About Us

Iron Mountain News

Press Releases

Iron Mountain Achieves PCI Compliant Status

October 11, 2010 - London,UK - The threat of credit card data loss or compromise is significant. The Payment Card Industry (PCI) Data Security Standard exists to support secure practices in credit card processing and resulted from major credit card issuers aligning their individual security programs into an industry standard. The foundation of PCI was built from Visa's Cardholder Information Security Program (CISP). The standard provides the requirements that all entities storing, processing or transmitting cardholder data must abide by.

The objective of the PCI program is to encourage companies to maintain a high level of security to protect cardholder information regardless of where it resides.

The compliance requirements comprise six areas:

  • Build and maintain a secure network
  • Protect cardholder data
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Regularly monitor and test networks
  • Maintain an information security policy

It is mandatory for companies to comply and, further, to conduct business with other PCI-compliant members—not doing so could be costly. Credit card companies can impose hefty fines reaching £800,000 per incident and your credit card processing services could be terminated. PCI compliance provisions should be included in third-party contracts as well.

Iron Mountain has taken an industry leading position on safeguarding customer information. To this end, we engaged the services of an independent auditor to ensure and certify that our policies, systems and technologies comply with the (PCI) Data Security Standard.

Iron Mountain's compliance within the program is defined as a Level 1 service provider. We recently completed an onsite audit confirming compliance with the PCI Data Security Standard for 2010 for our records management, data protection and shredding businesses, the third year in a row we have achieved this certification. Iron Mountain is proud to be recognised on the list of "compliant service providers" published by Visa.

We can now extend that commitment with our appointment to the PCI Security Standards Council, an exclusive group of organisations helping to shape the development of PCI standards. As a member of the council, Iron Mountain has the opportunity to leverage our expertise and experience as a service provider in protecting credit card data for thousands of customers across a variety of industries.

Click to view our letter of acceptance.

About Iron Mountain Digital
Iron Mountain Digital is the world's leading provider of information management services for data protection and recovery, archiving, eDiscovery and intellectual property management. The technology arm of Iron Mountain Incorporated offers a comprehensive suite of solutions to thousands of companies around the world, directly and through a worldwide network of channel partners. Iron Mountain Digital is based in Southborough, Mass.

About Iron Mountain
Iron Mountain Incorporated (NYSE: IRM) provides information management services that help organisations lower the costs, risks and inefficiencies of managing their physical and digital data. The company’s solutions enable customers to protect and better use their information—regardless of its format, location or lifecycle stage—so they can optimise their business and ensure proper recovery, compliance and discovery. Founded in 1951, Iron Mountain manages billions of information assets, including business records, electronic files, medical data, emails and more for organisations around the world. Visit www.ironmountain.co.uk for more information.


 

What We Do | Solutions | Knowledge Centre | About Us | Site Map | Website Terms | Privacy
Site Feedback | Contact Us | Support | Global Sites

follow us twitter linked in facebook youtube

© Iron Mountain Incorporated. All rights reserved.
Call Us - R.O.I 1800 732 673 N.I. 08445 60 70 80