The Department of Defense and the General Services Administration (GSA) announced today that collaborative efforts to provide federal, state and local agencies with the latest Data-At-Rest (DAR) encryption technology at reduced prices have yielded approximately $58 million in savings through avoided costs to the government.
DAR encryption products protect sensitive unclassified data on mobile computing devices and removable storage media.
The Data At Rest Tiger Team (DARTT), a multi-agency task force in partnership with the DoD Enterprise Software Initiative (DoD ESI) and GSA SmartBUY, analyzed sales reports from July through December 2007 to evaluate DAR encryption products purchased by state, local and federal government agencies from qualified vendors using DoD/GSA-sponsored blanket purchase agreements (BPAs). DARTT’s analysis showed that, cumulatively, the BPAs enabled these government organizations to purchase $73 million in DAR encryption products for only $15 million.
As part of an initiative that began in June 2007, the DARTT employed a highly collaborative acquisition process using Federal Acquisition Regulation Part 8, “Required Sources of Supplies and Services”, to competitively award multiple BPAs for use by federal, state, local and tribal governments and NATO. The team was able to achieve a consensus on stringent technical requirements and received support from the U.S. Air Force’s 754th Electronic Systems Group at Gunter Air Force Base, Ala., the acquisition arm of DoD ESI. The DARTT enables the acquisition of information assurance and computer network defense technologies at deep discounts by leveraging the purchasing power of the federal government.
“This is an innovative and exciting process,” said David Wennergren, DoD deputy chief information officer. “I am extremely pleased that this historic effort is already showing results that far exceed our initial expectations."
Robert Lentz, deputy assistant secretary of defense for information and identity assurance, underscored the significance and impact of this achievement. “The American public and government employees expect us to do all we can to protect personally identifiable information (PII) data on laptops and removable media,” he said. “The success of the DARTT represents an important step toward achieving this critical requirement and ensuring that PII is protected at all levels of the government. This acquisition is also a key part of our information assurance transformation strategy to strive for enterprise solutions across government.”
Government agencies that have taken advantage of government-wide BPAs to purchase DAR products include the Internal Revenue Service, Department of Commerce, Defense Logistics Agency, Department of Energy, Department of Agriculture, Transportation Security Agency, U.S. Army, government contractors, and a multi-state consortium led by the State of New York CISO. Through the GSA Cooperative Purchasing Program, numerous state and local government agencies from Ohio, Washington, Georgia, South Carolina, Michigan, Florida, and Connecticut have purchased products from the BPAs—a first in government, according to GSA.
“Protecting data-at-rest has become increasingly critical in today’s information technology (IT) environment of highly mobile data and decreasing device size,” said John Johnson, assistant commissioner for integrated technology services in the Federal Acquisition Service of GSA. “Personal identity information or sensitive government information stored on devices such as laptops, thumb drives and PDAs is often unaccounted for and unprotected, and that can pose a problem if these devices are compromised.”
“The DARTT process is a powerful tool to attain interagency consensus in achieving OMB-directed security goals,” Johnson stated. “GSA SmartBUY is moving forward to establish competitively awarded BPAs for compliance with the federal desktop core configuration and security content automation protocol that will bring significant value to the government at large.”