Need to Know
A common question that our clients have is “How much should we tell our employees about the HackTraps?” On one hand, you don’t want to create false positives and inadvertently set off alarms, but on the other hand, you may not want to divulge everything about your security.
At WatchPoint we believe in the ‘Need to Know’ principle when it comes to using HackTraps. Tell each employee and each department enough about the HackTraps for them to do their job.
For example, if there is a shared folder that is common to most or all of your employees, then you should tell them all about the particular WatchPoints that you’ve deployed there. The accounting department probably doesn’t need to know about the HackTraps for Human Resource and the entire IT team probably doesn’t need to know about the HackTraps for the C-level executives.
Utilizing the ‘Need to Know’ principle provides enough information about what you’re doing, but still maintains an element of confidentiality.