News

Iowa's Floods: Tragic Lesson in Business Continuity

For security administrator Deb Hale, the recent tornadoes and floods in Iowa hit close to home and provided a sobering lesson in business continuity

By Bill Brenner, Senior Editor

July 07, 2008

As mid-westerners recently discovered, natural disasters strike without warning, snuffing out lives, homes and businesses.

Deadly storms—including tornadoes and flooding—that ravaged the area last month hit too close to home for Deb Hale, security administrator at Iowa-based telecommunications provider Long Lines. But from the tragedy came valuable insight into the art of business continuity.

Hale's company provides telephone service, cable TV and Internet services to a number of small communities in northwest Iowa and wireless service to communities in South Dakota, Iowa and Nebraska. The customer base consists of business as well as residential, and the 300-employee company provides 911 services to some communities as well.

Given the critical infrastructure involved, many organizations would suffer dearly if a disaster forced Long Lines to cease operations.

Hale, also a volunteer for the SANS Institute's Bethesda, Md.-based Internet Storm Center (SANS ISC), recently shared her experiences in a write-up on the ISC website. In this Q&A, she discusses the most important things a company can do to survive what Mother Nature decides to unleash.

CSO: Your company is located on the other side of the state from where the flooding happened, but was there any collateral damage in the form of service disruptions and the like?

Deb Hale

Deb Hale: We have been pretty fortunate. We had two vendors located in the Cedar Rapids area that we receive a lot of support from. One of the vendors had multiple locations within the state so they were able to transfer phones, services, and so on over to the other locations in the state that were not impacted. Another vendor provides a service to us via the Internet. This company had the good fortune to have a president and company founder that understood disaster planning and so they had redundant systems. With one gone, the other jumped in and took the load.

I'm sure communication has been a problem, though.

The biggest issue we had is that it took a little longer to get a hold of them. This was due to the fact that many of the employees for these two vendors had personal losses of home and property and were attempting to deal with these losses and the cleanup involved.

In your SANS ISC diary entry, you mentioned one vendor in particular who was hard hit. Who was the vendor and what might their situation mean in terms of the quality of service you get going forward?

The vendor referenced in the article is a service provider. They supply a product which we then resell to our customers. The product is a software system that protects our customers' computers from virus, spyware, adware, and other exploits/compromises. They are currently up and running again at another location in the Cedar Rapids area. We have had no problem or complaints from our customers about their level of service and we have not noticed any problems either. I have their application suite installed on four of my personal computers and I am pleased to say they have not lost connection to the "mothership" at all.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WHITE PAPER
Maximizing Site Visitor Trust Using Extended Validation SSL

VeriSignNow with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.

» Read the Paper

Featured Sponsors
Sponsored Links

Enabling Compliance with Converged Mainframe Security and Storage

Efficient - Flexible - Compliant

Understanding Data Location is Imperative for Data Loss Prevention

CA's IT Security centralizes your identity management to turn security into a proactive, business-building tool

Any company can promise identity protection. Only Debix can prove it

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

How Are Open Source Development Communities Embracing Security Best Practices?

IDC Defines an Identity and Access Management Submarket

Using Likewise to Comply with PCI Data Security Standard

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

The Case for Business Software Assurance ~ Securing Your Applications

Maximizing Site Visitor Trust Using Extended Validation SSL

Solving Online Credit Fraud Using Device Reputation

Get in Compliance With Government Data Regulations

Manage your IT more effectively

Simplify your data center with Juniper Networks. View the webcast

Taking the Botnet Threat Seriously

Secure your virtual and physical environments with the same software

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Envision Identity-Based Access Control for the Datacenter

Digital Identity Protection and Data Security Get Personal

Welcome to the age of Service-Oriented Security (SOS)

When Customer Relationship is Everything, Businesses Bank on SSL Solutions

Managing SSL Security in Multi-Server Environments

The Latest Advancements in SSL Technology

How to Offer the Strongest SSL Encryption

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

5 Steps to Secure Outsourced Application Development