Lengoo: Positively, Certifiably Secure

Lengoo: Positively, Certifiably Secure
Jay Marciano
Oct 9, 2023

Lengoo achieves certification for ISO 27001

Lengoo is expanding the very definition of a language technology and services company. But even as we continue to build up our generative AI portfolio, we still very much recognize that business dealings are about human relationships and that those relationships boil down to trust.

We have always asked our customers to trust us to render their mission-critical communications into other languages with accuracy, with correctness, and, of course, with secure handling of their intellectual property every step of the way. And now, as our customers rely on us for customized generative AI tools, they entrust us to not only protect their hard-won training material but also to ensure that every transaction – every string of ones and zeros shooting between their infrastructure and ours – is executed with the very latest security measures.

Maintaining such a level of trust these days requires more than just handshakes and verbal commitments; it demands robust, internationally recognized certifications.

This is why we are very pleased to announce that Lengoo has been certified to be in compliance with ISO 27001.

ISO 27001, developed by the International Organization for Standardization and the International Electrotechnical Commission, stipulates 114 best practices, divided into 14 areas, for information security management systems. These best practices range from risk management processes, security protocols, and business continuity strategies, to ongoing improvement of these practices. In essence, ISO 27001 is a blueprint for organizations to establish, implement, maintain, and improve a comprehensive data security system.

The Certification Process

It’s one thing to say that you work in accordance with ISO 27001, but it’s an entirely other thing to go through the grueling assessment process and come out the other side with a shiny new certificate.

The process begins with building up an internal auditing team whose responsibility it is to become deeply familiar with the litany of controls stipulated in the standard. This team then conducts and carefully documents interviews with key personnel in all pertinent departments to get a snapshot of how well a company's existing information security management system aligns with the requirements set out in ISO 27001.

This entails weeks of meetings, serious self-reflection, furious note-taking, and the incessant repetition of the question “Where is this process documented?” In the world of ISO certification, shortcomings are called “non-conformities,” and it is during this initial phase that the company has a chance to put corrective measures into place for any non-conformities that are discovered during the interview process.

Once completed, the internal assessment is followed by an external audit conducted by an accredited third-party certification body.

The audit consists of (1) a thorough review of the internal assessment and its findings to ensure its adequacy, and (2) an assessment of the implemented information security management system to ensure its effectiveness.

Certification can only be awarded after any non-conformities that are found during the external audit are addressed and rectified.

So the process was about demonstrating not only that Lengoo is in compliance with the 114 controls in ISO 27001 but also that we can effectively identify and address any shortcomings and are committed to continually improving our information security processes.

Why is ISO 27001 increasingly important?

The secure handling of information has always been important to those with secrets to keep because we have always drawn a direct line between knowledge and power. Anyone with knowledge about your secrets, whether in business or in private life, wields power over you.

That medieval-sounding dynamic endures, of course, but today the very data in which information is encoded is also valuable as a building block for AI systems. Lengoo partners with its customers to fascilitate their ability to build up and curate data repositories for the purpose of leveraging that data in AI systems that will allow them to do whatever it is that they do more efficiently.

In other words, at Lengoo we see data as a resource whose value is still being discovered, whose value is still increasing.

With our new ISO 27001 certification, our customers and partners can confidently engage with Lengoo, knowing that their data is protected under our robust information security management system.

Sure, Lengoo’s ISO 27001 certification is a great achievement, but it's also a promise. It's a promise to our clients, our partners, and even to ourselves, that any data that is entrusted to us is in safe hands, protected by an information security management system that aligns with global best practices and is designed to improve as those best practices continue to evolve.