VoIP security governance in small/medium organizations

Abstract

Information security has become an important part of business in recent years. The purpose of this document is to examine information security governance as it relates to the growing field of Voice over Internet Protocol. The paper will begin with an examination of the central components of information security governance---corporate governance and information technology governance. Once this foundation is created, the paper will explore VoIP specific issues as they relate to information security governance, such as common attacks, vulnerabilities, and protocols. Because policy is, arguably, the most important aspect of information security governance, the final part of the paper will explore this topic as well as common issues.