Skip to content Skip to left sidebar Skip to right sidebar Skip to footer

Selling to the government

Keeping a Secret Secret

The Pentagon warns that cyber attacks and threats from foreign intelligence services on national security are very real, and they aim to increase protections for subcontractors from foreign hacking efforts so that sensitive information remains undistributed.  Part of the new standard reads, “a company’s level of security is accepted by all prime contractors, systems integrators, and the DoD.” Subcontractors should now be able to better explain their security controls to defense companies. (J.Lynch, Fifth Domain, December 2018)

Subcontractors are being held to new standards, and the Pentagon is serious about poor or lapsed cybersecurity measures. A Pentagon task force has been created to prevent defense secrets from outside hackers as well as a pilot program for the DoD to learn which companies are actually in their network.

In light of those warnings, the Aerospace Industry Association (AIA) has updated the national aerospace standard, which now consists of a list of 110 security controls broken down into “22 control families.” (J.Lynch, Fifth Domain, December 2018) These new AIA guidelines do not replace the National Institute of Standards and Technology standards, but work to compliment them. Updated AIA standards are built around successive levels of security, thus allowing for continual improvement of cyber defense capabilities.

Questions about your cyber security plan? Give us a call at (301) 913-5000, we are here to help!

GSA’s Guide to Non-Christmas Shopping

GSA is starting small with its commercially-operated online purchasing portals, with a pilot scheduled by the end of 2019.

Initially, only commercial products/services below the government’s micro-purchase limit will be offered. But the threshold of $10,000 differs from the $250,000 Congressional limit put into place at the time the e-commerce experiment was ordered, which allows GSA to sidestep policy requirements such as the Buy American Act and the Trade Agreements Act. We aren’t certain how these will apply to the new e-commerce portal, as purchases below the $10,000 threshold are already exempt from a wide variety of procurement laws. GSA wants the portals to show agency buyers the vendor’s business size and qualification as a preferred supplier in other categories. (J.Serbu, Federal News Network December 13, 2018)

There is a current gap between what the government procures through open market procurement  (often via a purchase card) and what the government knows it buys for commercial items. GSA intends that the centrally managed and monitored portal will assist the government in determining the products agencies are purchasing and introducing into the federal supply chain. (J.Serbu, Federal News Network December 13, 2018)

The draft terms and conditions seem to deviate substantially from the FAR, and are a little “gray,” so we need to wait and see how this turns out. (J.Serbu, Federal News Network December 13, 2018) We all know that our Ts and Cs are of the utmost importance to government auditors and regulatory compliance. Other important questions include:

  • why would agencies use the new e-commerce platform when they can get good commercial item prices via GSA Schedules and the Advantage portal?
  • will the new e-commerce portal actually save the Government money?

This nifty e-commerce pilot portal will help determine the answer to these questions. Do you have a question about the e-commerce portal or GSA Schedules? Give us a call at 301-913-5000: we are here to help.

 

 

Government Grinch

All government contractors should be aware of procedures in the event that our federal system shuts down at midnight tonight. GSA sent the following in an email earlier today:

In the event of a Government shutdown Friday night after 11:59pm, GSS acquisition will continue to process orders and will remain open during the Government Shutdown in the near term.

However, Government personnel responsible for receiving delivery or performing inspections at many agencies* may not be available during the period of the funding gap.  The Federal Government is closed Monday, December 24, and Tuesday, December 25th, regardless of whether there is a shutdown. Please review the contingency plans of government agencies posted here: https://www.whitehouse.gov/omb/information-for-agencies/agency-contingency-plans/

Since the status of agency personnel remains uncertain, we advise you to call ahead to confirm that government personnel are available to accept deliveries.  The Government will not be liable for any costs you may incur if you attempt delivery during the period of the funding gap (shutdown). If, after reviewing the affected agencies at the website above, you are still unsure of imminent delivery schedule success, please contact your customer agency for further instructions before attempting delivery during this timeframe.

*Agencies impacted in a potential shutdown include the Departments of Homeland Security, Agriculture, Interior, Treasury, State, Housing and Urban Development, Transportation, Commerce, and Justice.

Agencies where funding for FY19 has already been passed, and therefore not affected by a shutdown, include the Departments of Defense, Labor, Energy, Health and Human Services, Education, Veterans Affairs and the legislative branch.

If you’re worried about something in particular, give us a call at 301-913-5000. We will be working sporadically next week, but are always available for your emergencies.

New Year Will Bring DEOS, an $8 Billion Contract

DoD and GSA are finishing up the Defense Enterprise Office Solution (DEOS) RFQ, expected in February. Contract award for the $8 billion cloud contract is expected in April. DEOS will replace the Defense Enterprise Email Service run by DISA and used mainly by the Army.

Hassan Harris, DEOS contracting officer, said the final acquisition strategy has yet to be determined. Once it is, everything will move quickly.

Under DEOS, DoD plans to consolidate and upgrade all of its desktop and collaboration services into the commercial cloud. DISA recently partnered with GSA to move DEOS from a standalone contract to one that may come under Schedule 70. (It remains unclear whether DEOS will be a single or multiple awards.)

Margie Graves, federal deputy CIO, said OMB is encouraging agencies to develop an IT modernization roadmap for back-office, command-and-control, and mission space capabilities. She believes a demand signal and clear message is being sent to industry regarding DoD’s, GSA’s and OMB’s commitment to maximizing buying power for all of the federal government and ensures that the government and DoD receive the best market offerings at the best price. She also noted DoD’s experiences with DEOS will give civilian agencies the ability to adopt cloud email and collaboration tools more quickly.

GSA and DoD continue to ask for industry feedback and comments on the best way to approach DEOS. DoD expects a phased implementation with approximately 200,000 users initially, on an unclassified network.

Want to talk about DEOS? Give us a call at 301-913-5000.

 

 

 

 

 

 

One and Done! – Highly Adaptive Cybersecurity Services (HACS) update to Schedule 70

The field of cybersecurity has grown substantially since the initial launching of the four HACS in 2016. This growth has led GSA to restructure the original HACS SINS 132-45 (A-D) into a single HACS SIN, 132-45, with subcategories of cybersecurity services.

Federal agencies use large complex network and data systems to maintain and manage many forms of data and information, including High Value Assets that hold sensitive information critical to national and economic security. As a result, the proposed restructure will include the following full set of HACS SIN services:

• High-Value Asset Assessments

• Risk and Vulnerability Assessment (RVA)

• Incident Response

• Penetration Testing

• Cyber Hunt

The four current HACS SINs will be deleted from the solicitation and added as subcategories under the new HACS SIN 132-45.

Please feel free to give us a call at 301-913-5000 if you’d like to discuss your cybersecurity solutions for GSA Schedule 70.