The WordXtra Security Policy has been defined in order to demonstrate our firm commitment to security. This document outlines our security and accessibility policies with respect to WordXtra as a means of communicating directly with our Globalization Management System (GMS), Wordflow.
Site certificate information
Wordbank understands that the security of your business information is of critical importance. As a result, whenever you submit business identifiable information or transfer other information and documents to and from WordXtra, you will be doing so through our secure servers.
Our WordXtra service only allows secure browsers access to the system. The browser's "secure mode" is active only when you are logged into the system. If you are using Internet Explorer, you will be able to tell that you are in a secure mode via the lock icon on the lower bar of your browser window.
Every secure page (i.e. every part of the user interface) on WordXtra has been secured with a digital certificate issued by the Thawte global certificate authority. To view this certificate, click on the image of the closed lock on the bottom bar of your browser window. A small frame displaying site security information will appear. This will allow you to verify the site certification authority and that you are in fact on wordxtra.net or a sub-domain of WordXtra.
Access to pages on WordXtra is granted by possession of a Wordbank-generated username and password pair. No ‘guest’ access is allowed and password information is only accessible by Wordbank IT Services Staff who are bound by an IT security-specific Confidentiality Agreement.
Each time you login to the system you will be required to authenticate your identity by entering your previously supplied username and password. Upon successful login, you are issued a unique "session id" (this does not include any personally identifiable information) allowing you to remain active as long as actions are performed in the system at least once every two weeks. If your session expires through inactivity for a period longer than two weeks, you will be required to re-enter your username and password. If an incorrect password is supplied, or if you simply forget your password, you will not be granted access to the system.
Protection of information being transmitted
We use encryption technology to ensure the safe transmission of your information and documents when logged into the system. Your browser provides security by allowing us to use Secure Socket Layer (SSL) encryption up to 128-bit key length encryption when transmitting information and documents. The number of bits of secret key length varies between 40 and 128 depending on your browser's capability. The highest available bit length is always used. All communication between your computer and WordXtra is encrypted using SSL.
Protection of stored information
Wordbank takes many measures to protect client information while it is stored, including:
- Utilizing a firewall to protect our servers and stored information. A firewall is a barrier to unauthorized users to prevent access to our systems.
- Monitoring system and application activity logs to identify any unusual activity, from authorized and/or unauthorized individuals accessing our systems and/or making changes to stored information, for investigation.
- Housing our servers in a secure room in a CCTV-monitored secure building to provide additional protection against unauthorized access and changes to stored information.
- All employees at Wordbank Limited are bound by a confidentiality and non-disclosure agreement prohibiting access to and dissemination of information handled by the company's clients when using WordXtra or any other method of communication.
Internet connection and server architecture
The WordXtra and Wordflow infrastructure consists of a range of redundant hardware components including:
- Large bandwidth redundant Internet connections to one of the main Internet connection points.
- Secure computer facilities with cooling systems, UPS and backup systems.
Wordbank has implemented the following backup routines:
- The servers' RAID- systems are mirrored to both on- and off-site backup machines on a daily basis.
- ‘Snapshot’ backups are performed daily, weekly and monthly for all servers.
- Wordbank undertakes to adopt reasonable measures in order to ensure that the WordXtra service is available over the Internet 24 hours a day, seven days a week. Wordbank shall be entitled to take measures that affect the aforementioned accessibility where Wordbank deems such to be necessary for technical, maintenance, operational, or security reasons.
- WordXtra users shall be aware and acknowledge that access to the Internet cannot be guaranteed and that Wordbank shall not be liable for deficiencies in the customer's own Internet connections.
- WordXtra is built on architecture that does not employ ActiveX components and as such does not require users to adapt browser security settings accordingly.
- In the event of defects or deficiencies attributable to Wordbank, Wordbank undertakes to act to rectify such defect without unreasonable delay. In the absence of intent or gross negligence by Wordbank, Wordbank otherwise assumes no responsibility for defects or deficiencies in the WordXtra.
Changes in this policy
Wordbank reserves the right to modify or amend this Security Policy at any time and for any reason. Users will be notified about changes in the Security Policy via our web sites and newsletters.