SANS wishes that VoIP had better security built in

The SANS Institute said a couple of weeks ago that VoIP is one of the 20 biggest threats to network security. In an interview, SANS's director of training Stephen Northcutt says that if it were up to him, he'd have stopped the creators of VoIP (whoever they were) and forced them to build security into the protocol. (One wonders idly why he didn't do the same thing with Microsoft when it designed Windows, but I suppose that's neither here nor there.) In the short term, SANS is teaching the importance of firewalling, encryption and running VoIP on a separate IP network. Longer term, it's looking at finding security solutions at the protocol level.

For more information about VoIP and the SANS Institute:
- read this article from SearchSecurity.com

Related Articles:
VoIP is a Top 20 hacker target. Report
VoIP an IT worry, SANS says. Report
How to balance security and accessibility. Report