- Access Control
- Network Security
- Data Isolation
- Audit
As Speech Services consists of several services, need to prioritize documentation.
- Batch transcription
- Realtime transcription
- Conversation transcription
- Text to speech
- Speech translation
- Speaker Recognition and so on...
We start documentation from Batch Transcription as it includes several resources to function.
Cognitive Services provides an option to configure private network access.
Configure Azure Cognitive Services virtual networks
For Speech Services, you may have limitation for making use of Speech Studio. Take a careful look at the following articles.
Use Speech service through a private endpoint
- When private endpoint is configured, the networking page shows the entry of the private endpoint.
Use Speech service through a Virtual Network service endpoint
- When service endpoint is configured, the networking page shows the selected network.
It is stated that Speech Service automatically encrypts the data when it is persisted it to the cloud.
Speech service encryption of data at rest
For Batch Transcription, Bring Your Own Storage more makes sense in a way that BYOS makes it possible to isolate data in your own subscription.
As to how to configure BOYS for Batch Transcription, refer to the following page.
Configure BYOS for Batch Transcription
Speech Service can provide Authentication via API key as always is the case with Cognitive Services.
Follow Find keys and location/region section to find API Key.
For the other options for Authentication, refer to Authenticate requests to Azure Cognitive Services
It is possible for Cognitive Services to enable diagnostic logging.
The topic is explained in Enable diagnostic logging for Azure Cognitive Services
As to the other aspect of Audit related topics, take a look at the following documents.
Azure Policy built-in policy definitions for Azure Cognitive Services