Home » Business Continuity » Preparedness

News

Iowa's Floods: Tragic Lesson in Business Continuity

For security administrator Deb Hale, the recent tornadoes and floods in Iowa hit close to home and provided a sobering lesson in business continuity

By Bill Brenner, Senior Editor

July 07, 2008 — CSO —

As mid-westerners recently discovered, natural disasters strike without warning, snuffing out lives, homes and businesses.

Deadly storms—including tornadoes and flooding—that ravaged the area last month hit too close to home for Deb Hale, security administrator at Iowa-based telecommunications provider Long Lines. But from the tragedy came valuable insight into the art of business continuity.

Hale's company provides telephone service, cable TV and Internet services to a number of small communities in northwest Iowa and wireless service to communities in South Dakota, Iowa and Nebraska. The customer base consists of business as well as residential, and the 300-employee company provides 911 services to some communities as well.

Given the critical infrastructure involved, many organizations would suffer dearly if a disaster forced Long Lines to cease operations.

Hale, also a volunteer for the SANS Institute's Bethesda, Md.-based Internet Storm Center (SANS ISC), recently shared her experiences in a write-up on the ISC website. In this Q&A, she discusses the most important things a company can do to survive what Mother Nature decides to unleash.

CSO: Your company is located on the other side of the state from where the flooding happened, but was there any collateral damage in the form of service disruptions and the like?

Deb Hale

Deb Hale: We have been pretty fortunate. We had two vendors located in the Cedar Rapids area that we receive a lot of support from. One of the vendors had multiple locations within the state so they were able to transfer phones, services, and so on over to the other locations in the state that were not impacted. Another vendor provides a service to us via the Internet. This company had the good fortune to have a president and company founder that understood disaster planning and so they had redundant systems. With one gone, the other jumped in and took the load.

I'm sure communication has been a problem, though.

The biggest issue we had is that it took a little longer to get a hold of them. This was due to the fact that many of the employees for these two vendors had personal losses of home and property and were attempting to deal with these losses and the cleanup involved.

In your SANS ISC diary entry, you mentioned one vendor in particular who was hard hit. Who was the vendor and what might their situation mean in terms of the quality of service you get going forward?

The vendor referenced in the article is a service provider. They supply a product which we then resell to our customers. The product is a software system that protects our customers' computers from virus, spyware, adware, and other exploits/compromises. They are currently up and running again at another location in the Cedar Rapids area. We have had no problem or complaints from our customers about their level of service and we have not noticed any problems either. I have their application suite installed on four of my personal computers and I am pleased to say they have not lost connection to the "mothership" at all.