Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
GSA reopens cloud email RFQ
Tuesday - 11/22/2011, 6:08pm EST
GSA released an updated request for quote Monday through its E-Buy site detailing changes to the solicitation after losing two of four counts of a bid protest in October.
The RFQ updates areas the Government Accountability Office found lacking in the protested procurement.
GSA now better defines a government community cloud as a "a multi-tenant cloud offering limited exclusively to United States federal, state, local and tribal governments with registered dot-gov or dot-mil domain addresses. Each tenant must have a designated chief information security officer and an acceptable use policy."
It also asks vendors about the location of their data centers. GSA writes, "Quotes should identify all data centers/processing locations within the information system where any ordering activity data (including but not limited to messages, metadata, account identifiers, user directory data) will transit, be processed, replicated or reside while inside the provider's security boundary. U.S. based prices are prices where all data and data centers required to operate the system and/or included in the system security plan are located within U.S. Non-U.S. based prices are prices where any data or data centers required to operate the system and/or included in the system security plan are located outside the U.S."
GSA also wants vendors to detail how they will meet the requirement to encrypt data using the designated standards for data "at rest" and "in transit."
Additionally, the updated RFQ details requirements for the provider to connect to the agency's Trusted Internet Connection gateway.
GAO sustained protests by Technosource Information Systems and TrueTandem that GSA's requirement for any non-U.S.-based cloud computing data center to be located in Trade Agreements Act designated countries was unfair. GAO also sustained the two companies' protest that GSA's requirement for Internet routing was ambiguous and contradictory.
"We reviewed the three issues addressed in the GAO's recommendation and amended the RFP for email-as-a-service accordingly," said Mary Davie, GSA's assistant commissioner for Integrated Technology Services in the Federal Acquisition Service, in an emailed statement. "The solicitation is currently posted and open for new or revised proposals through December. Questions on the solicitation from vendors are due by Nov. 30 and quotes are due on Dec. 20. We anticipate awards in Spring of 2012."
GSA initially issued the RFQ in May and expected to make the award this fall. The protest delayed the award, and now has forced it to reopen bidding.
The cloud computing contract has a ceiling of $2.5 billion over five years. Agencies are waiting to use the blanket purchase agreement. The Office of Management and Budget said earlier this year 15 agencies were ready to move 950,000 mail boxes to the cloud.
The RFQ continues to ask for email-as-as-service as well as four other services, including records management, integration, migration and office automation.
Vendors are required to provide at least one type of cloud service: government community cloud, provider furnished equipment private cloud, secret enclave or a public cloud, and the corresponding integration and migration services.