group of hands held upward on green forest backdrop

About us

Certifications, awards, commitments and partnerships

Safeguarding what you value is our priority. We not only abide by the strictest industry standards—we help set them. Our industry memberships, certifications and awards keep us ahead of new developments so we can innovate for our customers.

Awards and Recognitions

We rank 605th on Fortune Magazine’s Fortune 1000.

Iron Mountain is listed on the FTSE4Good Index for meeting globally recognized corporate social responsibility standards.

We’re a member of the S&P 500 Index, the leading bellwether of the U.S. equities market.

The corporate research team at Selling Power magazine has ranked Iron Mountain #9 of the 50 best companies to sell for in 2017.

We are recognized as a PRIVACY+ certified organization by i-SIGMA.

Commitments

Iron Mountain is proud to be one of the 11 founding members of the newly named Veteran Jobs Mission, a coalition of companies aiming to hire a total of one million U.S. military veterans.

Science Based Targets - Driving ambitious corporate climate action

Our GHG emissions reduction goal was approved by SBTi in 2019. Using 2016 as a baseline, our aim is to reduce absolute GHG emissions 20 percent by 2025.

On June 4, 2018, Iron Mountain joined the RE100 and committed to 100 percent renewable energy and to reduce greenhouse gas emissions to help meet the Paris Climate Accord.

In 2016 Iron Mountain announced that our data center business unit joined the U.S. Department of Energy (DOE) Better Buildings Initiative as a Challenge Partner.

In order to reach our environmental impact goals Iron Mountain is proud to be a member of organizations like the Clean Energy Buyers Association, Sustainable Brands and The United Nations Global Compact.

Iron Mountain understands the value of transparency and public reporting on our environmental, social and governance, ESG, impacts. We report to a number of different frameworks each year, including The Global Reporting Initiative, CDP and others.

Iron Mountain is committed to leveraging our global scale to make a positive difference on the communities in which we work. As a signatory to the United Nations Global Compact we are committed to the Sustainable Development Goals.

Top Scorer on 2022 Disability Equality Index (DEI)

Industry memberships/Partnerships

i-SIGMA (International Secure Governance & Management Association) – we’re a founding member of this professional body for information management vendors (formerly PRISM (Professional Records & Information Services Management).
Shared Assessments – Iron Mountain is a long time member of the Shared Assessments program and sits on the steering committee. Shared Assessments is dedicated to developing standardization and best practices in the field of third party risk management.

Certifications/audit reports

Service Organization Control (SOC) 3 Report, formerly SysTrust®, from the American Institute of Certified Public Accountants (AICPA) – an audit of our IT systems by an outside, independent auditor to ensure we have appropriate internal controls in place for our IT infrastructure environment. Our SOC certification is based on three Trust Services Principles: (1) Security, (2) Confidentiality, and (3) Availability. Each principle is supported by well-defined and detailed criteria that encompass an organization's infrastructure, software, people, procedures and data. Download the Service Organization Control (SOC) 3 Report here.
Service Organization Control (SOC) Type 2 Report from the AICPA – Iron Mountain also maintains a non-public SOC 2 Report. If needed, please work with your account representative to obtain this report.
NAID AAA certification from i-SIGMA
Privacy+ certification from i-SIGMA.
PCI-DSS Attestation of Compliance (AOC) based on the Payment Card Industry Data Security Standard – If needed, please work with your account representative to obtain this attestation.

Alm certifications and standards

ISO 9001: Receiving, sorting, demanufacturing, testing, resale, and data destruction of electronic equipment.
ISO 45001: Universal scope: Receiving, sorting, demanufacturing, testing, resale, and data destruction of electronic equipment.
ISO 14001: Receiving, sorting, demanufacturing, testing, resale, and data destruction of electronic equipment.
ISO 27001: IT policy, process, device, and system controls that safeguard organizational information security.
Responsible Recycling (R2v3): The Responsible Use and Recycling (R2) standard, is intended to regulate and minimize the impact of electronics refurbishing and recycling on the environment and on the workers engaged in the e-recycling process. This standard focuses on the assurance that sensitive data will be destroyed, electronics with residual value will be reused, and their assets will not be disposed of in any landfills.
NIST 800-88: Once every asset to be decommissioned has been identified, Teraware goes to work. Teraware’s agent-based architecture scales to any size job; whether it’s one drive or 100,000, Teraware erases all drives concurrently, minimizing customer data exposure risk window. NIST 800-88 is descriptive with regard to media types, chain of custody, methods of destruction, and reporting. ITRenew follows NIST 800-88 and goes a step further, exceeding all industry standards and compliance.
ADISA Certified Data Sanitization: The Asset Disposal & Information Security Alliance (ADISA) offers accreditation to companies that maintain the highest standards in IT asset disposal and data sanitization. Only nine companies worldwide are expected to achieve ADISA data sanitization accreditation for both HDDs and SSDs in 2020.
- Passed ADISA Threat Matrix Level 2: Iron Mountain's proprietary sanitization platform, Teraware, is the only software to have done so for multiple types of SSDs and HDDs (incl. SATA-HDD, SAS-HDD, SATA-SSD, SAS-SSD, FC-SSD, and NVMe-SSD)
- Only sanitization platform to pass ADISA accreditation using the latest drive technologies (NVMe) and capacities (10TB+)
- 17 Certificates for Forensic Data Erasure of SSDs and HDDs