Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
GAO upholds two of three email-as-a-service protests
Monday - 10/17/2011, 5:51pm EDT
GAO today issued its decision sustaining the protest by Technosource Information Systems and TrueTandem that GSA's requirement for any non-U.S.-based cloud computing data center to be located in Trade Agreements Act designated countries was unfair. GAO also sustained the two companies' protest that GSA's requirement for Internet routing was ambiguous and contradictory.
But GAO denied the two companies claim that the agency's requirement for a "government community cloud" limited to U.S. federal, state, local or tribal government entities was unfair. GAO said GSA's requirement is allowed because there is "a potentially meaningful security benefit associated with the requirement."
"We are currently reviewing the GAO's recommendation that GSA clarify the requirements language in the two sustained protest grounds, and will be making a decision on a corrective action following a thorough review of the GAO's decision," said Steve Kempf, commissioner of the Federal Acquisition Service.
Requests for comment from the companies' lawyer were not immediately returned.
Technosource Information Systems filed the bid protests July 7, the day before the RFQ closed for bids under the $2.5 billion email-as-a-service BPA. TrueTandem filed a copy of Technosource's protest as its own July 8.
GSA issued the BPA in May for e-mail, office automation and electronic records management under a five-year contract. GSA and the Defense Department are working together on the BPA through the SmartBuy and Enterprise Software initiatives.
On the first complaint of the Trade Agreements Act requirement, GAO found GSA "failed to establish a connection to any legitimate government need."
"After reviewing all of the arguments made by the parties, and convening a hearing, GAO concluded that GSA had not provided any meaningful explanation of its decision to limit non-U.S. based cloud computing centers to Trade Agreement Act designated countries," said Ralph White, GAO's managing associate general counsel for procurement law, in an emailed statement. "Specifically, the GAO decision noted that GSA had provided no explanation for why, under the terms of the solicitation, cloud computing data could be stored in Yemen, Somalia, or Afghanistan (each of which are Trade Agreement Act designated countries) but not in Brazil, India or South Africa (none of which are Trade Agreement Act designated countries). GSA explained that its approach would, however, permit it to avoid locating cloud computing data in Cuba, Iran, North Korea, or China."
White said on the Internet routing requirement, GAO found GSA failed to provide clarification in a timely manner.
As for the one area GAO denied the vendors protest of, White said, by requiring a government only cloud there are "security advantages" in "avoiding the risks presented by co-tenancy of agency data with the data of potentially hostile foreign entities."
"We recommend that GSA amend the RFQ to reflect its actual needs concerning non-U.S. data center locations, clarify its requirements, reopen the competition, and allow offerors to submit new or revised proposals," GAO ruled. "We also recommend that the protesters be reimbursed the costs of filing and pursuing their protests, including reasonable attorneys' fees."
GSA has 60 days to inform GAO of its plans to implement the recommendations.