etc, These requirements also included:
- Keeping an inventory of my IT assets
- Having a clear desk & screen policy... See more Hey all, I've been working with an agency for a number of years, but they've just sent out an updated service agreement for their freelancers to sign. This included a new document of security requirements, where they said they might ask to see evidence that the rules are being followed. Aside from the usual requests for password protection, anti-virus software etc, These requirements also included:
- Keeping an inventory of my IT assets
- Having a clear desk & screen policy
- Encrypting my computer disks and emails
- Having physical controls in place to restrict access (e.g. physical locks, security cameras, alarms)
Regardless of whether already I do some of these or not, isn't it a little excessive for an agency to ask this of me? I only use the one laptop, I work from home. It seems quite hard to enforce or provide evidence for some of these. Plus, I'm not their employee.
I'd like to hear your thoughts because I'm not sure what to make of it. ▲ Collapse
| | | | Dan Lucas
United Kingdom
Local time: 20:32
Member (2014)
Japanese to English
| No such thing as a free lunch | Nov 28, 2022 |
Natalie Soper wrote:
I'd like to hear your thoughts because I'm not sure what to make of it.
The key issue for me is whether some of these conditions may infringe the confidentiality of other clients.
For example, one end client wanting translation of confidential documents demanded (via the agency) that I put software on my PC to list and send a report on the files it found there. That would have given the end client access to at least the names of other agencies and end clients, and possibly more, which to me was an unacceptable and non-negotiable breach of the confidentiality of my other clients. I told the agency I would no longer work with the end client demanding the installation of the software.
However, provided that the confidentiality of other clients is not at risk, it really is up to you. No, you're not an employee but it is quite usual for clients to require certain standards from their contractors. On the other hand, every such requirement comes with a cost in time and effort, which means money.
Do they already pay a very good rate? Are they prepared to recompense you for the additional burden being imposed?
If not, then they are probably chancers trying to coerce more resources out of their freelance partners without paying them. Or to put it more charitably, pass the burden of costs onto you without offering to help.
Regards,
Dan
| | | |
"They might ask to see evidence that the rules are being followed": I wonder how on earth will they be able to do that?
| | | | finnword1
United States
Local time: 15:32
English to Finnish
+ ...
| Probably written by a lawyer | Nov 28, 2022 |
. . . who is running out of things to do.
| | |
|
|
|
Natalie Soper
United Kingdom
Local time: 20:32
French to English
+ ...
TOPIC STARTER | Thanks for your thoughts! | Nov 28, 2022 |
Dan Lucas wrote:
Do they already pay a very good rate? Are they prepared to recompense you for the additional burden being imposed?
They used to contact me monthly for a particular client, but they've been quieter this year (especially since I raised my rates). The projects themselves weren't very big. So all in all, I don't think it'll be a huge loss if I didn't work with them any more.
They also wanted me to delete all files relating to each project a month after I'd handed it in - which I didn't mind, but I asked if this also included Trados segments and they said no. So, it does make me wonder if these policies of theirs are more style over substance...
| | | | Natalie Soper
United Kingdom
Local time: 20:32
French to English
+ ...
TOPIC STARTER
Maria Teresa Borges de Almeida wrote:
"They might ask to see evidence that the rules are being followed": I wonder how on earth will they be able to do that?
Well, quite! I assume they won't be making home visits!
| | | | Tom in London
United Kingdom
Local time: 20:32
Member (2008)
Italian to English
It sounds as if they may have hired a new lawyer or something. Someone who is trying to impress by introducing new "security requirements" for all their translators.
Which is probably going to mean they will *lose* all their translators. Very quickly!
| | | | Dan Lucas
United Kingdom
Local time: 20:32
Member (2014)
Japanese to English
| Don't be so sure | Nov 28, 2022 |
Natalie Soper wrote:
Well, quite! I assume they won't be making home visits!
One SLA that I was asked to sign explicitly allowed for my place of work to be visited and audited. I think it would have been vanishingly unlikely, given my location, but when I worked for an auditing firm we did basically select a sample of items to audit at random and go check them out...
Dan
| | |
|
|
|
Some (big) agencies seem driven by bureaucracy, form-filling, red tape and mind-boggling requirements when life could be so simple…
| | | | Natalie Soper
United Kingdom
Local time: 20:32
French to English
+ ...
TOPIC STARTER
Tom in London wrote:
It sounds as if they may have hired a new lawyer or something. Someone who is trying to impress by introducing new "security requirements" for all their translators.
That's exactly it, they said the documents have undergone a "legal review". Sounds like someone is getting their money's worth...!
| | | | | Bad overall rating | Nov 28, 2022 |
I have been in a similar situation during the GDPR craze a few years ago. After admitting that I couldn't/wouldn't comply with them all, I haven't really seen much difference in workload with that agency client.
The only change I noticed is the much lower overall rating for my service, because their assessment now includes a security component besides quality, timeliness, etc. As long as it doesn't impact work coming my way...
Philippe
| | | | Arianne Farah
Canada
Local time: 15:32
Member (2008)
English to French
| Not at the expense of all my other clients... | Nov 29, 2022 |
I would never give access to my computer to one of my clients; all of my clients deserve confidentiality.
Over the years, I've had a few clients be very stringent about security - they each sent me a company laptop, with a VPN and all the security and encryption software they wanted and I used only their laptop for their work, and nothing else - I wouldn't even log onto my personal email because that could give them access to other clients' documents.
Some clients don'... See more I would never give access to my computer to one of my clients; all of my clients deserve confidentiality.
Over the years, I've had a few clients be very stringent about security - they each sent me a company laptop, with a VPN and all the security and encryption software they wanted and I used only their laptop for their work, and nothing else - I wouldn't even log onto my personal email because that could give them access to other clients' documents.
Some clients don't want their data leaving Canadian soil. Fine, but I confirm there will be no cloud backups, so if my computer fails, everything is gone (if ever they would want local backups, I would either request an external drive or USB key, or charge them for one, but it's never come up - I assume they do their own backups). ▲ Collapse
| | |
|
|
|
Kay Denney
France
Local time: 21:32
French to English
- Keeping an inventory of my IT assets
One laptop, mouse, printer, cables for these to communicate with each other. Why do they need to know this?
- Having a clear desk & screen policy
hum, I do sometimes leave my computer on while I go to the loo, make tea or microwave my leftovers for lunch, but there's only the cat and dog here, and I haven't taught them to send data to North Korea.
- Encrypting my computer disks and emails
I'... See more - Keeping an inventory of my IT assets
One laptop, mouse, printer, cables for these to communicate with each other. Why do they need to know this?
- Having a clear desk & screen policy
hum, I do sometimes leave my computer on while I go to the loo, make tea or microwave my leftovers for lunch, but there's only the cat and dog here, and I haven't taught them to send data to North Korea.
- Encrypting my computer disks and emails
I'm not sure I'm IT savvy enough for that, so I'd have to ask an IT guy for help.
- Having physical controls in place to restrict access (e.g. physical locks, security cameras, alarms)
Are they paying for it? Anyway, I can't have a burglar alarm at home, the animals would set it off.
Do they have you translating military secrets or what? ▲ Collapse
| | | | | Not to worry | Nov 30, 2022 |
I've seen - and might well have agreed to - something similiar about audits, and I don't think they would, I don't think they could, and so what if they did?
There's nothing secret on my PC that can't be removed temporarily if need be.
| | | | Adieu
Ukrainian to English
+ ...
| That delete policy is unacceptable | Dec 2, 2022 |
Never agree to delete anything until you've collected full payment on it.
Natalie Soper wrote: Dan Lucas wrote:
Do they already pay a very good rate? Are they prepared to recompense you for the additional burden being imposed?
They used to contact me monthly for a particular client, but they've been quieter this year (especially since I raised my rates). The projects themselves weren't very big. So all in all, I don't think it'll be a huge loss if I didn't work with them any more. They also wanted me to delete all files relating to each project a month after I'd handed it in - which I didn't mind, but I asked if this also included Trados segments and they said no. So, it does make me wonder if these policies of theirs are more style over substance...
| | | | | Pages in topic: [1 2] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Agency has new list of security requirements | CafeTran Espresso | You've never met a CAT tool this clever!
Translate faster & easier, using a sophisticated CAT tool built by a translator / developer.
Accept jobs from clients who use Trados, MemoQ, Wordfast & major CAT tools.
Download and start using CafeTran Espresso -- for free
Buy now! » |
| | Anycount & Translation Office 3000 | Translation Office 3000
Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
Translation news
