Done With DUNS?

GSA issues RFI for alternative to Dun & Bradstreet’s legal identifiers

GSA has issued a RFI and a draft performance work statement in pursuit of an alternative to the current legal identifiers supplied by Dun & Bradstreet. GSA is “exploring all viable means of continuing to meet its ongoing need for entity identification and validation services after the contract’s expiration.” The new RFI builds upon an earlier request from February, and primarily seeks feedback on the statement of work.

The draft states that GSA aims to fill both technical and business needs. They highlight the need to “Determine entity uniqueness, which could include the assignment and/or use of a unique entity identifier in perpetuity, validation of certain entity data, and associated services,” as well as a method of understanding the hierarchy of entities,  and “a method to determine relevant information about an entity that is being excluded from doing business with the government.”

Technical objectives include real-time data for validation services, machine-readable formatting that doesn’t require custom software, and transfer and resting data encryption. The RFI has been widely welcomed by Dun & Bradstreet, as well as other industry partners. The contract expires in 2018, so be ready for changes.

GSA issues RFI to reevaluate schedule 70

It may be “Soft”ware but GSA is coming hard

In late October, GSA issued a Request for Information (RFI) about a proposal to change the way agencies buy software under IT Schedule 70. The proposal would support compliance with the MEGABYTE Act of 2015, and improve federal management of $6 billion worth of software.

The proposed changes mostly impact term licenses, perpetual licenses, and software maintenance. Term software licenses would be “Redefined so that they are only applicable to software that is provisioned and executed from the ‘user’s servers, computing end-points, or other designated computing devices where the user has the right to load or deploy software,’” GSA stated. “Additionally, the requirement to convert term licenses into perpetual licenses has been modified so that it is only required when an offeror offers the same conversions to their commercial customers.”

There will be two pathways towards perpetual licenses: “Option 1 contemplates software vendors that will embed software identification tags in their software products that are consistent with the ISO/IEC 19970-2 standard,” the RFI states. “Option 2 contemplates software vendors that will allow incumbent software licensees a right to transfer or move perpetual licenses to a new licensee for a previously negotiated fee. It is intended that these new asset management rights and features are voluntary, meaning that software vendors who wish to offer them may optionally include them on their schedule contract.”

And there might be a new SIN for software maintenance! “Software maintenance-as-a-product, henceforth, will be the maintenance that software vendors charge for on an annual basis…Under the current software maintenance SIN structures, it is impossible to differentiate a software purchase from an annual software maintenance purchase. Providing software maintenance-as-a-product with its own SIN identifier allows the federal government to better manage software as an asset and appropriately track categories of spend by differentiating between software licenses and software maintenance.”

Exciting! If you have any questions or worries about your Schedule 70 products, feel free to call your EZGSA proposal specialist or anyone at our office at 301-913-5000.

Is eOffer Easier?

eOffer’s New Look

eOffer recently gave the website a makeover for section 508 compliance. Section 508 requires that all federal agencies ensure that persons with disabilities have comparable access to electronic material. This means larger type, more intuitive website mapping, and a more accessible user interface.

Don’t get too excited though: eOffer’s interface still isn’t quite caught up with the times. Only small portions of navigational areas are responsive, headers are cramped, much of the type is still small, and mobile is another beast entirely, although a slightly prettier one than in the past.

To check out the new “look and feel” for yourself, head over to  https://eoffer.gsa.gov/

Rolling Down the FedRAMP

GSA recently announced the launch of the FedRAMP Tailored Baseline for Cloud Service Providers with Low Impact Software-as-a-Service systems. FedRAMP Tailored aims to support solutions that have low risk and low costs for agencies. This means a streamlined process for a variety of applications. Tailored also standardizes an approach to determine risks associated with cloud applications and provides the government with the freedom to use the cloud while maintaining security.

FedRAMP tailored was open for comment in January and July of 2017. The program provides base security control requirements for industry to meet. Agency authorizing officials are responsible for adding controls where necessary for compliance. GSA believes “The FedRAMP program, including our goals for Tailored, is a key part of issuing an informed, risk-based authority to operate.”

For more information, see the FedRAMP Tailored website. 

Keep it Under Lock and Data Key

GSA officials announced plans to rebrand Special Item Number 520-20 on September 20th. The SIN will act as the official Data Breach Response and Identity Protection Services offering on the Professional Services Schedule. GSA hopes that this move will offer industries and agencies more flexibility and responsiveness.

Ordering offices will “now have the ability to obtain specifically what is needed for their immediate situation,” explained Stephanie Kenitzer, professional services category community manager.

The new SIN offers “identity monitoring and notification of Personally Identifiable Information and Protected Health Information, identity theft insurance and identity restoration services, and protect (safeguard) the confidentiality of PII and PHI.”

The changes will occur with the next solicitation refresh, projected for mid-October.

When a competitive number of vendors are on schedule, GSA plans to swap identity protection services from the current blanket agreements to the SIN.

For more information see the official statement.