Skip to content Skip to left sidebar Skip to right sidebar Skip to footer

Federal Contracting

Submit Your Schedule 36 ERM Demos Now

GSA is accepting demos for the revised the Schedule 36 Electronic Records Management (ERM) Vendor Demo Process. (GSA Interact, June 4, 2019)

This month, GSA updated the original September 2018 notice regarding ERM demos, removing the GSA-recorded demo option. Vendors interested in participating in the demo presentation process must now record their presentations and provide its link to GSA. Once the demo presentation is approved, GSA will post the link to their Discovery tool. (ibid)

Discovery allows customers to explore GSA services contracts, vendors, and vendor contract history. Customers use this information to determine whether a GSA contract meets their needs. Within the next few months, Discovery should be loaded with current ERM vendor contract information.; at that time, contract holders will be notified. While the tool is being updated, vendors may submit their demo link via email to RecordsManagement@gsa.gov.

GSA wants vendors to create demos for the following:

  • ERM.010.L1.02. Determine if the electronic message can be placed under records management control
  • ERM.020.L1.02. Manage the metadata of an electronic message record throughout the lifecycle
  • ERM.030.L1.02. Dispose of approved electronic message records (ibid)

For additional information regarding the use cases, please see Records Express and the Federal Electronic Records Modernization Initiative (FERMI) website. (ibid)

GSA Guidelines for Demos

Technical

  • All scenarios should last no longer than five minutes, with an introduction of up to five minutes. Maximum running time for each demo should be no more than 20 minutes; shorter demos are encouraged.
  • GSA strongly encourages Section 508 compliance for all vendor demos.

Content

  • Data must be included at the beginning of the demo presentation
  • The types of electronic messages to address are email, SMS/MMS, and chat messages
  • Include as much automation as possible as agencies are looking to reduce the number of steps for end users to manage their electronic messages. Be certain to describe where people are involved in managing electronic messages.
  • Traditional, Hosted, Embedded and ERMaas are the types of approaches to records management.
  • Do not mention competitor names in your demo presentation.
  • Do not mention federal or commercial customers or reveal, in any way, other customers, for any reason. (ibid)

NARA/GSA Demo Submission, Review, and Approval

The submitted link or pdf should allow access to all updated or new video demos in the future. Please keep in mind that before any new demos are added to a vendor’s site or channel, they must be submitted to recordsmanagement@gsa.gov for review. Once approved, vendors can add the demo to their site/channel. Unauthorized demos will be removed from Discovery. GSA is asking for vendors to submit their demos as soon as possible. (ibid)

Release of the Vendor Demo Videos

  • Video on Demand
  • Hyperlinks to the Use Cases will be posted to GSA’s Discovery Tool
  • There may be a short period of time between the video approval and the video being posted on Discovery. GSA reserves the right to post videos in the order they are received.

Questions about these guidelines? Give us a call at 301-913-5000.

 

Strategy of the Federal Data Strategy

The recently released Federal Data Strategy focuses on making agency data more transparent and usable while maintaining security. It also strives to make the data more accessible to government agencies. (Federal Times, June 4, 2019)

Agencies must perform 40 actions to build cultures that value data and its public use, protect their data, and promote the appropriate internal use. (ibid)

The principles promoted by the Federal Data Strategy include:

  • Ethical governance – Agencies are to consider current and potential uses of their data and how those can benefit the population the agency serves. “To derive value from these potential uses, agencies need leadership champions, management buy-in, and staff capacity to conduct the data-driven decision-making cycle that prioritizes the informative value of data.” Agencies are instructed to:
    1. Identify data needs to answer key agency questions
    2. Assess and balance the needs of stakeholders
    3. Champion data use
    4. Use data to guide decision-making
    5. Prepare to share
    6. Convey insights from data
    7. Use data to increase accountability
    8. Monitor and address public perceptions
    9. Connect data functions across agencies
    10. Provide resources explicitly to leverage data assets (ibid)
  • Conscious design – agencies are to create a structure that promotes proper management and protection of data. According to the memorandum, “A data governance structure helps agencies use data to answer important questions while meeting legal and ethical requirements essential to maintaining public trust, including protecting the privacy and ensuring confidentiality.” Under this practice, agencies are looking at the largest number of action items:
    1. Prioritize Data governance
    2. Govern data to protect confidentiality and privacy
    3. Protect data integrity
    4. Convey data authenticity
    5. Assess maturity
    6. Inventory data assets
    7. Recognize the value of data assets
    8. Manage with a long view
    9. Maintain data documentation
    10. Leverage data standards
    11. Align agreements with data management requirements
    12. Identify opportunities to overcome resource obstacles
    13. Allow amendment
    14. Enhance data preservation
    15. Coordinate federal data assets
    16. Share data between state, local and tribal governments and federal agencies (ibid)
  • Learning culture – under the final practice, agencies must ensure that data is only used to a favorable effect, and that unauthorized users are denied access. The memorandum states, “Access to data resources includes practices related to sharing data assets, including open data and tiered access to protected data, disclosure review and interoperability of federal data. Use of data resources includes practices related to data documentation, emerging technologies for protecting confidential data and federal data expertise.” The most efficient and suitable use of data will often require cooperation between agencies not only within the government but also outside of the government:
    1. Increase capacity for data management and analysis
    2. Align quality with the intended use
    3. Design data for use and re-use
    4. Communicate planned and potential uses of data
    5. Explicitly communicate allowable use
    6. Harness safe data linkage
    7. Promote wide access
    8. Diversify data access methods
    9. Review data releases for disclosure risk
    10. Leverage partnerships
    11. Leverage buying power
    12. Leverage collaborative computing platforms
    13. Support federal stakeholders
    14. Support non-federal stakeholders (ibid)

Within the Federal Data Strategy is a draft one-year action plan in which goals laid out in the original memo are addressed. Designated agencies will develop and share government-wide resources and tools for implementing the Strategy. Some agencies will be assigned to improve the management and use of specific data while working together with other agencies to determine how they might make their data better to serve their needs both internal and external. (ibid)

Agency comments on the action plan are due July 5.

Questions about how this affects your ability to work with agency data? Give us a call at 301-913-5000.

 

We See the Future and it is … Single Sign On

By now you’ve likely heard of Single Sign On (SSO). It’s not exactly new, and it’s currently used by just a few agencies, but it is the wave of the future as agencies move to more cloud-based apps. In fact, 6 U.S. Code § 1523(b)(1)(D), a provision of law governing federal cybersecurity regulations, states that agency heads must “implement a single sign-on trusted identity platform for individuals accessing each public website of the agency that requires user authentication.” This provision was created by GSA working with the Department of Homeland Security. (FedTech, May 24, 2019)

What exactly is SSO? SSO allows a user to sign in one time with one high-strength password and access all that specific user’s authorized applications. With SSO, a user need not memorize a different password for each and every application they access. SSO uses the Security Assertion Markup Language protocol that gives the user the ability to log on once for affiliated but separate websites. According to Tracy David, a cloud client executive at CDW, SSO uses “highly complex encrypted keys, which the end user has no access to view or change.” Ultimately, this makes for a much higher level of security for each agency. (ibid)

At this time, you must log in to each app with a different password. More often than not, passwords across applications are similar (if not the same) and easily remembered. This weakens the security level of the agency as stolen credentials account for roughly 80 percent of breaches. With SSO, you have one complex, single-sign-on password protected with multi-factor authentication.  (ibid)

Many agencies are still using on-premises SSO, which will be more difficult as apps move to the cloud. Insiders believe that the Defense Department’s forthcoming Joint Enterprise Defense Infrastructure cloud contract signals cloud adoption becoming the “norm” in government.

Questions about how this affects your current government contract, or how you might work with the government on SSO Technology? Give us a call at 301-913-5000.

 

 

 

Training to Go FAST!

GSA recently announced that it will be holding a Federal Acquisition Service Training (FAST) Conference in Atlanta April 12 – 16, 2020. This event will promote constructive dialogue and facilitate an environment where the government and industry can come together to be educated on GSA’s contracting programs. (Federal News Network, May 2019)

The FAST conference is expected to provide many hours of procurement training, as well as providing GSA, government agencies, and industry with an opportunity to share information on key program initiatives, acquisition policies, commercial capabilities, and commercial marketplace trends. It will provide a forum to bring together all of GSA’s agency customers and industry partners under one roof to collaborate, educate and network. (ibid)

Have questions about the FAST conference and whether you should attend? Give us a call at 301-913-5000, and we can discuss it with you.

Accelerating Money to Small Business

If the Accelerating Defense Innovation Act passes Congress, small businesses with more than 50 percent of venture capital funding will find it easier to obtain Small Business Innovation Research (SBIR) grant money from the Department of Defense (DoD). To date, legal hurdles have prevented DoD from utilizing these companies. (Fedscoop, May 21, 2019)

The SBIR, created in 1983, provides small businesses with grants to help them expedite product development, and offers follow-on funding and assistance to provide guidance meeting requirements during the government purchasing process. In 2003, courts ruled that companies owned (more than half) by venture capital firms were ineligible for SBIR grants. Then in 2011, a waiver was created by Congress for those small businesses that are majority-owned by venture investors. These waivers required congressional notification as well as Small Business Administration approval. (ibid)

Unfortunately, DoD has never used the waiver. Defense Contracting Officers continue to shy away from small businesses funded through venture capital. Rep. Mac Thornberry (R-Texas), the new legislation sponsor, cited a recent example of a small satellite technology startup that visited DoD’s Hacking 4 Defense program but did not receive an SBIR grant because of the majority capital investment in the firm, even though their technology is cutting edge. (ibid)

A new pilot program, on which the legislation is based, allows the Secretary of Defense and service acquisition executives for each arm of the military to make an SBIR award to a small business that is majority-owned by domestic venture investors. The bill will allow no more than 15 percent of DoD SBIR program funds to be awarded to these small businesses. Its end date of September 30, 2022. (ibid)

Aside from SBIR, small tech companies can look at other ways to work with the DoD. For instance, the Defense Innovation Unit currently handles commercial innovation pilot projects. Once testing is complete, any DoD branch may procure from a small business, generally within 90 days of the first contact with the company. (ibid)

Rep. Thornberry, the ranking Republican on the House Armed Services Committee, would like to include his legislation in the 2020 National Defense Authorization Act (NDAA).

EZGSA has information about this and other ways small businesses can obtain government contracting. Give us a call at 301-913-5000.