The short answer is “No!”. But that truth does not tell us what we need to know about VoIP security. “Total privacy” isn't available with a traditional hard-wired phone, as any number of books, movies and news stories have reminded us when they talk about “wire taps”. The better question is “Is VoIP safe enough to use for my business?” and the answer for just about everyone is “Yes.”.
The degree of information “safety” needed depends upon the kind of business and the type of information being transmitted. For most operations the “standard” security provided by commercial VoIP providers is adequate. The authentication, authorization and encryption technologies typically deployed make it impossible for the casual intruder to eavesdrop.
The most sensitive and valuable business information tends to be shared between a relatively small number of “known” members of an organization and their associates. Data such as operations figures, financial reports and personnel records are most often communicated between parts of a business, or with “trusted” parties outside the business. A basic, but powerful, protection technology involves Access Control Lists which can be set up on routers to permit or deny a group of addresses or specific addresses access to the resources within the business.
Access lists are usually included as one of the features of a firewall. Firewalls can have a static configuration or be “managed”. Managed firewalls are typically out-sourced services which update configurations, log the traffic and periodically report performance and security. For a small business, handing this extremely technical task off to a group of experts may be much more cost (and performance) effective than maintaining the arcane knowledge within the organization.
Firewalls can perform many other tasks intended to assure privacy and continuity of service, including protection against Denial of Service attacks, Area Code Blocks, Port Control and keeping a record of everything that passes through them. Sometimes simply reviewing the router logs, noting which addresses are talking to which, will expose a breach in security or misuse of business resources.
With all the sophisticated technology at our command, it's important to remember that one of the most effective privacy and security tools remains the creation of strong passwords by every user on your system. Unfortunately employees are far more difficult to “configure” than the equipment they use.