GSA, DOD seek data encryption under SmartBuy

OMB emphasizes data security guidance

The General Services Administration and the Defense Department issued a request for quotations last week for full-disk encryption or a file/folder encryption system under the government's SmartBuy enterprise software management program.

The impetus behind the SmartBuy deal is an Office of Management and Budget memo issued June 2006 requiring agencies to encrypt all data on mobile devices. Many agencies have yet to meet that and other requirements stated in the memo. A governmentwide blanket purchase agreement would give chief information officers and chief information security officers an easy way to identify and buy such software at a volume discount, according to the RFQ.

Released under GSA’s e-Buy program, the RFQ asks vendors on the GSA schedule to submit a price quotation for implementing, maintaining, integrating and training people to use encryption software for data at rest.

“This BPA will further decrease costs, reduce paperwork and save time by eliminating the need for repetitive, individual purchases from the schedule contract," the RFQ states. It also states that GSA and OMB intend to issue regulations that make the BPA a mandatory source for federal agencies.

Agencies could spend as much as $24 million under the BPA, according to the solicitation document.

The RFQ lists 103 requirements, of which 40 are critical. The encryption software’s cryptographic module must be validated under Federal Information Processing Standard 140-2. In addition, the software must work with the public-key infrastructure components of DOD’s Common Access Card and the Personal Identity Verification card required by Homeland Security Presidential Directive 12.

The software must be capable of automatically encrypting data that is transferred to removable storage media without user intervention or circumvention.

GSA and DOD are also seeking software that can run on 12 operating systems or platforms, including four versions of Microsoft Windows, Unix, Mac OS X, Palm, Red Hat Linux and Novell’s SUSE Linux.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.