It depends on threat model. A wired intercom can be easily bugged with a physical implant. Discovering such a bug is also a completely different art from securing code, so different that some would claim it is more difficult to secure with any guarantee of confidentiality.
The cloud-based model might be leaky due to complexity but has the capability to deliver cryptographic assurance, which is a huge win in the long run. Modern cloud delivery is infamously insecure at the current point in time because most companies do not care about the security of their customers, and most customers are not aware of more secure options. But in the end as the technology matures it will be far more secure.
Of course, cutting off internet access is a good practice and most cloud connected systems play happily with a proxy.
Its possible to design internet connected systems that are secure and reliable. But usually "internet connected" means "dependent on continuous connectivity to some external service that needs to be actively maintained by a third party otherwise it'll stop working", which makes the "reliable" part difficult, and the fact that its exposed to a network with other devices on it and you have no way of knowing how competent that same third party is when it comes to security makes the "secure" part difficult.
Offline systems have way fewer failure modes such that they're often "secure and reliable" by just default, at least in comparison to the alternative.
We're talking about an intercom in a school system. Why would they care about encryption or someone listening in? They probably just want to be able to talk to other people on campus, and not have it be taken over remotely by some script kiddie and turning it into a node in a botnet.
Yeah love those threat models where physical access is a topic but basic MFA measures are not even done.
This is like comparing yourself to Fort Knox while not even locking your door.
Physical access is not a problem when basic other measures are not taken. If physical access is your largest threat then you already safer than 90% of companies imo.
>Physical access is not a problem when basic other measures are not taken.
Why? In my home I have a Synology NAS server, not connected to the internet, where I store unencrypted data. It's not secure out of the box, and I didn't attempt to harden it.
The cloud-based model might be leaky due to complexity but has the capability to deliver cryptographic assurance, which is a huge win in the long run. Modern cloud delivery is infamously insecure at the current point in time because most companies do not care about the security of their customers, and most customers are not aware of more secure options. But in the end as the technology matures it will be far more secure.
Of course, cutting off internet access is a good practice and most cloud connected systems play happily with a proxy.