GSA planning government-wide cloud BPA: What you need to know

By Adam Hyman, Director, Government Programs

Over the past couple years, immixGroup has tracked discussion about the General Services Administration putting together yet a new acquisition vehicle — this time around for cloud solutions. That initial chatter may now become reality.

In 2019, GSA released an RFI seeking industry input on providing cloud products and services in creative solution bundles, to better help customers with their business/technology needs and to save the government money.

This past October, GSA released another RFI related to cloud, making its intent clearer: GSA intends to establish a government-wide, Multiple Award Blanket Purchase Agreement using the following Special Item Numbers (SINs):

Read more of this post

CMMC 2.0 streamlines requirements for contractors

By Hollie Kapos, Corporate Counsel

In September 2020, DoD published an interim rule to implement CMMC, which became effective November 30, 2020. The DoD received over 850 public comments in response, citing concerns with cost, trust in the assessment ecosystem, and alignment to other federal requirements.

Accordingly, it began an internal assessment of CMMC policy and implementation and, as a result, DoD has just announced CMMC 2.0, which makes several substantial changes from the original model.

Levels streamlined in CMMC 2.0

Levels 2 and 4 have been removed, so there are now only three instead of five levels of compliance as follows:

  • CMMC Level 1, Foundational – Requires implementation of the 17 controls from NIST SP 800-171 enumerated in FAR 52.204-21 and submission of an annual self-assessment to the DoD through the Supplier Performance Risk System (SPRS).  
  • CMMC Level 2, Advanced – Requires implementation of the 110 controls in NIST SP 800-171 and submission of an annual self-assessment or, if required to handle “critical national security information” (currently undefined), a triennial independent assessment performed by a CMMC Third Party Assessment Organization (C3PAO). 
  • CMMC Level 3, Expert – Requires implementation of the 110 controls in NIST SP 800-171 and a subset of controls from NIST SP 800-172 and a triennial government-led assessment. Requirements for level 3 are still being developed.
Read more of this post

Vaccine requirements for federal contractors: The latest Task Force guidance basics

By Jeff Ellinport, Division Counsel

As anticipated in my last blog, on September 24, 2021, the White House’s Safer Federal Workforce Task Force issued its expected guidance implementing the vaccination requirements for federal prime contractors and subcontractors. This action was pursuant to Executive Order 14042 (Ensuring Adequate COVID Safety Protocols for Federal Contractors) that President Biden issued on September 9.

While the guidance directly answered some questions posed in my last blog, it also created others. Here are the basics.

Requirements

The guidance sets out three main requirements:

  1. COVID-19 vaccination of covered contractor employees, except in limited circumstances where an employee is legally entitled to an accommodation
  2. Compliance by individuals, including covered contractor employees and visitors, with the guidance related to masking and physical distancing while in covered contractor workplaces
  3. Designation by covered contractors of a person or persons to coordinate COVID-19 workplace safety efforts at covered contractor workplaces
Read more of this post

CDM Notes: EO 14028 deadline is looming. Is your company ready to help?

By Amanda Mull, Contract Specialist

Cybersecurity specialists in the federal government are probably feeling the pinch right about now. By October 9, agencies will need to report on their current software systems as part of Executive Order 14028 on Improving the Nation’s Cybersecurity. If you are a vendor of cybersecurity products, you’d be well advised to make sure your business is appropriately listed – sooner, not later.

Following completion of their EO/OMB reports, agencies are to identify areas at high risk for cyberattacks – such as data theft, ransomware, and disturbances or exploitation of email or other communications.  By Identifying these vulnerabilities and whether agencies may be dependent on specific software or system providers, the federal government hopes to gain greater insight into problem areas.

Read more of this post

Vaccine requirements for federal contractors: What we know today

By Jeff Ellinport, Division Counsel

In the next 10 days, expect specific guidance on how federal contractors will need to respond to the COVID vaccine mandate from the Biden administration.

On September 9, 2021, President Biden issued an Executive Order “Ensuring Adequate COVID Safety Protocols for Federal Contractors” (the “EO”). This order will require many federal contractors to have their employees either fully vaccinated or subject to regular COVID-19 testing.

Here is what we know 

The EO leaves some of the details regarding the requirements for federal contractors to others. Specifically, the Department of Labor’s Occupational Safety and Health Administration (OSHA) is to issue an Emergency Temporary Standard (ETS) in a few weeks, and the recently created Safer Federal Workforce Task Force (the “Task Force”) is to issue specific federal contractor guidance by September 24.

Read more of this post

NASCIO Conference to address SLED technology and spending, and honors immixGroup with Longevity Award

By Chauncey Kehoe, SLED Contracts Manager

Each year, The National Association of State Chief Information Officers (NASCIO) selects a recipient of its five-year Corporate Membership Longevity Award. At this year’s meeting, which will be held in Seattle, Wash. from October 10-13, that award will be proudly accepted by immixGroup, Inc.

The Corporate Membership Longevity Award is a significant accomplishment for companies in the state, local and education (SLED) market, because of NASCIO’s respected standing in the industry.

NASCIO’s mission is to foster government excellence through leadership of quality business practices, information management and technology. Through NASCIO’s members-only community, immixGroup has had the opportunity to participate in discussion forums, collaborate with government and industry leaders and take away lessons learned from NASCIO events.

The most valuable benefit we have gained through our NASCIO membership is the ability to understand SLED technology needs and spending trends through committees and working groups. These groups usually consist of SLED chief information officers and industry leaders. The topics range from IT trends to post pandemic life. As participants, we are able to relay this information back to our suppliers and resellers to better prepare them for selling into the SLED space.

Read more of this post

Make it easier for your Army customers: How the ITES-SW2 helps you sell into this market

By Tara Franzonello, GSA Programs Consultant

Are you selling or planning to sell to the Army? Then you need to add your company and its products to the Information Technology Enterprise Solutions – Software 2 contract.

Nearly 3% of DoD IT contract spending in FY 2020 flowed through an ITES contract – that’s $1.64 billion. The Army believes that number will increase over the next couple of years.  

The ITES-SW2 contract is part of the Army’s Computer Hardware, Enterprise Software and Solutions (CHESS) program. It is a mandatory source for commercial IT hardware and software purchases. Here’s how the two connect:

The CHESS program’s mission is to be the primary source to “support the Warfighter’s Information Dominance Objectives” by developing, implementing and managing commercial IT contracts that provide “enterprise-wide net-centric hardware, software and supporting services to the Army.” 

CHESS contracts provide IT products and services that comply with U.S. Army Network Enterprise Technology Command, Army and DoD policy and standards. Army commercial hardware and software buyers must use CHESS contracts first, no matter the dollar value.

Read more of this post

The Future of the GSA CDM SIN: What it means to you

By Gina Brown, Federal Contracts Manager

In August 2018, the CDM program underwent a procurement transition that vendors should keep in mind. Combined with a proposed elimination of the GSA CDM special item number (SIN), the changes could streamline certain aspects of the way in which products are catalogued.

Initially, blanket purchase agreements (BPAs) were awarded to 17 primes. This then switched to a two-pronged acquisition strategy, in which four GSA Alliant prime contractors were awarded six Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) task orders.

These prime system integrators would purchase cybersecurity tools according to the DHS approved product list (APL), to strengthen the security posture of civilian agency customers.

Read more of this post

CDM: Cloud Hardening and Zero Trust Environments

By Amanda Mull, Contract Specialist

Critical cybersecurity goals for most federal agencies are focused on Zero Trust for a more mobile workforce, cloud-based products, and active threat detection plus dynamic response. Purchase of tools alone, however, cannot provide successful operational cybersecurity. Ongoing budgeting must address a holistic approach, including flexible policies and procedures, to adjust to new threats and changing work landscapes – along with a critical investment in cyber workforce training.

It is becoming more important for federal agencies to partner with companies that can help achieve their foundational cybersecurity goals. Partners and agencies alike must be committed to constant review and adjustment to systems and operations, to ensure that they maintain the highest levels of cybersecurity.

CDM program funds directly support agencies striving to harden their cloud cybersecurity against threats. The program becomes even more important as new threats emerge and agencies are forced to scramble to protect themselves and the public trust. 

Read more of this post

Building your state contracting toolbox through OMNIA Partners, Public Sector

By Chauncey Kehoe, SLED Contracts Manager

State, local and education agencies have many paths to procurement and numerous contract vehicles to choose from. Some contracts, however, do not allow for reseller participation or post award modifications to add new product lines; they leave the customer with no way to purchase the technology they need from the vendor they want.

The solution is for resellers and manufacturers to build out a contracts toolbox for when these situations arise. Your toolbox should include a variety of mandatory statewide and cooperative contracts for you to suggest to your customers. This multi-part series will introduce you to a few key statewide contracts and cooperatives for your toolbox.

To start, we will explore OMNIA Partners, Public Sector, who I featured in a recent webinar. OMNIA Partners, Public Sector is one of the largest and most experienced cooperative purchasing organizations dedicated to public sector procurement.

immixGroup is fortunate to have an award for Software Solutions and Services under the OMNIA Partners’ portfolio. Why should this cooperative be in your toolbox? Let’s dive into the benefits of the Software Solutions and Services contract:

Read more of this post
%d bloggers like this: