A Q&A with Iron Mountain executive John Clancy about remote storage and the impact of government regulations.
John Clancy is the president of Iron Mountain Digital, the arm of Iron Mountain that oversees storage services including remote archiving accessed by customers over the Web. Clancy came on board from Connected Corporation after it was acquired by Iron Mountain in 2004, and became president of the Digital business unit in January 2007. Clancy has overseen several acquisitions, including a $158 million purchase last October of Stratify, which sells e-discovery services in the legal market. Clancy spoke with Network World Senior Writer Jon Brodkin this week at Iron Mountain Digital's office in Southborough, Mass.
Describe your off-site archiving strategy.
We call it storage-as-a-service. We're interested in technologies that do three things: capturing data, technologies that help store and protect data, and thirdly, where Stratify helps quite a bit, is making that data useful. We protect more data on a hosted basis than any company in the world. But the game will really be won over the next decade by making that technology useful, and Stratify does just that.
What does a typical customer use your service for?
Imagine a large account, all their PCs are now backed up each and every day and sent to our data center. They just have to have an agent on their PC, and just set and forget. There's zero burden on IT. (Compare storage products.)
Where do you store customer data?
We've got two data centers here in the U.S. One is in Boyers, Pa. [Literally 220 feet below the Earth's surface, the data center became Iron Mountain property with the 1998 acquisition of National Underground Storage]. The other is in Kansas City. We have data centers in Toronto, Montreal, London and Belgium.
Most data centers are about the same. They're loud, lots of fans going, a little cold. We love to take customers out to our data center in Pennsylvania. . . . There are over 2,000 employees that go into our National Underground every day, many of which are government employees [storing information there].
Any innovative technologies in the National Underground?
Maybe the most interesting isn't perhaps that innovative, but it makes quite a bit of difference. Once you go 10 or 15 feet below the surface, you're at 58 degrees. We actually have natural cooling inside these data centers.
We also have engineers that literally work on how best to work in a cave. These are all limestone mines. They've found ways to dig inside the limestone to capitalize on the natural flow of air. It's a nice advantage for us in terms of power and cooling and ultimately one we can scale with. We don't have the same power consumption needs as a typical data center.
Do you use all your own stuff, or do you buy equipment from others?
We'll buy servers from a variety of vendors, all the major platform vendors. It's not uncommon to have our lobby full of salespeople from platform vendors trying to sell us more processing power or storage or memory. (Compare server products.)
After four years with Iron Mountain, what's the biggest change you've seen in the market?
The biggest change we've seen is the growing acceptance and need for companies to embrace the storage-as-a-service or software-as-a-service-model. Companies are looking at a lot of problems they have to solve and make the classic decision between what's core [to their business] and what's contextual. You don't have any businesses that run their business on backup and archiving. They protect their business with backup and archiving.
And certainly things like compliance and regulations make it much more important, and the penalties are greater than ever. People are looking for a different way of doing this.
Is it hard to convince companies to store sensitive data off-site? Some businesses, I assume, are more comfortable keeping it in their own data centers.
There is still a bridge a lot of customers have to cross. One of the ways we battle that is that with most of our technologies, we can offer it as a licensed product as well. If you start as a service provider and you've got it running, got a few versions, you can almost boil it down to a kit.
In terms of [customer] resistance, we do see some of that, but each and every quarter it becomes less and less of an issue. But there will always be a segmentation between customers that have to run it on their raised floors and other customers open to trusting it to a third party.
Do you think we'll ever see all backup and archiving data moved to third-party vendors?
I don't think it will be everyone, but at some point I can envision it will be the majority.
How much impact have government regulations related to data security had on your customers?
Quite a bit. You can always pick a vertical. Let's say [Securities and Exchange Commission] e-mail [archiving rules]. We're in that business where we have many of the largest broker/dealers in the world, who archive their e-mails on a minute-by-minute basis. That's where we see the most pressure, the most pain, the highest fines.
What about the Federal Rules of Civil Procedure?
I put that at the old-fashioned, corporate-governance level, customers realizing, whether it be e-mail, information in file servers or databases, that-s critical business information. It's not just signed contracts anymore. Now digital information has to be protected for a certain amount of time. It's causing a lot of confusion. It's causing a lot of people to come into the market. We've seen a lot of start-ups come at it.
Are any of those start-ups really innovative?
We see some folks in the e-mail-archiving space that look strong, but no one that really jumps out. If there are, we'll start to partner with them.
Have the TJX incident and similar data breaches made it easier for you to sell products?
I would say it's absolutely drawn more attention to it. The pain is more widespread, and folks are looking for solutions. Where it's benefited us is, we have a history of storing and protecting information, and that's opened a lot of doors for us, yes.
Are there any big changes afoot in the archiving market, other than storage-as-a-service?
What will happen in the archiving world is that it will no longer be about just capturing data and storing data. It will be about how useful you're making the data. That's going to become very tough for vendors and end users once you measure things in the petabytes and exabytes of data. That's why that area is getting laser focus for us . . . making data more useful, making it more of a strategic weapon for our companies . . . with search, classification, retention and destruction.
Why is e-discovery so challenging?
The biggest thing is disparate data. The ultimate in discovery is finding something in an Oracle database, because it's structured, you get it in milliseconds. What's happening is over the past decade-plus there's been a tremendous growth and explosion of data in disparate data sources, multiple applications sitting in multiple places, and sometimes across multiple languages. It becomes more and more complex.
Putting data somewhere is one thing, getting it back is another. In the Google lifestyle, there really aren't wait times that are acceptable at any level.
Do you have any big new products coming out soon?
At Stratify and the e-discovery space, they have a massive release we're working on now. It's their Version 9 product that allows Stratify to not only act as a hosted storage-as-a-service but to bring that technology onto a customer's raised floor. There's a lot of pull for that, so that's a very strategic release for us within the next six months.