Modernizing and Funding IT

GSA will continue IT modernization through the new fiscal year, according to Suzette Kent, Federal Chief Information Officer, and Emily Murphy, GSA Administrator. (Federal Times, October 21, 2019)

While Kent and Murphy were speaking at the American Council for Technology-Industry Advisory Imagine Nation conference, the Technology Modernization Fund (TMF), announced $8 million of funding to be made available for the Department of Agriculture and $4 million for the Equal Employment Opportunity Commission (EEOC). (TMF provides funding to agencies for IT projects.) TMF recently granted GSA $20 million for its New Pay HR system.

The EEOC will implement a Cloud-based charge and case management system while the Agriculture project will replace an outdated, manual IT system used for food inspection and certification. Both of these systems have thousands of touch points around the country. The Office of Management and Budget has said both agencies will leverage modern commercial capabilities to move their digital modifications. (ibid)

Interested in the upcoming GSA RFQ or DoA or EEOC opportunities? Give us a call.

Update on GSA’s Schedule Consolidation

Stephanie Shutt, who is spearheading the GSA Schedule consolidation, recently spoke about the effort’s three phases. On October 1, GSA completed the first phase of the consolidation and released the new single solicitation. (Nextgov, October 9, 2019)

Phase one organizes the Multiple Award Schedule Consolidation into categories that correspond to OMB’s category management approach. This allowed GSA to work with a template instead of starting from nothing. During the Schedule review, duplicates were removed as were multiple versions of specific contract clauses. (ibid)

To date, the Schedules had been divided into service and supply subcategories or Special Item Numbers (SINs). Duplicate SINs were removed, about 600 in all. The new SINs structure is based on the North American Industry Classification System (NAICS) which many agencies already use. (ibid)

Phase two, set to begin after the new year, will focus on existing contract holders completing a mass modification to update their base terms and conditions, which will ultimately moving most current holders to the new Schedule. Updates do not apply to negotiated elements of contracts, such as warranties or periods of performance. They will, however, impact the baseline terms and conditions. Vendors will also see a relocation of SINs and have the opportunity to select SINs that previously were across separate Schedules. Look for an advanced notice regarding mass modifications from GSA in early November. (ibid)

Phase three is slated to launch in July 2020. During this time, contracting officers will assist multiple Schedule holders with more than five years remaining on their contracts to consolidate into a single contract under the new Schedule. (ibid)

Shutt stressed that vendors with one contract under MAS or multiple contract holders that see completion within the next five years will have reviewed and completed the process by signing the “mass mod” during phase two. Phase three affects only contractors with multiple contracts, especially those with more than five years remaining on the contract. Those particular contractors will receive support directly from Shutt’s team to devise a plan to funnel all products and services down to one contract. (ibid)

Questions about how these phases might affect your current contract or a current bid? Give us a call.

We See the Future and it is … Single Sign On

By now you’ve likely heard of Single Sign On (SSO). It’s not exactly new, and it’s currently used by just a few agencies, but it is the wave of the future as agencies move to more cloud-based apps. In fact, 6 U.S. Code § 1523(b)(1)(D), a provision of law governing federal cybersecurity regulations, states that agency heads must “implement a single sign-on trusted identity platform for individuals accessing each public website of the agency that requires user authentication.” This provision was created by GSA working with the Department of Homeland Security. (FedTech, May 24, 2019)

What exactly is SSO? SSO allows a user to sign in one time with one high-strength password and access all that specific user’s authorized applications. With SSO, a user need not memorize a different password for each and every application they access. SSO uses the Security Assertion Markup Language protocol that gives the user the ability to log on once for affiliated but separate websites. According to Tracy David, a cloud client executive at CDW, SSO uses “highly complex encrypted keys, which the end user has no access to view or change.” Ultimately, this makes for a much higher level of security for each agency. (ibid)

At this time, you must log in to each app with a different password. More often than not, passwords across applications are similar (if not the same) and easily remembered. This weakens the security level of the agency as stolen credentials account for roughly 80 percent of breaches. With SSO, you have one complex, single-sign-on password protected with multi-factor authentication.  (ibid)

Many agencies are still using on-premises SSO, which will be more difficult as apps move to the cloud. Insiders believe that the Defense Department’s forthcoming Joint Enterprise Defense Infrastructure cloud contract signals cloud adoption becoming the “norm” in government.

Questions about how this affects your current government contract, or how you might work with the government on SSO Technology? Give us a call at 301-913-5000.