To defend against this type of VoIP abuse, Kotler and Amit recommend separating VoIP from the corporate network altogether in order to prevent compromised computers from tapping into conference calls. They recommend monitoring VoIP activity to discover unauthorized use of conference calls, say, after business hours. And they say conference calls should be white-listed -- allowing access only from authorized IP addresses and phone numbers.

in Network World's Wide Area Network section.