Guidelines for globalizing security-related content

This article first appeared in the Microsoft Language Portal.

In software development, there are regulations and initiatives that emphasize the security, privacy, and availability of software. What role do content creators play in supporting this initiative? The security-related content provided by content creators - product documentation, white papers, and Web content - directly contributes to their customers' abilities to:

Get secure and stay secure, to protect their confidential information, and to rely on their computers to always be available.

Software content providers are generally encouraged to scrub code snippets for bugs, augment product documentation with security best practices, and keep security issues in mind when writing new documentation. However, little emphasis has been placed on how globalization issues might affect the creation of security-related content.

In many ways, security-related content and globalized content are closely connected. Content, as well as software, needs to illustrate that secure computing is a global concept. Content providers who work for companies that ship products and solutions in multiple markets have to consider the worldwide audience - they write for customers who speak different languages and who have different levels of awareness surrounding security issues. Now more than ever, content providers need to make sure that their security-related content is clear. Otherwise, security may be compromised.

What is globalization, and how does it differ from localization?

Globalization and localization are related, but separate, concepts.

Localization refers to meeting the language, cultural, and political expectations of a specific local market. Localization often implies translation of text and user assistance content.

Globalization refers to the practice of designing a product that is adequate regardless of the country of origin.

A product that is properly globalized can be localized with a minimum amount of difficulty. To be effective worldwide, content must be globalized.

Keys to delivering a globalized product

Here are some tips that can help you provide security-related documentation for a worldwide audience.

Keep terminology consistent across your products and services.

Most companies are doing a good job of managing and using their own terminology consistently, but ultimately, terminology that is used across products needs to be synchronized.

You may consider creating a glossary with security- and privacy-related terms and their definitions. Find out who the main stakeholders in your company are when dealing with security and privacy issues, and collaborate with them throughout the glossary creation process. The completed glossary will be a good terminology resource for content creators, localizers (those who translate content), and customers. Such a glossary will ensure a consistent experience for your customers who read security-related content.

Use security and privacy terminology that will be understood worldwide.

As security and privacy issues become more important, content editors need to explain these issues in terms that are clear to their audience. They must be careful to use terminology that customers and partners understand.

If terms are used that are to represent concepts that do not correspond with the primary meaning given in a dictionary, or if jargon is used, content providers face the risk to not communicating clearly. Here are two examples that illustrate the importance of avoiding these issues when creating globalized content.

A content provider is considering using the term "insecure" as a possible antonym for "secure." These two words are, technically, antonyms. However, "insecure" has several common meanings that the worldwide reader could apply incorrectly.

Consider the possible connotations of the term "insecure software". This could denote "doubtful" or "unsteady" software—which differs from the concept of software that is not secure. Additionally, a localizer is likely to translate "insecure" awkwardly. Therefore, the use of a more explicit phrase, such as "not secure," would be less ambiguous.

Jargon introduces other problems for worldwide readers. Consider the term "security hole" that is used widely in the press. Because it is essentially slang, a non-native speaker of English may have a difficult time understanding it. In addition, it may be difficult to localize if the translator has trouble understanding the term. A more obvious term, such as "security risk" or "security vulnerability," is a better choice.

When in doubt about whether a particular security term will be globally understood, define it when you introduce it. Also add the term to your glossary, if your document has one.

Don't assume that security and privacy issues and regulations that exist in your market are identical world-wide

Security and privacy regulations differ from market to market. Companies will need to collaborate with local subject matter experts to determine how to integrate them in the product development cycle. The appropriate research should be done prior to product development.

Remember that clarity is one of the greatest gifts that content providers can give to localizers.

Although clarity is important to all audiences, localizers especially value it. Localizers have many factors working against them, including that they are often working under extreme time pressure. They also usually only learn about the feature the work on after they receive the handoff to localize it—they almost surely do not have the same background product knowledge that content provider has. The more clearly you can communicate, the better chance there is for a good translation.

Get necessary legal information and direction

Be careful of implied guarantees. In some markets, what you say must be backed up with proof, or legal action may be taken against the company. In the Netherlands, for example, you must be able to quantify and prove any and all claims made about a product. If you write, "This product is more secure than any workstation you've used before" you may be required to supply some evidence.

Work with your legal representatives to ensure that you aren't making any statements that customers could use to challenge "no warranty" disclaimers in product end-user license agreements

Make it clear that security is a worldwide problem.

We cannot assume that all our worldwide customers are as familiar with security issues as our customers in our established markets. Even more than home users in markets that have a well developed computer and internet culture, worldwide customers who are untrained in using computers and unaware of security issues may unintentionally leave themselves vulnerable. For example, these users might fail to install a patch because the consequences of failing to do so were not adequately explained. They might also not understand the risks if they use a weak password or no password.

Our solution to these challenges consists of raising awareness among worldwide customers through the correct depiction of security issues in user assistance content and by adequately globalizing this information.

Comments (0)

Skip to main content