Iron Mountain touts shredding to fight data breaches

Not all data compromises arise from malicious hacking incidents or from the loss of computers and storage media containing sensitive information. Data thefts often occur when companies fail to properly destroy paper documents and other media containing important information.

With that in mind, Boston-based records management firm Iron Mountain Inc. this week announced a facility -- which it claimed is the largest of its kind in the world -- designed to help enterprises destroy media containing confidential information.

The 55,000-square-foot facility, located in Jersey City, N.J., can shred 200 tons of paper a day and up to 48,000 tons of paper a year, said Susan Bergin, a spokeswoman for Iron Mountain's secure shredding services group.

The facility uses a variety of high-end equipment to shred, grind and destroy not just paper documents but also other media, including X-rays, microfiche, computer disks, cartridges, videotapes, CDs and DVDs, she said. Sealed containers with media that needs to be destroyed will be shipped from the client's location to Iron Mountain facilities for disposal and recycling.

One of the major drivers of demand for the shredding and secure disposal services is the Fair and Accurate Credit Transactions Act (FACTA) Disposal Rule, which took effect June 1, 2005, she said. Under the U.S. Federal Trade Commission rule, all companies handling consumer reports are required to put in place formal processes for burning, pulverizing or shredding media containing sensitive information before it is discarded.

Apart from the FACTA requirement, nine states have laws mandating similar destruction of media, and 15 others are contemplating such legislation, Bergin said. Driving such laws are growing concerns that careless disposal of material such as business plans, marketing and product plans, customer lists and other confidential information is contributing to a sharp rise in ID theft, she said.