The problem is that for most small and medium-sized businesses, security is just not a priority. "People care way more about whether their conference calls are going to have decent phone quality," said Rodney Thayer, chief technology officer with VoIP security company Secorix.
They don't think about their VoIP systems as vulnerable to Internet attacks just like Web or e-mail servers, and that's a mistake, Thayer said. "They think about it as a different system, and it's not," he said. "It's all the same stuff; it's all data going over a network."
Sign up for CIO Asia eNewsletters.