Author: lhale

Posted on

Federal mDL Industry Day: Collaboration and Momentum Toward Secure Digital Identity

On July 14, GSA welcomed nearly 1,500 attendees—including representatives from federal agencies, state governments, industry partners, and international organizations — for the first-ever Federal Mobile Driver’s License (mDL) Industry Day. This hybrid event, held in person at the Department of the Interior Headquarters in Washington, D.C., and streamed online, was hosted in collaboration with the Department of Homeland Security Transportation Security Administration (DHS TSA), the DHS Security Science and Technology Directorate (DHS S&T), and the National Institute of Standards and Technology (NIST). The day marked a major milestone in the federal government’s exploration of secure, privacy-preserving digital identity solutions.

mDLs: More Than Just a Digital License

Throughout the day, panelists and presenters emphasized that mDLs are not just digital replicas of plastic IDs. Instead, they are privacy-preserving, standards-based digital credentials that offer individuals greater control over their personal information, while enhancing identity assurance for government agencies and service providers.

With over 14 states actively issuing mDLs, the technology is moving beyond pilot projects and into real-world implementations. We heard firsthand from the state Department of Motor Vehicles (DMV) leaders at the forefront of this shift, as they shared lessons learned, technical strategies, and user-centric design approaches that are shaping the digital identity ecosystem nationwide.

Insights from Across the Ecosystem

The agenda featured perspectives from state DMVs, federal agencies, standards bodies, and international implementations, highlighting the momentum building across sectors. Panelists shared lessons from real-world deployments; challenges around interoperability and user experience; and the importance of designing for privacy, accessibility, and security from the start.

Demonstrations and Use Cases

In-person attendees experienced live demonstrations of mDL technology across multiple use cases, reinforcing the importance of interoperability testing environments to support scalable, real-world adoption. These demos illustrated how mDLs can help federal agencies deliver services more efficiently, securely, and transparently.

Speakers also emphasized that successful adoption will require cross-functional collaboration across IT, acquisition, privacy, cybersecurity, and service delivery teams.

A Call for Collaboration

GSA announced its participation in a business use case testing initiative led by NIST’s National Cybersecurity Center of Excellence (NCCoE)—a key step to developing standards to ensure mDLs function seamlessly across state and federal systems before wide-scale deployment. This collaborative project is focused on advancing the adoption of privacy-preserving digital credentials by developing and demonstrating practical use cases for mDLs.

The key takeaway: mDLs are here — and growing fast. But unlocking their full potential will require sustained collaboration between federal agencies, state governments, standards bodies, and solution providers.

We’re proud to help lead this effort — and we’re just getting started. Stay tuned as we continue supporting digital identity innovation across the federal enterprise.

Follow ITC on LinkedIn and subscribe for blog updates.

Posted on

Looking Beyond EIS: Help GSA Define the Future of Federal Telecommunications

Telecommunications services make up an agency’s critical network infrastructure and enable federal agencies to effectively execute their missions. Congress, through Section 5124(b) of the Clinger-Cohen Act, specifically directed GSA to manage and coordinate federal telecommunications acquisitions. This mandate ensures agencies can access mission-critical communication services with cutting-edge network technologies at discounted prices through specialized contract vehicles. 

Telecommunications and network services require specialized acquisition approaches that include comprehensive performance guarantees, integrated service delivery, robust security compliance, and complex infrastructure considerations that standard commercial IT contracts cannot adequately address. GSA provides centralized, cost-effective procurement vehicles for acquiring advanced communication services, supporting everything from secure voice communications to complex, multi-site data networks and cloud integrations, collectively called Enterprise Infrastructure Solutions.

Sharing Our Research

Federal networks are becoming more virtual, flexible, and connected to the cloud. They are built on innovations like software-defined networking, zero-trust security, mobile workforce strategies, 5G/6G, satellite communications and artificial intelligence. These improvements are really changing how government agencies provide services and carry out their missions.

At the same time, the telecommunications market is also evolving fast. Many of the capabilities that used to be seen as specialized or only for the government are now available commercially, ready to buy, or through companies that use adaptable, standards-based approaches. GSA is dedicated to using these commercial options when it makes sense, following Executive Order 14217 on ensuring cost-effective procurement. We believe that working closely and competitively with private companies leads to new ideas, lower costs, and better results.

Planning for a Potential EIS Successor

With Enterprise Infrastructure Solutions scheduled to sunset in 2032, GSA is conducting broad market research to understand agencies’ needs, how industry is changing and what the next generation of network infrastructure acquisition should offer. We’re asking agencies fundamental questions like:

  • What are your future telecommunications and networking needs? 
  • What products and services will you likely be buying in the future and how are they different from what you bought in the past?
  • What challenges do you face in acquisition, security, and integration?
  • Can telecommunications services and equipment individually or in combination satisfy the government’s enterprise needs?
  • Where are customized solutions still necessary due to mission-specific constraints?
  • How can the federal acquisition community minimize reliance on custom builds while preserving service quality and security?
  • What improvements in vendor engagement, transition planning, and pricing transparency are needed?

Functionally, we’re examining whether a future contract would need to include:

  • Seamless integration between cloud, WAN, and LAN services
  • Support for scalable, available edge, cellular and satellite technologies
  • Embedded cybersecurity in line with Zero Trust and TIC 3.0
  • Simplified acquisition and ordering structures to reduce agency burden

This market research is exploratory. It is not a commitment to a new contract, but a strategic effort to optimize federal telecommunications procurement.

Reach out to us: EISfollowon@gsa.gov

If you work in telecommunications, network services, or IT acquisition in your agency, or you run programs with high or specific data requirements, we want to hear from you. The GSA team can be reached at EISfollowon@gsa.gov.

Posted on

GSA and Post-Quantum Cryptography: Enabling a Secure Federal Future

Introduction: Supporting Agencies in the Quantum Transition

The General Services Administration (GSA) is committed to helping agencies securely navigate the shift to post-quantum cryptography (PQC). With quantum computing advancing rapidly, the threat to traditional encryption methods is no longer theoretical. Agencies must begin preparing now to safeguard sensitive data against future quantum-enabled decryption capabilities.

GSA supports this effort by offering trusted, compliant acquisition pathways and technical guidance. Our IT contract portfolio includes proven solutions that agencies can use to inventory, assess, and modernize their cryptographic systems. This approach supports federal mandates such as the Quantum Computing Cybersecurity Preparedness Act, Executive Orders 14028 and 13800, and OMB Memorandum M-23-02.

Join Us: PQC Transition Webinar on June 11

On June 11, 2025, from 1–2 p.m. EST, GSA will host a free, virtual webinar titled “Post-Quantum Cryptography Transition: Getting Started with Inventory and Assessment.” This session is designed to help agencies begin their quantum readiness journey. Technical experts will explore cryptoagility and compliance standards, while GSA acquisition professionals will walk through how to leverage specific contract options for your agency’s needs. Attendees will earn one Continuous Learning Point. To register, visit gsa.gov/events.

Where GSA Fits In

GSA provides a range of acquisition vehicles that support PQC planning and implementation. Through the Multiple Award Schedule – IT Category, agencies can access pre-vetted vendors for cryptographic solutions and modernization support. The Highly Adaptive Cybersecurity Services (HACS) SIN connects agencies with qualified cybersecurity experts. The Managed Security Service (MSS) offering in the Enterprise Infrastructure Solutions (EIS) contract is a comprehensive service designed to safeguard an agency’s IT assets offering a range of capabilities, including inventory of critical systems and data, assessment of the current system environment, development of transition and maintenance plans, and implementation and maintenance of PQC.

Agencies also benefit from our Governmentwide Acquisition Contracts, such as Alliant 2 and 8(a) STARS III, which support secure software development, risk mitigation, and integration of quantum-safe technologies. For market research and procurement planning, GSA’s Market Research as a Service (MRAS) provides rapid access to vendor capabilities and comparative insights.

Getting Started with Inventory and Assessment

The most important first step in the PQC transition is understanding your current cryptographic footprint. Agencies should begin by conducting a full inventory of systems using vulnerable encryption algorithms. This includes identifying where encryption is used, the types of cryptographic protocols in play, and the sensitivity of the protected data.

GSA’s contracts can support this work by providing access to technical specialists, tools, and managed services. Our goal is to ensure agencies can move from assessment to action quickly and with confidence.

Preparing for the Future

As we look ahead, GSA is focused on enabling secure, scalable, and standards-aligned solutions. We’re actively engaging industry and government partners to encourage the growth of the post-quantum cryptography marketplace and ensure our offerings evolve to meet agency needs.

PQC readiness isn’t just a compliance task—it’s a national security imperative. With the right support and acquisition strategy, agencies can take meaningful steps now to prepare for the quantum future.

Take Action Today

GSA is your partner in building a resilient, quantum-ready federal enterprise. To learn more, register to attend our June 11 PQC webinar.  For assistance with your agency’s IT acquisition strategy, contact GSA’s IT Customer Service Center at itcsc@gsa.gov or 855-482-4348.