The Green Sheet Online Edition
August 24, 2009 • Issue 09:08:02
Trade Association News
PCI SSC reaches Iron Mountain
Iron Mountain Inc., an international information protection and data storage provider, joined the PCI Security Standards Council (PCI SSC) as a participating organization. The company will work with the PCI SSC to help further develop and implement the Payment Card Industry (PCI) Data Security Standard (DSS) and the Payment Application (PA) DSS.
Founded in 1951, Iron Mountain operates in 39 countries on five continents. The company safeguards and provides access to more than 425 million cubic feet of paper records, 10 billion e-mails, 65 million computer backup tapes, 2.5 million PCs and 20,000 servers.
Its offsite data protection, records management and shredding solutions have been PCI compliant since 2006.
As a participating organization, Iron Mountain will have access to the most current PCI standards from the council and be able to provide feedback along with the more than 500 other organizations that belong to the PCI SSC.
According to Patricia Enfanto, Iron Mountain's Director of Information Security Compliance for Iron Mountain's Global Security Services, many companies are not only out of compliance but they don't even know where to start the process.
"More state regulations are being enacted, so there is a growing need for companies to become PCI compliant," Enfanto said.
"Being a member of the SSC provides us with a voice where we can offer real-world, frontline experience to challenges with compliance and how to best architect a program to help in meeting that standard. It's also a forum to communicate with other organizations and figure out what we need to do to drive PCI as quickly and as far as possible."
Iron Mountain was motivated, in part, because it did not want to be "sitting on the sidelines," Enfanto said, adding that, on its own, the PCI SSC "can only do so much and reach so many, so I think having Iron Mountain as an outreach gives us the opportunity to be an integral part of the PCI process and show folks how to better protect and store information. And I live, breath and sleep PCI, so from a personal standpoint this is very exciting."
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.