Dear Customer:

Iron Mountain Data Centers is committed to our customers’, employees’ and visitors’ safety and security, as well as providing reliable services and minimizing disruption to your operations. Because of this, Iron Mountain Data Centers is actively monitoring the outbreak and spread of the COVID-19/ nCoV/ Coronavirus.

We are taking precautions across our global footprint, in line with local and national authorities, public health advice, and World Health Organization (WHO) guidelines. Additionally, we’ll continue to evaluate this very dynamic situation and will enhance our procedures, as necessary, to make sure we are acting in the best interests of our employees, customers, contractors and visitors.

Our global response plan not only follows the WHO’s phase alert levels, but also includes precautions and potential actions under our Business Continuity Plan (detailed below). This includes measures to keep our employees safe and healthy, and our customers informed of any potential impact to our business. 

We wanted to take a moment to address the actions we’re taking to protect your people, our people, and our facilities.

What precautions is Iron Mountain currently putting in place? 

We are actively monitoring the local health situation and governmental guidance at each of our sites.  We have a Business Continuity Plan in place to take action by site. The current precautions we have put in place do not affect our capability to deliver services to you or your ability to access your equipment. 

If the COVID-19/ nCoV/ Coronavirus outbreak escalates to a level where it’s wise or required to restrict access to one or more of our sites, we will take additional steps to make sure our people and our customers are safe.  This might result in us putting additional local protocols or restrictions in place. 

We are committed to proactively keeping you informed if we expect any impact to you or your operations within our data centers. You can expect to hear more from Iron Mountain’s regional General Managers that support data centers where you are deployed.

Here are the current protocols we have in place:

  • Asking our employees that experience the first symptoms of a cold/flu to stay home. We are also asking our contractors, customers, and visitors to make similar choices.

  • Encouraging all individuals on-site to follow the advice of the CDC and WHO:

    • Wash your hands when you arrive.

    • Wash your hands often, with soap, for at least 20 seconds.

    • Cough and sneeze in a disposable tissue, throw it away immediately, or cough or sneeze in the inside of your elbow if you don’t have a tissue at hand.

    • Use disinfection gel regularly, as available.

  • Consider limiting in-person meetings or visits to Iron Mountain facilities for business critical purposes only. We recommend you check with your business contacts before planning to visit or travel to one of our facilities.

Access to our Data Centers:  

Please be aware of and comply with the following requirements:

  • Unless Iron Mountain has approved in writing, none of your personnel who have travelled in the last two weeks to any country that has been listed as a ''high risk country'' by the WHO are permitted to access our data center facilities. Please note that countries being named as high risk countries are subject to change by the WHO. Please put a process in place to make sure this requirement is met.

  • Unless prohibited by law, you must notify Iron Mountain immediately if any of your personnel that have access to an Iron Mountain Data Center have or are suspected of having COVID-19. Or if they have been in contact with someone who has or is suspected of having COVID-19. Please let us know the last date and location that the individual visited an Iron Mountain site.

  • Please do not come to the Data Center if you are not feeling well or if you have been in close contact with someone who tested positive for COVID-19 or who has been asked to self-quarantine. By close contact we mean spending 15 minutes or more with the person in the last 14 days, or living in the same household. Instead, we’d prefer to work with you through our Smart Hands functions to err on the side of caution.

Travel for Iron Mountain Data Center Employees: 

We are advising all Iron Mountain employees to follow travel advisories and any quarantine guidelines put in place by applicable government agencies. We have also asked employees to consider alternatives to traveling to areas experiencing high outbreak activity. For example, by delaying travel to these areas if possible or using our collaboration tools to meet “virtually.” We have implemented hygiene precautions in our Data Centers and provided Iron Mountain employees with guidelines to follow to reduce their chance of exposure to the virus. We’ll continue to inform our employees and point them to the CDC and WHO resources as we monitor the situation.

Iron Mountain Data Center Business Continuity Plan (BCP) & COVID-19 Response Plan: 

We continue to closely monitor the geographies we operate in. We will activate protocols based on our Business Continuity Plan’s (BCP) highest alert level for a site or region at heightened risk or affected by COVID-19. Iron Mountain determines risk based on the guidance and alert levels communicated by the World Health Organization (WHO) and the Center for Disease Control (CDC).

Based on our BCP, if warranted, we will put the “best practices” below in place to make sure our Data Centers business operations continue to operate normally:

  • “Split staffing” of frontline employees to minimize the risk of exposure and spreading the infection to opposite teams or shifts.

  • “Remote working” for office employees to mitigate the risk of community spread.

  • Limiting site access by non-essential personnel and heightened screening of any essential personnel entering the site. We will base any screening practices and procedures on infection “signs” according to local laws and regulations, as applicable.

  • Global Network Operations Center(s) (GNOC) monitoring, Building Management System (BMS)/network services, and remote/redundant monitoring, as-needed.

  • Redundant and remote (as needed) monitoring of physical security and surveillance systems.

  • On-site incident response planning, in order for business operations to stay normal if human intervention is required to test or repair systems.

  • Communicating with customers, stakeholders, and employees of an “activated” pandemic BCP response.

  • Maintaining “situational awareness” to make sure any measures we take are consistent with current guidance from governmental and regulatory authorities.

How will we communicate changes to our customers, vendors, and partners? 

Commitment to Safety and Security is one of our core values. We are focused on providing you with reliable service and stand ready to act, with additional measures as required, to help safeguard our collective best interests.

We will continue to monitor the situation and our regional leadership will immediately communicate changes to our response to COVID-19 through email to the assigned point of contact(s) (as noted in the Customer Portal). This includes things like access to our data centers, staffing and any additional actions we are taking.

We value your input. If you have any questions or suggestions about our plans and response, please contact your customer success manager.  

Yours sincerely,

Mark Kidd

EVP & General Manager

Iron Mountain Data Centers