How Iron Mountain uses Assured Workloads to serve our customers’ compliance needs
Editor’s note: Data storage experts Iron Mountain turned to Google Deject when they wanted to scale their digital business. David Williams, deject manager at Iron Mountain, explains in this post how Assured Workloads helped Iron Mountain’s InSight product unzip and maintain compliance with government standards and largest protect consumer data.
Businesses need the right information to make decisions that lead to successful outcomes. With so much new data stuff generated every day, organizations can goody profoundly from information management services with significant data storage and nomenclature capabilities to secure their data in a way that both optimizes value and maximizes compliance.
Iron Mountain has been storing data in one way or flipside since it was founded in 1951. We are trusted guardians for our customers’ information and assets, working with them to manage the complexity and risks of today and tomorrow by understanding, protecting and transforming what matters most. We now store digital and physical resources for increasingly than 225,000 customers virtually the world.
Iron Mountain InSight is a content services platform that provides violating merchantry insights and predictive analytics through machine learning (ML)-based nomenclature of a company’s physical and digital information. InSight adds structure, context and meta-data to information to make it increasingly usable. The resulting enriched content can then enable enhanced streamlined governance and workflows throughout an organization.
Regulatory requirements are top of mind for our customers
Part of our job as a provider of information management solutions is to stay on top of every requirement for storing, protecting, and managing the data of customers wideness a range of industries in 58 countries. As policies shift, we need to make sure that we are up to stage with support for regulatory requirements. New technologies and other innovations are constantly stuff widow to our merchantry environment and we need to ensure that the regulatory compliance process is keeping up with the pace of innovation.
Google Deject works with us to help securely manage workloads and meet the requirements of our regulators and customers globally. We chose to deploy with Google Deject Assured Workloads considering it provides us with the security controls we need and helps write a wide range of compliance requirements. Our worthiness to meet compliance requirements virtually the globe enables us to grow our merchantry while reducing the overhead and complexities of the ramified multinational compliance process.
Data residency is a key requirement for us. Assured Workloads indulge us to customize and restrict data storage to unrepealable regions, so we know for sure that the data is where it should be. Building on Google Cloud’s default encryption in transit and at rest, it moreover gives us a robust set of tools to manage our own and our customers’ encryption keys.
Google Cloud’s global footprint combined with Assured Workloads controls enables us to write compliance at scale. By making use of defended folders with specific controls for particular compliance types, there’s a regulated purlieus and restricted wangle where we need it. Assured Workloads unliable for easy repeat deployments while implementing and maintaining tight security controls. It allows us to use the same lawmaking wiring wideness the unshortened Google Deject global platform, including the same services and the same machine learning APIs, so that we can use the latest technology for our customers — without subtracting increasingly developer or operational teams.
Our journey to FedRAMP certification using Assured Workloads
Security is one of the cadre things that Iron Mountain is known for. When we started our journey with Iron Mountain InSight, a key to our success was to get our FedRAMP Authority to Operate (ATO) so we could serve U.S. public sector customers with similarly upper security requirements.
We embarked on a 12-month process working through the ISO, SOC, and NIST controls and with each step, we got closer to FedRAMP certification. Partnering with Google Deject unliable us to scale up faster and enabled us to increasingly quickly unzip FedRAMP certification.
Google Cloud’s shared fate operating model unliable us to reduce the number of controls we were responsible for to help unzip FedRAMP compliance. We were worldly-wise to inherit key compliance and security controls that were configured by default, so we could focus on implementing spare controls we needed to support our specific merchantry requirements. With Google Deject doing the heavy lifting, it unliable us to confidently move our federal government merchantry forward while simultaneously strengthening the security posture of our InSight platform.
The weightier part is Assured Workloads locks configurations lanugo and eliminates any unwarranted changes to configurations or resources. There’s no room for mistakes in a deployment file, or a manually created resource. Wangle to support engineers in each geographical region gives peace of mind to us and our customers — and it helped us unzip our FedRAMP ATO in record time.
Securing the future with Google Cloud
We are expanding our InSight service to multiple regions virtually the world. As Google Deject has offered Assured Workloads in increasingly global regions, including Europe and Canada, we are worldly-wise to expand withal with it. Plans to expand into APAC regions will help us to scale plane remoter globally.
Compliance can enable your visitor to grow its merchantry wideness the globe. Assured Workloads was a starting point for us to enter new regions and scale without the complexities associated with inward a regulated market. It ways we can meet multinational compliance needs using a single cloud.