GSA, DOD seek data encryption under SmartBuy

OMB emphasizes data security guidance

The General Services Administration and the Defense Department issued a request for quotations last week for full-disk encryption or a file/folder encryption system under the government's SmartBuy enterprise software management program.

The impetus behind the SmartBuy deal is an Office of Management and Budget memo issued June 2006 requiring agencies to encrypt all data on mobile devices. Many agencies have yet to meet that and other requirements stated in the memo. A governmentwide blanket purchase agreement would give chief information officers and chief information security officers an easy way to identify and buy such software at a volume discount, according to the RFQ.

Released under GSA’s e-Buy program, the RFQ asks vendors on the GSA schedule to submit a price quotation for implementing, maintaining, integrating and training people to use encryption software for data at rest.

“This BPA will further decrease costs, reduce paperwork and save time by eliminating the need for repetitive, individual purchases from the schedule contract," the RFQ states. It also states that GSA and OMB intend to issue regulations that make the BPA a mandatory source for federal agencies.

Agencies could spend as much as $24 million under the BPA, according to the solicitation document.

The RFQ lists 103 requirements, of which 40 are critical. The encryption software’s cryptographic module must be validated under Federal Information Processing Standard 140-2. In addition, the software must work with the public-key infrastructure components of DOD’s Common Access Card and the Personal Identity Verification card required by Homeland Security Presidential Directive 12.

The software must be capable of automatically encrypting data that is transferred to removable storage media without user intervention or circumvention.

GSA and DOD are also seeking software that can run on 12 operating systems or platforms, including four versions of Microsoft Windows, Unix, Mac OS X, Palm, Red Hat Linux and Novell’s SUSE Linux.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected