Filed in archive
Security
by Scott Wilson on June 23, 2009
Science is now proving what bored e-mail server admins the world over have known for some time, which is that rudimentary mail traffic analysis can indicate ongoing or upcoming disruption within an organization.
Researchers analyzing mail logs comprised of messages sent to and from 150 senior staff at Enron during the company's final 18 months found that volume increased and the correspondents became more insular approximately 1 month before the final collapse.
This is a more or less intuitive analysis of the situation; when things start to get hairy, the small group of people who know enough to see it coming tend to start talking about it, and they do so within their own ranks rather than with the company staff at large. As a n00b system administrator in a variety of organizations coming up through the ranks I saw this sort of behavior manifest around business deals, mergers, and client catastrophes. It's an open secret that IT knows, or thinks it knows, about everything going on in a company before it happens, and this is part of the reason why. It's not that anyone is reading internal e-mail, although that happens to; it's that you can tell a lot just by who is talking to who else, and how often.
While common knowledge among the lower ranks, this seems to be something that CIOs are either unaware of or not interested in. It seems to me that the tool is a valuable one, however, even if you aren't using it to snoop; other applications may reveal insider threats or internal disruptions which may not have been elevated to management team notice by normal channels.
Researchers analyzing mail logs comprised of messages sent to and from 150 senior staff at Enron during the company's final 18 months found that volume increased and the correspondents became more insular approximately 1 month before the final collapse.
This is a more or less intuitive analysis of the situation; when things start to get hairy, the small group of people who know enough to see it coming tend to start talking about it, and they do so within their own ranks rather than with the company staff at large. As a n00b system administrator in a variety of organizations coming up through the ranks I saw this sort of behavior manifest around business deals, mergers, and client catastrophes. It's an open secret that IT knows, or thinks it knows, about everything going on in a company before it happens, and this is part of the reason why. It's not that anyone is reading internal e-mail, although that happens to; it's that you can tell a lot just by who is talking to who else, and how often.
While common knowledge among the lower ranks, this seems to be something that CIOs are either unaware of or not interested in. It seems to me that the tool is a valuable one, however, even if you aren't using it to snoop; other applications may reveal insider threats or internal disruptions which may not have been elevated to management team notice by normal channels.
Permalink: E-mail traffic analysis reveals disruptions
Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/154840
Addthis
Ask
Blinklist
del.icio.us
Digg
Fark
Facebook
Google
Lycos
Ma.gnolia
Mr Wong
Netscape
Netvousz
Newsvine
Reddit
StumbleUpon
Slashdot
Tailrank
Technorati
Wink
Yahoo
Vote for E-mail traffic analysis reveals disruptions:
|
Rating: 7.67 out of 3 vote(s) cast.
|
Subscribe
Marketplace
-
Online MBA Degrees - earn your mba degree online with one of hundreds of programs available at elearners.com
Use the search to look for other interesting posts
| RSS |  See all blog subscribe options |
 What is RSS? | |
| Yahoo! |
|
| Addthis |
|
| Bloglines |
|
| Newsletter | |
| Follow us on Twitter! |
