Integrated Technology Services U.S. General Services Administration SmartBUY and Cybersecurity...

Integrated Technology ServicesIntegrated Technology Services

U.S. General Services Administration

SmartBUY and CybersecuritySmartBUY and CybersecurityGSA/ITS Office of Infrastructure OptimizationGSA/ITS Office of Infrastructure Optimization

SmartBUY and CybersecuritySmartBUY and CybersecurityGSA/ITS Office of Infrastructure OptimizationGSA/ITS Office of Infrastructure Optimization

Adrian Fish – Project ManagerStephen Bell – Project ManagerGeneral Services Administration

Adrian Fish – Project ManagerStephen Bell – Project ManagerGeneral Services Administration

May 4 - 6, 2010GSA ExpoMay 4 - 6, 2010GSA Expo

Federal Acquisition Service

2

Agenda

GSA ITS Summary

GSA SmartBUY Overview

SmartBUY Program Stakeholders and Objectives

SmartBUY Products and Services

BPA Creation Synopsis

DoD Enterprise Software Initiative Overview

Audience Questions


3

ITS offers government access to the spectrum of IT products and services, and to strategic solutions that meet customer needs

3

ITS“Great Government

through Technology”

Cybersecurity Sustainability SocioeconomicWireless &

Mobility

IT Offerings

Strategic Initiatives


4

ITS helps government execute its core mission by making IT acquisitions:

Faster

Cheaper

Easier

Assisted Acquisition Services

ITS delivers products and services through four main ITS delivers products and services through four main channelschannels


5

America's digital infrastructure is the backbone that underpins a prosperous economy, a strong military, and an open and efficient government.

GSA is leading the way in building a reliable, resilient, trustworthy digital infrastructure for the future.

GSA’s SmartBUY program supports these efforts with software agreements available to federal agencies in areas such as antivirus, data encryption, configuration/vulnerability scanning tools, and geospatial information systems.

GSA and SmartBUY


6

SmartBUY (Software Managed and Acquired on the Right Terms) launched in June 2003.

SmartBUY leverages the Federal government's software purchasing power.

Supports the current administration’s Homeland Security Agenda to modernize critical IT Infrastructures.

Improves the configuration management, security, and standards of Federal computers.

Identified as a FY 2010 IT Spending Priority by the current administration.

SmartBUY Program Overview


Provide Federal agencies the best obtainable terms and conditions

Work with Federal agencies to understand software requirements

Improve the configuration management, security, and standards of Federal computers

Reduce Acquisition and Support costs

Complement the Schedule 70 program by targeting large-volume software purchases

SmartBUY Business Model

7


8

SmartBUY FlexibilityCost Savings

Standardization

SmartBUY Key Service Objectives

Flexibility

Standardization

Best Obtainable Terms and Conditions


9

Stakeholders Initiate SmartBUY Requirements

Strategic Partners (e.g., E-Gov Lines of Business)

Business Partners (e.g., DoD Enterprise Software Initiative)

Customers (e.g., Federal Agencies)

Leading Research Firms (e.g., IT/Market Research firms)


Increase Federal Market Share

Create More Predictable Revenue Streams

Enhance Software Offerings with Professional Services

Lower the Cost of Sales to Government

Software Publisher/Reseller Success Factors

10


GSA/ITS Cybersecurity Strategy

Identify commercial product/service procurement strategies that motivate vendors to build security within hardware and software product designs, technologies, and managed services.

Study and continue cybersecurity work performed by the National Security Agency for the Department of Defense.

Develop a plan of action and market penetration strategy to meet evolving cybersecurity requirements.


12

SmartBUY BPAs incorporate the latest National Institute of Standards and Technology (NIST) and Office of Management and Budget (OMB) standards:

Federal Desktop Core Configuration (FDCC)

Secure Content Automation Protocol (SCAP)

Federal Information Processing Standards (FIPS)

Supply Chain Risk Management (SCRM)

SmartBUY Raises Bar on Security and Standards


13

Ongoing FAS/ITS Strategic Acquisition Efforts

Managed Trusted Internet Protocol Services (MTIPS) Trusted Internet Connection (TIC) Initiative Telecommunications Expense Management Services

(TEMS) Certification & Accreditation (C&A) Services Cloud Computing Procurement Cybersecurity Identity Credentialing & Access Management (ICAM) Green IT


Business Intelligence

Database Management

Enterprise Backup/Recovery

Enterprise Content Mgt.

Enterprise Resource Planning

Geospatial Information Systems

Information Assurance

Network Management

Office Automation

Open Source

SmartBUY Software Market Categories

14


GSA Schedule 70 / SmartBUY Relationship

GSA Schedule 70GSA Schedule 70

• Broad Selection of Software Applications

• Selection Flexibility

• Fair and Reasonable Prices

• Standard Terms & Conditions

SmartBUYSmartBUY• Strategic Sourcing Methodology

• Targeted Software Competitions

• Partners Selected Based on Government Footprint

• Schedule 70 Terms & Conditions

15


Schedule 70/SmartBUY - Scenario 1 Schedule 70/SmartBUY - Scenario 1

The Department of Navy requires Data at Rest (DAR) encrypted solutions for all mobile devices.

CustomerRequirement

CustomerRequirement

AcquisitionChannel

AcquisitionChannel

CustomerOutput

CustomerOutput

Department of NavyComprehensive DAREnterprise Solution

Department of NavyComprehensive DAREnterprise Solution


• Smartphone Protection• Network Device Control• Help Desk Management

GSA SmartBUYGSA SmartBUY

• Encrypted Drive Manager• Removable Storage

Encryption

16


Schedule 70/SmartBUY - Scenario 2Schedule 70/SmartBUY - Scenario 2

CustomerRequirement

CustomerRequirement

AcquisitionChannel

AcquisitionChannel

CustomerOutput

CustomerOutput

San Bernardino CountyComprehensive GISEnterprise Solution

San Bernardino CountyComprehensive GISEnterprise Solution


• Demographic Software• GPS Equipment• Web Map Service

GSA SmartBUYGSA SmartBUY

• CAD Software• Geocoding Software• Imagery Analysis Software

The San Bernardino County (CA) seeks Geospatial Information Systems (GIS) tools that are compatible with products used by EPA, FEMA, and DOI.

17


18

SmartBUY currently has 44 active Blanket Purchase Agreements (BPAs): The BPAs reside within 10 software market categories. 24 of the BPAs are available for state, local, and tribal use. 34 of the BPAs are with small businesses.

FY 2009 SmartBUY Program Achievements: Sales = $222M Federal Customer Savings = $195M

FY 2008: Federal Customer Savings > $165M.

Since program inception, Federal agencies savings are almost $900M.

SmartBUY Achievements


There are currently 44 SmartBUY BPAs. Each BPA is placed against an IT Schedule 70 contract.

SmartBUY Agreements

Market Category Software Publisher

Database Management Oracle (RDBMS) – 5 Agreements

Enterprise Content Management Meridio (Records Management)

iGrafx (Bus. Process Improvement ) – 3 Agreements

Manugistics (Supply Chain Management)

Planet Associates (Infrastructure Relationship Mgt)

Geospatial Information Systems GIS – 5 Agreements

Data-At-Rest – 12 Agreements

McAfee (Antivirus) – 3 Agreements

SAIR – 7 Agreements

Telos (Certification & Accreditation)

BDNA (IT Asset Management)

Belarc (IT Asset Management)

BigFix (IT Asset Management)

Quest (IT Infrastructure Management )

Office Automation WinZip (File Compression Utility)

Information Assurance

Network Management

Enterprise Resource Planning

19


BPA Socio-Economic Classifications

10 Large Businesses

27 Small Businesses

4 Small Disadvantaged Businesses

2 Service-Disabled Veteran-Owned Small Businesses

1 Woman-Owned Small Business

20


21

SmartBUY partnered with the Information Systems Security Line of Business (ISS LoB) and the Department of Homeland Security (DHS) to award seven Situational Awareness and Incident Response (SAIR Tier I) BPAs.

Federal, state, local, and tribal governments can procure SAIR Tier I products/services to improve cybersecurity protection and achieve FDCC and SCAP compliance.

SAIR Tier I Functionality:

SmartBUY SAIR Tier I BPAs

Configuration Scanning and Assessment Tools Vulnerability Scanning and Remediation Tools Network Path / Discovery Tools


22

SmartBUY collaborated with the Geospatial Line of Business (Geo LoB) and the Department of Interior (DOI) and to award four Geospatial Information Systems software BPAs.

Federal, state, local, and tribal governments can use Geospatial BPAs to respond quickly to natural disasters, industrial accidents, and homeland security alerts.

Geospatial Information Systems (GIS) Functionality: Computer Aided Design Web-Based Visualization Imagery Analysis

Geocoding National / Intl. Road Networks Analytics and Modeling

SmartBUY Geospatial BPAs


23

SmartBUY, the ISS LoB, and DHS are currently establishing requirements for future cybersecurity initiatives.

The SAIR Tier II Request for Information (RFI) was released in December 2009 and closed in January 2010.

SAIR Tier II functional areas under consideration for FY 2010 solicitation: Endpoint Protection Platform Web Application Firewall Security Information and Event Management Data Flow Analysis

New SmartBUY SAIR Tier II Discussions


24

SmartBUY is partnering with the ISS LoB and DHS to establish BPAs for Certification & Accreditation (C&A) and Continuous Monitoring tools and services.

C&A BPAs will meet existing and proposed FISMA and NIST security requirements.

C&A services: Categorize Information System Select Security Controls Assess Security Controls Implement Security Controls Authorize Information System Monitor Security Controls

SmartBUY Certification & Accreditation BPAs


25

Future Areas Under SmartBUY Consideration

Data Center Services

Business Intelligence Services

Health IT


Blanket Purchase Agreement (BPA)

In accordance with FAR 8.405-3, a GSA Schedule BPA:

Simplifies recurring acquisitions of products and services

Provides an opportunity to negotiate further discounts Reduces administrative efforts Obtains best value by leveraging buying power Provides streamlined ordering procedures Allows for quicker turnarounds on orders Incorporates terms and conditions consistent with the

underlying contract

26


27

SmartBUY BPA Creation

Post-Requirements Definition, BPA milestones include:

Request for Information (RFI)• Developed by SmartBUY PMO and posted to FedBizOpps• Goal: Identify Industry capabilities

Industry Day• Discuss/Clarify requirements with Industry representatives

Request for Quotation (RFQ)• Released through e-Buy to IT Schedule 70 contract holders

Offer Evaluation and Bilateral BPA Award• Technical Evaluation • Price Evaluation


Working with the FAR Council (Case 2005-014) to issue a new SmartBUY FAR clause.

Clause will state that all agencies purchasing commercial software include SmartBUY in their acquisition process as a “mandatory source of consideration”.

The SmartBUY clause will reside in FAR Part 39.

April 2009 – The GSA Office of the Chief Acquisition Officer (OCAO) sent the case to OMB’s Office of Federal Procurement Policy for final approval.

FAR Case Status

28


How to Use SmartBUY BPAs

SmartBUY Website: http://www.gsa.gov/smartbuy

BPA Ordering - In Accordance with FAR 8.405-3: Single BPA – Authorized users may place the order directly

under the established BPA. Multiple BPAs – Authorized users forward the requirement to

all BPA holders and make a best value determination based on responses received.

Decentralized Ordering Process

Standard Multiple Award Schedule (MAS) BPA Procedures

Spot Discounting Encouraged 29


30

Waivers - Agencies may request a waiver from SmartBUY agreements for compelling needs.

A memorandum that provides a compelling justification for non-SmartBUY purchase, signed by both the CIO and CAO of the agency, must be submitted.

The waiver request must be sent to GSA’s Office of Government-wide Policy.

Waiver Process: http://www.cio.gov/documents/20040708finalwaiver-cUpdate.doc

SmartBUY Waivers


Founded in 1998 to establish a Department of Defense software enterprise management process.

Identifies, consolidates, and presents broad-based commercial IT requirements to commercial IT vendors, via a single negotiating position.

Negotiation, acquisition and administration methodologies are based on recognized best practices, and 14 basic operating principles

ESI Home Page: http://www.esi.mil

DoD Enterprise Software Initiative (ESI) Program

31


SmartBUY Program Management OfficeJohn Schwarz Director, SmartBUY PMO [email protected] (703) 306-7687

Pebble Randolph Operations Director [email protected] (703) 306-7594

Stephen Bell Project Manager [email protected] (703) 306-7595

Edward Benger Project Manager [email protected] (703) 306-6359

Adrian Fish Project Manager [email protected] (703) 306-7534

Pat Green Project Manager [email protected] (703) 306-6633

Doug Hansen Project Manager [email protected] (703) 306-6333

Darwin Roberts Project Manager [email protected] (703) 306-7575

Sharon Terango Project Manager [email protected] (703) 306-6104

Michael Hargrove Contracting Officer [email protected] (703) 306-7701

Raymond McCollum Contracting Specialist [email protected] (703) 306-6249

Deepa Hilary Business Analyst [email protected] (703) 306-6627

E-mail: [email protected] Website: http://gsa.gov/smartbuy32


33

Thank you for your interest and participation!

ITS can help make all of

your IT acquisitions

faster, cheaper

and easier

• SmartBUY’s software procurement program leverages the government’s immense buying power

• SmartBUY aligns with the President’s goal of streamlining IT procurement

• SmartBUY follows FAR guidance and IT Schedule 70 contract terms/conditions.

• SmartBUY raises the bar on security and standards

Please remember:

Please remember:

• [email protected]

• [email protected]

• Website: www.gsa.gov/smartbuy

• E-mail: [email protected]

For more information

contact:

For more information

contact:


Questions?

Integrated Technology Services U.S. General Services Administration SmartBUY and Cybersecurity...

Documents

Transcript of Integrated Technology Services U.S. General Services Administration SmartBUY and Cybersecurity...