Specific – especially security-related – constraints must be addressed when integrating voice assistants in a work environment. Should a cloud solution provided by one of the major American suppliers be selected, or a local solution such as those offered by a number of startups?
Alexa is listening to you. All the time. Amazon’s voice assistant is installed in all Echo connected speakers and in the new connected devices that the e-commerce giant has just unveiled: Buds (earphones), Loop (ring), and Frames (glasses). It sends voice requests to the cloud to be decoded by algorithms and receive appropriate responses.
But AI is not the only thing at work here. It was recently revealed that human operators listen in on some conversations without the knowledge of the users. The resulting uproar also involved Google and its Google Home assistant.
Since then, the two American companies have taken a range of corrective measures to reassure owners of the slightly-too-curious smart speakers.
What might possibly be tolerable in private life is not acceptable in a work environment, where some conversations are strategic. Will voice technology now come up against a barrage of security issues?
Alain de Pauw, Division Manager at Axians Germany, downplays that danger. “I believe that voice technology is coming in any case. We will then need to add a security layer. But I haven’t yet seen an Amazon Echo on the desk of any of our employees except for demo purposes,” he says.
Protection and education
“The cloud and connected objects must of course be protected with stronger authentication. But actually, the most important thing is to educate users about what they may and may not do with the voice assistant. The same thing applies to email or even Cloud broker solution: What can you do and can’t do in an e-mail or where to look at in any mail communication?” he adds.
“What happens if I am in an office with a client and one of these speakers is there listening and transmitting the conversation to the cloud?”
In Germany, VINCI Energies also carry out internal audits to assess the degree of compliance with security instructions governing any communication channel (written or voice communication, etc.). Axians receives a large number of requests related to IoT and smart solutions like smart City, Industry, Buildings, etc.
“When these technologies are introduced in the work environment, the devices will be connected devices. First, focus on the basics. Make sure your account, Wi-Fi network, and other internet networks have strong, secure passwords hackers won’t be able to easily guess. Regularly update the firmware of your router and other physical internet infrastructure to protect against exploits, too”, says Alain de Pauw. In terms of privacy, place those devices away from areas you’d rather it not potentially overhear conversations. The next step is to remove the ability of your device to send data.
These measures are not specific to voice technology – they apply to all connected objects. However, for voice assistants, appropriate solutions will have to be introduced to ensure security of communication and transfer of voice conversations.
“What happens if I am in an office with a client and one of these speakers is there listening and transmitting the conversation to the cloud? This is also something to think about when using Skype, WhatsApp and Microsoft Teams,” says the division manager of Axians Germany.
There are solutions to ensure security for the cloud and on the cloud. The necessary measures include complex passwords, security patches, gateway protection, modification of the default names of voice devices, and the addition of authentication layers.
Alongside the manufacturers of connected voice speakers such as Amazon and Google, which use Amazon Web Services (AWS) and Google Cloud Platform, startups such as Snips in France offer a different model using a voice recognition technology for connected objects that does not send information to the cloud and instead retains requests locally in the devices.
Snips offers a suite of solutions building on the Privacy by Design principle used in smart buildings, sales booths, and household appliances. The startup is expected to begin marketing a connected speaker in 2020. This alternative may prove beneficial for companies seeking to increase confidentiality once voice technologies have invaded the workplace.