FDIC: VoIP susceptible to the same risks as data networks that use the Internet. Security appliances must protect VoIP infrastructure and maintain voice quality, availability and reliability. Confidentiality and privacy may be at greater risk in VoIP systems unless strong controls are implemented and maintained. Financial institutions should enable, use and routinely test the security features included in Voip systems. Disallow VoIP protocols from the data network at the voice gateway that interfaces with the public switched telephone network (PSTN) Use strong authentication and access controls on voice gateway system.”]
Source: https://www.bankinfosecurity.com/voip-offers-cost-savings-but-also-presents-security-risks-a-207