Compliant Data Center with Key Pad Entry


The Industry’s Most Comprehensive Security & Compliance Program – Existing Framework with 225,000+ Customers
  1. Home
  2. Digital Transformation
  3. Data Centers
  4. About
  5. Data Center Compliance & Security

Data Center Compliance Support For Highly Regulated Organizations

HIPAA – PCI – FISMA High – FedRAMP – SOC 2 Type 2 – SOC 3 – ISO 27001 – ISO 50001 – ISO 14001 – ISO 9001

Proven Track Record

Proven Track Record

Since 1951, Iron Mountain has been the trusted guardian for more than 225,000 customers including 95% of the Fortune 1000. Our reputation of success brings peace of mind knowing your infrastructure is in good hands with our 30+ year track record in colocation excellence.


Iron Mountain offers some of the world’s most secure data centers. Our federal-grade, multi-layered approach to security includes a combination of technical and human security measures. Our innovative security and trained personnel help to mitigate risk.


Trusted by some of the world’s most highly-regulated organizations, Iron Mountain is an industry leader in compliance. Reduce data center risk with our comprehensive compliance support, including HIPAA, FISMA High, PCI-DSS, ISO 27001, and SOC 2/3.

Data Center Compliance Portfolio

HIPAA Compliance


The Health Insurance Portability and Accountability Act (HIPAA) is governed by the Department of Health and Human Services’ (HHS) Office of Civil Rights that sets the national security standards for safeguarding Protected Health Information (PHI) and electronic PHI (e-PHI). Iron Mountain colocation facilities are HIPAA compliant and independently audited on an annual basis to ensure maximum security and minimum risk.
PCI Compliance

PCI DSS Level 1

The Payment Card Industry Security Standard (PCI DSS) is a set of security standards that applies to all providers that store, process or transmit cardholder data (CHD). Iron Mountain obtains an independent Attestation of Compliance for all controls that apply to the colocation services across all facilities on an annual basis. You can also find our status of compliance on Visa’s Global Registry of Service Providers.
FISMA and FedRamp High Compliance

FISMA and FedRamp High**

Iron Mountain enables government agencies to achieve and maintain compliance with the Federal Information Security Management Act (FISMA) and Federal Risk and Authorization Management Program (FedRAMP). All colocation facilities are independently audited on an annual basis by a 3PAO against the National Institution of Standards and Technology Special Publication 800-53 (NIST 800-53) Revision 4 controls and high-risk control enhancements.
SOC 2 and SOC 3 Compliance

SOC 2/3

Iron Mountain demonstrates compliance with the AICPA’s Trust Services Principles of Security and Availability by way of an independent SOC 2 Type II audit across all facilities on an annual basis. A SOC 3 report is also published to outline IMDC’s compliance with the SOC 2 and is available to customers without the need for an NDA. Colocate with confidence at Iron Mountain, an industry leader in data center compliance. 
ISO 27001 Compliance

ISO 27001

Iron Mountain’s global portfolio of data centers are ISO 27001 certified to support optimal delivery of services while minimizing risk to your data. ISO 27001 is a globally recognized security standard that ensures the establishment of an Information Security Management System (ISMS) within an organization to oversee the effective implementation of a comprehensive set of security controls and best practices. Choose Iron Mountain to reduce your company’s risk.
ISO 50001 Compliance

ISO 50001

As an industry leader in data center compliance, Iron Mountain colocation facilities are ISO 50001 certified to maximize energy efficiency at each facility across our portfolio. ISO 50001 is a globally recognized energy performance standard that ensures the establishment of an Energy Management System (EnMS) within an organization to oversee the effective implementation of a comprehensive set of energy management controls and best practices. 
ISO 14001 Compliance

ISO 14001*

Iron Mountain has achieved certification with ISO 14001 to demonstrate our commitment to measure and improve on identified areas of environmental responsibility.
A globally recognized environmental protection standard, ISO 14001 ensures the establishment of an Environmental Management System (EMS) within an organization to oversee implementation of a comprehensive set of environmental protection controls and best practices.
ISO 9001 Compliance

ISO 9001*

ISO 9001 is a globally recognized quality management standard that ensures the establishment of a Quality Management System (QMS) within an organization to oversee the effective implementation of a comprehensive set of quality controls and best practices. Iron Mountain has achieved certification with ISO 9001 to demonstrate our commitment to measure and continually improve service delivery and customer satisfaction.

*Only available at Amsterdam. Tentative for full portfolio late 2019.
**HIPAA and NIST available at US locations only.


Click on a box below to learn more about the specific offerings at Iron Mountain’s data centers.

Data Center Compliance and Security

Data Center Compliance & Security

Choose Iron Mountain to reduce data center risk with our industry-leading compliance program. You receive comprehensive compliance support, federal-grade security, and the stability of an S&P 500 REIT with 1,400+ locations. 
Sustainable Green Data Centers

Green Data Centers

As one of the top three data center providers of green power, Iron Mountain is committed to sustainability. Our colocation facilities are powered by 100% renewable energy, thanks to carbon credit assistance and low PUE. 
Cloud and Hyperscale Data Centers

Hyperscale Data Centers

We’re building to address the exacting needs of hyperscale cloud providers. With inventory globally, choose hyperscale-ready build-to-suit, dedicated, or modular data centers for wholesale requirements.
Strategic Edge Data Centers

Strategic Edge Data Centers

Get closer to your end users while increasing security and reliability at Iron Mountain’s Strategic Edge colocation facilities. In strategic markets, MOD’s are available, providing higher performance and lower latency.
Underground Data Centers

Underground Data Centers

For an additional layer of physical security, choose one of Iron Mountain’s Underground Data Centers. Situated up to 200+ ft. below the earth’s surface, our data centers are some of the most secure facilities in the U.S. 

Contact Us About Data Center Compliance & Security:

Iron Mountain takes your data privacy seriously. We will only use your information as described in our privacy policy.



Pinnacol Assurance Logo


Pinnacol Assurance - Insurance

Iron Mountain Colocation

Security, Risk Mitigation, Cost Reduction


After evaluating their data center’s infrastructure, maintenance and operating costs, and the limited ability for the facility to support redundant power without significant cost and effort, Pinnacol’s Informational Services group found the data center to be outdated and inefficient.


Pinnacol increased security, redundancy, power, connectivity and reliability. The colocation data center scaled to meet shifting needs, even post-contract signature. Greater energy efficiency also lead to greater cost efficiency than staying in-house.


“We aren't their largest client but we're treated like we are. They go the extra mile to make sure we get exactly what we need when we need it.”
~Infrastructure and Cloud Services Manager



Data Center Compliance Across the Globe

Data Center Security and Compliance Badges

Resources: Make Your Data Center Initiative More Effective

Premium Content


Data Centers for Next-Generation IT: Build Vs. Buy

Examine the critical factors that go into the “build vs. buy” decision process for data centers challenges and opportunities.

Premium Content


10 Steps to Migration Success

Choosing the right partner is critical in establishing a seamless data center migration. Success lies deep within the details.

Premium Content


The Role of Colocation in a Multi-Cloud World

451 Research’s Melanie Posey, Research Vice President and General Manager Voice of the Enterprise and Dan Thompson, Senior Analyst, and Iron Mountain’s Charisse Richards, Senior IT Leader for Iron Mountain Data Centers to explore how colocation is evolving into an important foundation of hybrid IT

Contact Iron Mountain Data Centers Today

Contact Iron Mountain

Our Customer Support section can help provide you with the quickest answers to your questions, or feel free to contact us at your convenience