Linkedin-in Whatsapp
Main Menu

Table of Contents

Azure Language Understanding (LUIS) Baseline

In the previous article, “Azure Speech Translation Service Baseline,” we reviewed an industry-standard security baseline for Azure Speech Translation. This article will review requirements and guidelines and share an example security baseline for Azure Language Understanding, or Azure LUIS.

Description  

Azure Language Understanding Intelligent Service, or Azure LUIS, is a cloud-based conversational AI service that applies custom machine learning intelligence to a user’s conversational, natural language text to predict overall meaning and pull relevant detailed information. 

Baseline  

Baseline considerations are based on security principles that stakeholders provide. Every decision made in the baseline discusses a security parameter related to service configuration. It informs consumers on what to do and what not to do when setting up their service.   

We’ll describe each configuration name, requirements, and guidelines. 

Private Endpoints 

  • Create private endpoint access to applications and predictions. 
  • Use private endpoints to secure access to LUIS applications and predictions via Private Link. 
  • Private endpoints should be used for Authoring & Prediction services. 

Network Logging

  • Collect network traffic logs and analyzing them. 
  • Turn on NSG flow logs and enable Traffic Analytics.  

Authentication/Authorization 

  • Authenticate to console services and data sources using Azure native security services. 
  • Authentication to services using AAD IAM RBAC and Managed Identities. Either system assigned or user assigned.

Keys

  • API keys should be stored in key vaults as secrets. 
  • A copy of API key 1 and key 2 keys should be stored as secrets in key vault.

Logging

  • Collect platform logs and operation logs. 
  • Diagnostic settings and Activity Logs should be enabled and stored in centralized workspace. 
  • See Azure log analytics for more information. 

Ready to experience the full power of cloud technology?

Our cloud experts will speed up cloud deployment, and make your business more efficient.  

Start Today !

UAI Tag

  • All search services must be tagged with a valid UAI. 
  • User lowercase name and value. 

Environment Tag

  • All search services must be tagged with a tag corresponding to the application environment. 
  • Follow Cloud Controls Matrix document for valid environment names. 
  • Use lowercase name and value. 

Appname Tag

  • Applications must be tagged with application short-name where applicable. 
  • For example, your key may be called “appname”, and your value may be “ABC123”.

Naming Convention

  • Follow a standard, established naming convention. 

Standard Network Configuration

  • Apply a standard vnet, subnet, and NSG configuration. 

IAM RBAC Configuration

  • Apply standard RBAC definitions for speech service and assign them to users. 
  • Least access privilege model.

API Key Rotation

  • Keys should be rotated periodically. 
  • Regenerate keys regularly and store keys in key vault. 

Pricing Tier

  • Use “Standard” pricing for production use cases that require 50 calls per second on prediction resource. 
  • For high endpoint traffic from your published app, it is recommended to upgrade to a S0 resource.

Conclusion 

Although this is not a comprehensive list of considerations when making a baseline for any cloud resource, they are sufficient for an Azure LUIS baseline configuration. For each resource in any business, such considerations must be made according to stakeholder security principles.  

As your trusted partner, ISmile Technologies will ensure that your company’s cloud resource deployment is HIPAA-compliant and secure. For more information, Get Your Free Consultation.  

Cloud Engineer

Gabriel Chutuape

A technology enthusiast passionate about automation, Gabriel Chutuape is a Cloud Engineer at ISmile Technologies. He’s part of the ISmile Technologies Cloud enablement team that help customers to design/solution/project engineering, integrating and implementing infrastructure technologies & services.

AZURE CLOUD ARCHITECT

Karthik Srinivas

Karthik Srinivas is a working Information Technology professional and part of operations. He contributes to streamlining the technology services and operational activities to meet business requirements and beyond.

Liked what you read !

Please leave a Feedback

Leave a Reply

Your email address will not be published. Required fields are marked *

Join the sustainability movement

Is your carbon footprint leaving a heavy mark? Learn how to lighten it! ➡️

Register Now

Calculate Your DataOps ROI with Ease!

Simplify your decision-making process with the DataOps ROI Calculator, optimize your data management and analytics capabilities.

Calculator ROI Now!

Related articles you may would like to read

The Transformative Power of Artificial Intelligence in Healthcare
Read More
How To Setup An AI Center of Excellence (COE) With Use Cases And Process 
Read More
Connect With Us
  • USA : 501 S Weber Rd Unit 108, Bolingbrook, IL 60490
  • Canada : 3191 Stocksbridge Ave Oakville, ON L6M 0A7
  • India : 2-3-285, Secunderabad, Hyderabad, 500003
About Us
Linkedin-in Whatsapp Instagram Youtube
This website is hosted Green - checked by thegreenwebfoundation.org
End to End Solution
Managed Services
Partners
Resources
Get in Touch
Privacy Policy
Copyright © 2022  ISmile Technologies

Find our Resources

Proposals

Know the specific resource requirement for completing a specific project with us.

Blog

Keep yourself updated with the latest updates about Cloud technology, our latest offerings, security trends and much more.

Webinar

Gain insights into latest aspects of cloud productivity, security, advanced technologies and more via our Virtual events.

ISmile Technologies delivers business-specific Cloud Solutions and Managed IT Services across all major platforms maximizing your competitive advantage at an unparalleled value.

About Us +

Request a Consultation

Register Now