GRC

Information Security and Tuning Your ASR Solution: Keeping You, Your Business and Your Customers Safe

Jay R. Pascarella February 21, 2019

It’s no secret that pretty much everybody hates information security. At best, it’s annoying. You have to keep track of a bunch of passwords, you have to lock your computer whenever you get up (even if it’s only for five minutes), and there’s a lot of websites you can’t get to on your company network. You probably also have an information security person, or a whole team, who constantly remind you of all the ways you’re just not doing enough.

And it’s fine to think of information security in that way, as long as everything is going well. Because when it isn’t, information security -- or lack of security -- can be terrifying. Everything and anything that matters to your business can be taken away in a matter of seconds. Key customer data, account information, financial details, health records, product blueprints; there is a nearly endless list of types of data which businesses, including yours, hold and which need to be protected. Because if you don’t protect them adequately, it could cost you your business and your reputation. And the consequences to your customers could be even worse.

The reality is that there are data breaches and failures of information security every day. It’s not just small organizations, or those that don’t have a lot of technical expertise. Big tech companies like Facebook and Twitter fail to secure their user data properly, and disclose things that they shouldn’t. Hospitals and healthcare systems lose hard drives containing patient records. Even banks can be breached, and give up key PII like names, dates of birth and Social Security numbers.

This is the reality: all businesses in today’s economy are on the front lines of cyber security war, whether they acknowledge it or not. State-sponsored actors, criminal organizations, politically-motivated special-interest groups and teenagers looking to cause a little chaos are all searching for access to your company’s data. The motives may be different -- to damage an enemy, to sell for profit, to promote a cause or to see what they can get away with -- but the outcome is the same.

In the world of ASR, there is a lot of data which should not be compromised. The audio data that ASR solutions process frequently contains crucial pieces of information that need to be treated seriously and protected effectively. This applies in all aspects of ASR, including the tuning of your ASR solution.

Tuning is the process whereby ASR software is trained to generate more accurate transcription. This is done by providing the algorithm with audio data it hasn’t already been exposed to, and training it to accurately recognize words and phrases associated with a particular industry or a particular business. (Product names are a good example of the kind of thing that most software needs to be trained to recognize.) This tuning process requires real audio data, however. Even though that data is “only” being used for training purposes, it needs to be treated with as much care for its security as all other data on your customers.

So every ASR solution needs to protect audio data. Fortunately, to combat the threat, a host of industry and regulatory bodies and government organizations are continuing to develop standards that, if followed correctly, will keep data safe.



Jay R. Pascarella

Jay Pascarella B.S.E.E is the Director of Information Security at Voci Technologies, Inc, with extensive experience in building Information Security programs with startup and fortune 500 organizations across all of the major security frameworks and regulations (PCI/NIST/HIPAA/ISO/NIST/GDPR/FINRA etc.). Jay is an avid reader, fisherman and family man.

Stay updated with Voci's speech insights

Please type your first name.
Please type your last name.
Invalid email address.
Invalid Input
I have read and agree with Voci’s Privacy Notice