Bill Downer, vice president of National Programs for Seagate Government Solutions and a key member of Executive Mosaic’s GovCon Expert program, recently spoke with ExecutiveBiz for the publication’s latest Executive Spotlight interview to explore the company’s recent fourth-quarter performance, the development of storage device capabilities, the challenges of data security and protection as well as the big changes to the encryption industry.
“Seagate believes that this is absolutely an upward curve that will continue to get steeper. What worries me the most is the government and other industries having the ability to keep up with the curve. This is a part of why managing your keys is going to be so significant in the future.”
You can read the full Executive Spotlight with GovCon Expert Bill Downer below:
Seagate Government Solutions Financial Results
ExecutiveBiz: With Seagate’s fourth-quarter results being released in July and reporting the highest revenue for the company in 6 years, what are the main factors you attribute to your growth success in the federal sector and what can we expect from Seagate for the rest of the year and beyond?
“I attribute our success to a couple of different factors. The growth of the company is tied to the fact that we’re producing more data daily than ever before. The government is no different in its data creation and with all everything it is working on with artificial intelligence and machine learning.
The world is producing exabytes of data per day and all that data needs to be stored on a storage device. As a result of the need to store all that data; it has led to significant growth for Seagate’s business as the world’s largest manufacturer of hard drives and one of the most crucial players in solid-state drives.
The fact is that data needs to reside somewhere. We talk about cloud capabilities, but that is mostly just large data centers that are full of disk drives and solid-state drives storing people’s data and processing that data. Regardless of how the data was created or where it’s being stored, it needs to be optimally stored on a device of some kind. Those are often manufactured by Seagate.”
FIPS 140-2 Certification
ExecutiveBiz: To continue the topic of hardware, can you talk about the work that Seagate has been doing with NIST/National Cybersecurity Center of Excellence on the provenance of storage devices and storage device firmware?
“Right now, we’re working on two or three different initiatives with NIST. NIST has been a leader, alongside Seagate, for quite some time in the areas of data security and the legitimacy of the hardware and firmware on the storage devices.
Seagate was one of the first firms to be FIPS 140-2 certified and will likely be one of the first to be FIPS 140-3 certified as well. Seagate prides itself on being a leader in data protection and we’ll continue to lead whether it’s common criteria or the federal information processing standard for encryption modules.
One of our NIST initiatives is a Cooperative Research and Development Agreement (CRADA) focused on the validation and integrity of computing devices. We have received the scope of that to include storage devices and we are working with NIST, as well as other partners, around validating and doing the adaptation of both the devices in use and the firmware as well.
We want to ensure that we deliver our part of this project. We want to help show that there is a way for companies and individuals to verify that the firmware on their storage devices is the correct version, but more importantly, that the device hasn’t been tainted with and has no malware to speak of. We’re working to be the leader in this area and can guarantee that the hardware is legitimate, and the firmware is clean on all our devices.
Another initiative is to address the concern that a lot of people are having right now about some of our supply chain challenges as it pertains to getting a product. We are one of the first firms in this industry to receive a third-party validated supply chain certification for the lifecycle of a product from its concept to retirement. That standard is known as ISO 20243 and Seagate is one of the very few IT companies to get that.
We’re now in the process of becoming ISO 20243 certified for the manufacturing of all our enclosures as well as our storage devices. As we’ve seen from several executive orders coming from the White House, data-centric security, as opposed to network security, is an issue and the current administration is concerned about the protection of data at rest on these devices.
Seagate will continue to be deeply engaged with different parties across the government, including the White House, around making these manufactured products that adhere to the intent of those executive orders and potential new laws that could be coming out of Congress soon.”
Seagate Secure & Data Security
ExecutiveBiz: With data security being one of the most significant initiatives across the federal landscape today, how does Seagate Secure work to provide reliable data protection and what benefits does it provide data managers that other platforms don’t?
“The major capabilities we have that most IT and cloud firms are not taking advantage of is the ability to do key management at the drive level as well as at the sector level on a drive. With that ability, you could have two different levels of security on a single device.
The problem we run into is that several manufacturers use controllers or other devices that block the commands to do this. We’re advocating that the government, its contractors, and suppliers begin to take advantage of a lot of the intellectual property around security.
These are advantages that Seagate is developing in conjunction with certain intelligence agencies to create very secure data at rest capabilities beyond what current IT equipment capabilities. A lot of IT manufacturers say we’re FIPS 140-2 compliant, which means they have a software capability to do encryption, but they don’t have the encryption to do two things at the drive and sector level.
More importantly, one of the smaller manufacturers that we’re connected with has the ability that if there is a threat where there is denial service, ransomware or someone trying to change the encryption, the manufacturer can dynamically change all the keys at the drive and sector level within milliseconds.
The reason why a lot of these bigger manufacturers aren’t taking advantage of these security measures has a lot to do with the required engineering efforts are significant even at their level of capability. The second reason is that these manufacturers are only going to build the minimum requirement available and they’re going to follow the government’s lead until that becomes its own requirement to protect our national security from various threats.”
Seagate Hardware Encryption Devices
ExecutiveBiz: What can you tell us about Seagate’s Hardware Encryption Devices and software capabilities and how COVID-19 has influenced and changed the encryption industry? What are the key factors boosting the Hardware Encryption Devices market growth?
“As I mentioned earlier, Seagate is working closely with NIST to become the first firm capable of reaching FIPS 140-3 compliance for all our devices to emerge as a leader in the encryption module space through our partnership with NIST.
Seagate really is moving very quickly. We have 18 terabyte hard drives that we sell today. The market has begun to really lag. By December, we’ll have 20 terabytes hard drives available and we’ll be able to innovate and build these larger storage devices at the same price point as a lot of the devices that we saw even five to ten years ago.
Our current technology and development will have us being able to offer 100 terabytes within the next three to four years. We’re in a data tsunami right now where we produce more data in a year than we created in the thirty years prior to the modern-day.
Seagate believes that this is absolutely an upward curve that will continue to get steeper. What worries me the most is the government and other industries having the ability to keep up with the curve. This is a part of why managing your keys is going to be so significant in the future.”