VoIP security is a hot topic, and while the urgency to address it seems to come and go, the fundamental risks haven't changed. In fact, they're beoming more numerous and serious, and in my books, it's just a matter of time until some form of NSA-scale breach happens. These things do happen, but we just don't hear about it, as businesses don't generally like to acknowledge them. In the main, the thinking is typically "this won't happen to me", "we have adequate security in place", or "I don't believe those threats are real".
You can take your pick, but this misguided thinking is going to backfire sooner or later. As VoIP - and UC - gains mainstream traction, they will become attractive targets for the bad guys, who will always be at least one step ahead of most good guys.
Without oversimplifying things, that's the thesis I addressed in my latest white paper. The project was sponsored by Ottawa-based VoIPshield Systems, and if you don't know them, they've been at this game a long time, and believe the time is right to educate the market and help IT take more responsible measures.
To support that, they needed third party validation on the state of VoIP security, and that's what I was brought in to do. My research was broad-based across the value chain, and let's just say that the deeper you dig, the more there is to be concerned about. Of course, there's lots of technology out there that can mitigate the risks, and VoIPshield falls squarely into that category.
The white paper was recently posted to their website for download, and the press release to support the launch went live yesterday. VoIP security touches more bases than you may realize, and even if you have a mild curiosity, I think you'll find the paper a good read. To learn more, as well as download the paper, here's the link to press release. Comments are most welcome, and if you have war stories to share, I'm all ears.