Not sweet, not a solution and not for insider threats. Roger Grimes on Infoworld is trying to promote the idea that entrapment tactics with a honeypot can be a cheap, easy, and effective warning system against the trusted insider gone bad. Of course, I don’t blame Roger for trying to game the search engines with keywords like trusted insider threat and data theft and then there is the fact that he wrote a book on honeypots. Minor detail for sure.
Honeypots to prevent trusted insider data threats is a very bad idea.
The article spends a lot of time talking about how honeypots are good for luring in malicious attackers and understanding the attack patterns.
However – using a honeypot for data loss prevention is a very bad idea simply because of the Biblical injunction – לפני עיוור לא תתן מכשול ( do not put an obstacle in front of a blind person). It’s called Entrapment (one of my favorite movies with Sean Connery and Catherine Zeta-Jones) – which also could not resist the computer hacker angle in the plot…)
Using honeypots in order to entrap trusted employees and business partners is a baiting tactic that is probably illegal not to mention totally ineffective in detecting real data loss let alone data loss prevention.
I really don’t recommend trying this at home. Or in the office.