The one-year anniversary of Hurricane Helene’s nasty visit to the CSRA has recently passed, and it’s a good time to assess some business lessons learned from that disaster. 

First, it’s important to remember that “disaster” can be defined in a number of different ways, and so our preparations for disaster shouldn’t only consider devastating storms. No, a disaster can be local to your business only – some part of your operations or communications systems fails, like a downed server or a line-of-business software. 

In some ways, these hyper-local events can be worse than natural disasters (as far as your business goes): business around you goes on as normal, and you are scrambling to keep afloat. In a natural disaster like Helene, at least many people are in the same situation, although the impact of that disaster may grind your operations to a halt. 

You could also consider unnatural regional attacks which cause varying levels of chaos. Think about the Colonial Pipeline hack in 2021, which resulted in local fuel shortages. Or consider the possible impact of the SIM farm found in NYC a few weeks back – an activated SIM farm could cripple cellular communications for hours or days. 

In any case, you’ll need to consider business continuity plans. Yes, you have a thousand other things to do, but it’s important to take some time to mitigate these risks.  

Business Continuity 

Business continuity starts with understanding your needs and circumstances. Operations, payroll, communications – everything that keeps your business running. 

  • Are you providing an essential medical service where life or death is an immediate concern if power or communications go out? 
  • Are you a service provider in, say, roofing or HVAC, whose demand may spike immediately after a natural disaster? 

Whatever the case, you need to plan how you’ll maintain operations, communications, payroll, and other essentials, even if a server fails or a storm knocks out power. 

Power 

Power, of course, is the backbone of all of this. Without power, you aren’t going to be doing much business at all. But before you say “well, if I don’t have power, neither does anyone else, so we aren’t going anything anyway,” think about this: how about that car wreck that too out the transformer near you?  Sure, most of your customers still have power, but its going to be a while before you get back up and running.  Or, that semi-truck or delivery driver turns the wrong way and tears the power line off the building.  Again, at that point, everyone around you is conducting business, and you are scrambling. 

Consider if you might need: 

  • Generators: A whole-house or commercial generator ensures your servers, networking equipment, and critical office systems stay online during an outage. Without it, even short-term power loss can cause server crashes, corrupted data, and downtime that cascades through payroll, billing, and client communications. 
  • UPS units: Uninterruptible Power Supplies act as a bridge, keeping critical systems alive while generators kick in. This prevents sudden shutdowns that can damage both hardware and software. Whether or not you go whole-hog on the generator, UPS units are MUST haves for your essential IT systems. Not every device needs backup power. Focus on servers, networking gear, and key communications devices, the backbone of your IT operations. 

Communications

Sure, a natural disaster or a cyber attack will result in significant outcomes to your business communications, whether internal or external (or, likely, both). But other causes can impact your connectivity. A trencher cuts a fiber line.  A poor vendor providing bad service, like an unresponsive Voice Over Internet Protocol (VOIP) vendor.   

As you develop your continuity plan, you might consider things like: 

  • Redundant connectivity: Services like Starlink or secondary internet lines provide an alternate path when fiber or cellular networks fail. Without redundancy, even a minor outage can leave your team unable to access cloud applications, email, or client portals. 
  • Remote access readiness: If employees need to work from home or coordinate field teams, VPNs and secure remote access tools are essential. A downed server or network without proper remote access planning can halt all communication with staff and customers. 
  • Server dependencies: If your server fails and you haven’t invested in redundancy or image backups, your access to email, critical files, and applications may be blocked, effectively freezing operations until recovery measures kick in. 

Operations 

Finally, in a disaster in which you have power and communications, you still need those tools you normally use to get the job done. As far as your IT goes, an effectively managed system BEFOREHAND allows you to get up and running more quickly.  As you develop your plan, you should consider these things in conjunction with your IT or IT Managed Service Provider.   

  • Image-based backups: These full system snapshots let you restore entire servers or workstations quickly. This reduces downtime compared to reinstalling operating systems and applications piece by piece. 
  • Redundant systems: Placing servers in multiple locations, or having a cloud-based failover environment, ensures that email, databases, and business applications remain online even if primary hardware fails. 
  • Recovery timelines: Understanding how long it will take to restore data, email, and business applications is critical. Planning for rapid access helps ensure employees can keep working and clients stay served, minimizing revenue loss and reputational damage. 

Creating a Business Continuity Plan 

As always, your daily task list has 1,342 items, so “plan for the future” sometimes gets put on the WAY back burner. However, as Helene taught us last year, it’s important to consider these things in advance.  To develop your plan, do the following: 

  1. Assess Critical Functions: Identify operations that must continue in any disaster: payroll, email, client-facing services, billing, medical systems, etc. 
  2. Map Dependencies: Determine which systems, applications, and personnel support each critical function. 
  3. Prioritize Recovery: Decide the acceptable downtime for each function (e.g., payroll must be restored within 24 hours; email can be restored within 48). 
  4. Implement Redundancies: Add generators, backup internet, redundant servers, and image-based backups where needed. 
  5. Document Procedures: Create a clear, step-by-step plan for employees to follow during a power outage, server failure, or communications disruption. 
  6. Test and Update: Regularly simulate disaster scenarios to ensure the plan works and adjust as your business systems evolve. 

Disasters happen, but crippling downtime doesn’t have to be inevitable. Take some time to plan for disaster and mitigate your business risk.