This documentation is archived and is not being maintained.

SQL Server Security

Speech Server 2007

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

The Speech Server??Analytics and Tuning Studio uses a Microsoft SQL??Server 2005 database to store and manage call data generated by Speech Server. Depending on the nature of the application, call data could include sensitive information about callers, such as social security numbers or bank account numbers. To safeguard the confidentiality of this information, make sure access to the database is appropriately secured.

When you install Analytics and Tuning Studio, the setup wizard implements trust levels in the database appropriate for using the tuning database. For more information about trust levels, see Tuning Database.

Call data is imported to the tuning database using the MssLogToDatabase.exe tool. This command-line tool supports many parameters, including user credentials for writing call information to the database. The tool also supports the use of a response file for specifying parameter values.

Avoid including user credentials in the response file, which can be vulnerable to malicious users. If you must include user credentials, make sure the response file is appropriately secured with access privileges to help prevent malicious users from obtaining the user credentials necessary to access the database. For more information, see Import Log Files into the Tuning Database.