Under what conditions should you consider implementing a honeypot?
A honey pot is a live server with intentional vulnerabilities built in and connected to an organization’s network (Hallbery, 2014). It may be protected with a firewall although the organization may want the attackers to have some access or there may be some monitoring capability done carefully so that the monitoring is not evident to the attacker. A honeypot has pretty much no special features but several reasons for implementation. For instance, a honeypot may be used to provide an ...view middle of the document...
However, putting up a believable, attractive false environment as well as confining and monitoring the attacker surreptitiously are difficult features of a honeypot.
Under what conditions should you not operate a honeypot?
Honeypots are potentially very useful for organizations that have the necessary resources to maintain them. Organizations that do not have the necessary security personnel to maintain and closely monitor a honeypot must not operate one because attackers may in turn use it to attack a third party or other systems (Hallbery, 2014). With this in mind a potential downstream liability issue may arise as the affected party may sue the owners of the honeypot for not taking the proper precautions to keep the honeypot system secure. Downstream liability is a contributory negligence issue which refers to a lack of consideration of the consequences and endangerment resulting from putting others at risk (Hallbery, 2014).
Hallbery, K. R. (2014). Management Responsibilities and Liabilities. In Bosworth. Kabay. Whyne, Computer Security Handbook Vol 2 (pp. 63.20-63.21). Hoboken: John Wiley & Sons Inc.
Pfleeger. (2009). Security in Networks. In Pfleeger, Security in Computing 4th Ed (pp. 468-469). Boston: Pearson Education Inc.