How Much Is Too Much?

6:15 PM -- Poor Iron Mountain Inc. (NYSE: IRM). After losing, burning, or otherwise mishandling data from the U.K. to California, it's being sued by the State Fair of Texas for allegedly allowing employees to "plunder" boxes of unused coupons. The fun money that patrons use to buy drinks and rides every fall was sent to Iron Mountain for shredding, but apparently wound up back at the fair the following year. (See Iron Mountain in Hot Water Again.)

It's enough to make a heifer blush.

There may be nothing behind these accusations, but a company the size of Iron Mountain can be expected to have some security problems, right? After all, a company with 15,800 employees can hardly be expected to keep a strict lockdown on every item in its possession. Can it?

You tell me. When a company, of whatever size, stakes its claim as an authority in compliance and risk assessment, litigation readiness, and document handling, is it really too much to expect that it won't turn up in the news every few weeks with yet another shocking snafu?

It may be too much to expect of Iron Mountain. So far, the company has eschewed any responsibility for the various disasters that have befallen data in its safekeeping. Tape losses are a reminder to users to encrypt their data before handing it over to Iron Mountain. (See A Tale of Lost Tapes and Iron Mountain Keeps Truckin'.) Fires are under investigation, and as far as compensation goes, the stored goods were probably not worth much anyway. (See Archiving Goes to Blazes.) Other problems meet with denial or silence.At the very least, Iron Mountain needs to take advantage of its own services to improve its security companywide. Maybe then it can hold forth on compliance and litigation readiness with some credibility.

Mary Jander, Site Editor, Byte and Switch