Report: NASA makes a strong statement in contract dispute

Shutterstock image: charting data.

In an unusual move, NASA has let the authority to operate for a contractor-run IT network expire. The move appears to be the agency's way of airing its longtime dissatisfaction with the way Hewlett Packard Enterprise is managing the network or perhaps a bold move in a high-stakes game of chicken.

Federal News Radio first reported the story on Aug. 22.

In 2010, NASA awarded HPE a 10-year contract worth as much as $2.5 billion. The four-year deal was followed by two three-year options. Despite NASA's decision to pick up the first option, the two entities have had a rocky relationship since the contract was awarded, including a scathing 2014 inspector general report that cited significant problems and found fault with both sides.

Former NASA CIO Linda Cureton told FCW that the act of letting an authority to operate (ATO) expire is not unprecedented, but it indicates that "the kind of progress the agency wants hasn't been made."

And doing so for an agencywide contract that supports desktops, laptops and other employee devices raises the stakes even higher and sends a firm, public message of dissatisfaction.

"Clearly people are trying to make statements here," said David Wennergren, executive vice president for operations and technology at the Professional Services Council. "When you let an ATO expire, you're making something very visible."

"What's unusual about this story is the way [it] happened," he added. "There are a number of ways this could have been addressed, and NASA has chosen a very public way."

Mike Hettinger, a technology policy expert who worked on Capitol Hill for 10 years, said NASA's decision is also a big deal because of the high price tag attached to NASA's IT and the repeated criticisms of it.

NASA and HPE declined to comment to FCW.

Concerns about the agency's aging IT and subordinate focus on cybersecurity are nothing new. They have been cited in congressional inquiries, alleged hacks and critical IG reports.

NASA received the only failing grade on the second Federal IT Acquisition Reform Act score card, and in response, CIO Renee Wynn, who took over in September 2015, pledged to improve the agency's lackluster IT security. To that end, NASA hired a full-time chief information security officer in July.

Cureton said the move to let the ATO expire could be an indication from Wynn that "delays will not be tolerated anymore."

"The advantage of letting it expire is that it forces...HPE to make some corrections," Cureton added.

According to Federal News Radio, NASA extended an interim ATO to the company. That conditional extension could be "an indication that NASA is trying to make this [partnership] work" while applying public pressure, Hettinger said.

But whether HPE can prove its worth during the 180-day extension depends on how far behind the company is in patching agency systems and the nature of the working relationship between the two entities, Cureton said.

The move is not without risks. Lacking a secure ATO is a last-resort strategy that muddies the future cybersecurity posture of the agency and "will weaken the CIO's position of consolidating all the disparate desktop environments," Cureton said.

"Best practices are that you don't ever want to have your ATOs expire," Wennergren said. "If you know that you need another one, you work with the company to get another one in place. If you run up to the end of the period and you don't have one in place...that says to me there are unresolved issues."

Cureton echoed that sentiment but said only time will tell if the move will lead to improvements -- with or without HPE.

"If the ATO expired today, they're no worse off than they were yesterday," she said. "But looking forward, are things getting worse? The [question] would be how long has it been this way and is the length of time making NASA more vulnerable or just neutral."

Hettinger said it was unclear whether the unusual business practice would trigger a congressional inquiry but added that, based on his experience, "it's certainly worth a hearing."

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.