Author: Bill Zielinski

Posted on

GSA’s Software License Management Service: Unearthing Savings at Zero Cost to Agencies

Federal CIOs face the challenging task of funding IT modernization.  In fact, over 78 percent of federal IT spending is dedicated to legacy systems (i.e., Operations and Maintenance (O&M)) and used for maintaining existing physical IT investments.

One untapped source of funds CIOs should evaluate for savings potential is software licensing.

As the largest buyer of commercial-off-the-shelf (COTS) software in the world, the federal government spends more than $9 billion annually through more than 50,000 transactions. However, as much as 30 percent of that spend is unnecessary. It occurs simply because of inefficient, decentralized software license management (SLM) and leads to uncoordinated buying practices.

In addition to needing to modernize, federal CIOs are juggling equally important priorities like identifying and securing against cybersecurity threats, increasing in both their number and sophistication.

Federal networks are an attractive target for cyber criminals able to expose vulnerabilities from unauthorized and unmanaged software.

It’s more important than ever for CIOs to:

  • Understand their software license inventories
  • Optimize software license deployments by identifying and eliminating licenses that are unused or underused
  • Defend against software license compliance audits
  • Identify vulnerabilities caused by non-managed, unauthorized, and unlicensed software

In addition to focusing attention on SLM and cybersecurity, federal CIOs have unique compliance mandates that differ from the commercial sector:

  • Office of Management and Budget (OMB) M-16-12,
  • the Federal Information Technology Acquisition Reform Act (FITARA),
  • the Continuous Diagnostics and Mitigation (CDM) Program,
  • Making Electronic Government Accountable By Yielding Tangible Efficiencies Act of 2016 (MEGABYTE),
  • Technology Business Management (TBM) and
  • OMB’s Cloud Smart Strategy.

Specifically, agencies are now required to:

  • Establish and automate management controls for IT investments
  • Provide transparency on IT resources across agencies
  • Develop a comprehensive software licensing policy
  • Track spend, inventories, and cost savings on software
  • Identify unused licenses and avoid duplication

GSA Can Help

In April 2016, GSA developed a comprehensive Software License Management Service (SLMS) offering for federal agencies. SLMS is built upon the efficient and effective use of current and emerging Information Technology Asset Management (ITAM) models, and aims to help federal agencies adopt robust IT asset management programs.

Typically with government customers, SLMS begins by assessing the current state of agency Software License Management (SLM) programs.

SLMS delivers a roadmap for achieving a desired future state based on assessment findings, industry best practices, and agency objectives.

SLM Fast is designed to provide low-impact and quick-start SLMS, giving agency CIOs, CFOs, and acquisition and procurement offices rapid access to the guidance needed to

  • better control software asset inventories,
  • improve compliance with mandates,
  • defend against software audits, and
  • optimize unused software, or eliminate applications from networks that have exceeded their end-of-life support date.

Key features of the GSA’s new SLM Fast service include:

  • SLM Fast engagements are no cost to the agency
  • Simple to execute via an Memorandum of Understanding (engagement letter) (MOU) and pre-engagement package with prerequisites
  • 8-week (40 business-day) engagement with key agency checkpoints and milestones
  • The 5 “Cs” of SLM Fast: Cloud, Cybersecurity, Compliance, Cost Savings and Complete OMB Analysis of Alternatives (AoAs) for selected Original Equipment Manufacturers (OEMs)

SLM Fast does this using a data-focused approach, providing agencies with the following:

  • Inventory Analysis: Combines discovery, contract, and entitlement data to develop license position(s) based on live inventory data
  • Business Case: Demonstrates real savings and ROI that is rapidly attainable through enabling and/or reducing shelfware
  • Custom Dashboard: Provides stakeholders relevant business intelligence dashboards to helping strategic investment planning and cost-reduction efforts (e.g., migration to cloud, data center consolidation)
  • Implementation Roadmap: Establishes a detailed plan for successfully implementing a self-sustaining IT asset management program management office at each customer agency
  • SLM Maturation: Establishes a centrally hosted license repository to provide cross-agency knowledge transfer and make it easier to coordinate buying based on common requirements.

The SLM Fast service capitalizes on the federal government’s immense purchasing power and GSA’s unique position to coordinate software license procurement and management efforts across agencies.

Ultimately, the work we do at GSA is about service. Our team must understand both our customers’ needs and the challenges they face meeting them.

To that end, we are taking the next step to answer our customers’ challenges by introducing the new SLM Fast service. It’s fast (requiring minimal federal agency resources), it’s effective, and it’s no cost to qualifying agencies.

If you’re interested in learning more, or scheduling an individual briefing from our team, visit our SLMS page or email us at slms@gsa.gov.

Posted on

GSA Replaces Expiring FSSI Wireless BPAs with Newly Enhanced Wireless SIN

It is now even easier to purchase wireless services through Schedule 70.

The newly enhanced FSSI Wireless program is now available to replace the FSSI Wireless BPAs, which expired in November 2018. Due to the success of the original FSSI Wireless program, we’re continuing to offer this solution to our customers. It’s the same FSSI Wireless program you knew and loved, just better!

In this new FSSI Wireless program, agencies will be able to purchase mobility services directly from Schedule 70 using a newly developed RFQ Generator tool on the Mobile Services Category Team (MSCT) page in the Acquisition Gateway. The intuitive web-based tool supports customer ease of ordering against the schedule. The RFQ Generator tool helps users input voice and data requirements into a downloadable RFQ template for schedule vendors. 

The project is part of GSA’s continued work as a contributing member of the Office of Management and Budget’s (OMB) MSCT. The MSCT is a cross-government group that fosters effective collaboration and advancements among government IT acquisition professionals.  

11 Service Categories

  • Wireless Carrier Services
  • Other Mobility End-Point Infrastructure – Mobility infrastructure
  • Mobility-as-a-Service (MaaS)
  • Enterprise Mobility Management (EMM)
  • Mobile Backend-as-a-Service (MBaaS)
  • Telecom Expense Management (TEM)
  • Mobile Application Vetting
  • Mobile Threat Protection (MTP)
  • Mobile Identity Management
  • Internet of Things (IoT) and
  • Other/Mobile Services

Features and Benefits

The purpose and benefits of updating SIN 132-53, Wireless Mobility Solutions are:

  • Address the federal government’s growing need for advanced mobile solutions to include security, mobility management, application development, application vetting, and integrated services.
  • Enhance IT Schedule 70 offerings under SIN 132-53 for increased convenience and rapid access to commercially available wireless and advanced mobility solutions.
  • Provide industry partners the opportunity to differentiate their mobility solutions from other IT-related offerings.
  • Meet the needs of government agencies to make strategic decisions and bring the full value and benefits of mobility category management to government.
  • Organize and categorize mobility solutions in a manner that simplifies and standardizes the acquisition of these solutions that lowers the total cost of ownership for agency customers.

GSA’s Mobility Team continues its work to increase savings in the mobile space through the Federal Strategic Sourcing Initiative (FSSI). GSA customers saved on average up to 30% in 2017 through FSSI Wireless. To replace the BPAs, GSA’s Mobility Team worked with the MSCT to develop a Request for Quote (RFQ) generator that agencies can use to procure wireless services in a flexible, simple way.

The MSCT looks to give agencies the tools they need to implement cellular service plans and devices more effectively and efficiently through:

  • Unified acquisition: Consolidates the number and variety of dispersed wireless contracts to reduce life-cycle management costs and drive better volume discounts.
  • Improved information management: Simplifies service plan management and enables centralized access to standardized usage data to easily identify opportunities for cost savings.
  • Center of excellence: Uses best practices and collaboration across agencies and the entire community of stakeholders to optimize performance and increase value.

We couldn’t be more proud of the work our GSA Mobility Team is doing with the MSCT. This collaboration really sets the bar for cross-agency/industry engagement and will make a real difference in the day-to-day mobile operations of government.

To learn more, please visit the Wireless Mobility Solutions (132-53) page on GSA.gov.

Posted on

Expanding IT Schedule 70’s Cloud SIN to Make it Easier for Customers & Contractors

The 2018 Federal Cloud Computing Strategy — Cloud Smart — is a long-term, high-level strategy to drive cloud adoption in federal agencies. This cloud policy is designed to offer a path forward for agencies to migrate to a safe and secure cloud-based infrastructure. This new strategy will help federal agencies achieve additional cost savings, increase security, and facilitate faster delivery of cloud services.

GSA is a key stakeholder in the Cloud Smart strategy. We’re helping federal agencies modernize the government’s IT infrastructure by using our expertise in technology and acquisition. As part of that mission, we’re listening to industry partners and our customer agencies and constantly revisiting our acquisition solutions. We’re looking to ensure they’re working to facilitate the government’s success and that they make it easier for agencies and industry.

When it comes to cloud, we are dedicated to providing acquisition tools and solutions that help the government make meaningful strides in cloud adoption to support their mission-critical activities and meet the goals laid out in the Cloud Smart strategy.

When You Think Cloud, Think GSA

Adopting cloud and modernizing IT infrastructure are complex. GSA has several cloud offerings designed with the customer in mind. We’re working to provide solutions that address the typical challenges agencies are facing, and GSA is here to help agencies be successful.

One example is IT Schedule 70’s Cloud SIN (132-40), originally developed and implemented in 2015. Since then, a lot has changed in both the cloud industry and in government. We have seen an increased demand for cloud computing, and the market has evolved to include professional services that support cloud-oriented products. The evolution has exposed some acquisition challenges and roadblocks in the original SIN.  

Originally, customers using IT70 to buy cloud products also needed to procure cloud-related IT professional services. This had to happen through a second step, often requiring them to issue Requests for Quotes (RFQs) to the entire universe of IT services contractors on IT70 (over 3,500), and many of those contractors may not have any of the appropriate skills to support cloud deployments.

Now, the expanded IT70 Cloud SIN includes the cloud-oriented IT professional services that customers need, providing them access to a full cloud solution in one place. Additionally, we have clarified a few ambiguities about the definition of cloud products that frequently caused confusion.

GSA’s goal is to ensure we are supporting the government’s adoption of, migration to, and ongoing governance and management of cloud computing.

The Cloud SIN revisions are available in the most current solicitation refresh: Solicitation Number: FCIS-JB-980001-B.

Contact GSA To Get Started

Contact the GSA cloud experts with any questions about the GSA IT Schedule 70 Cloud SIN. We help agencies navigate the Cloud SIN to acquire cloud services, including providing free scope reviews of solicitations. We also help industry suppliers with the application process to have their cloud offerings indexed under the Cloud SIN.

To learn more, visit our Cloud SIN page.

Posted on

Think IT Modernization? Think GSA

Our mission in the Office of Information Technology Category (ITC) is to “maximize customer value and mission productivity through IT acquisition.” As the largest provider of IT acquisition solutions for government, it is absolutely critical that we ride the bleeding edge of IT innovation. As a service to agencies and taxpayers, we adopt innovative solutions early on and apply them to our own processes — we learn about new technologies by using them. Efforts like this position us to even more effectively help agencies face their future mission needs.

In a blog post last December, we announced our experimentation with distributed ledger technology (DLT) — commonly referred to as “blockchain.” At the time we had just completed a proof of concept to further enhance our Making it Easier FASt Lane proposal review process. We found that DLT can automate many of the manual business processes and steps required to award a new IT Schedule 70 contract. This includes time-intensive tasks such as financial reviews and development of pre-negotiation memoranda, freeing up our workforce to focus on more meaningful responsibilities. DLT also modernizes the award process making it easier, more efficient, and faster for those new contract holders.

IT modernization is a major focus of this administration. Our work with DLT is an excellent example of leveraging emerging technologies to enhance existing systems — to reimagine how we build using an agile methodology to effectively modernize over time. The crawl/walk/run method that we’re using to implement DLT highlights one best-practice path to modernization.

First, We Crawled – What We Did

In July 2017, we kicked off the proof of concept (POC) as an award under the simplified acquisition threshold. This acquisition strategy used an agile acquisition and development approach and had a short, six-week delivery schedule. The entire POC only cost $150,000.

Now We Walk – Development

The POC demonstrated how we could use DLT to help automate our acquisition workforce, specifically touching and entering data only once into a single solution.

To expand the project’s scope, this May we awarded a contract for a pilot. Where the POC tested the waters limited to IT Schedule 70, the pilot has a wider scope: the Multiple Award Schedules (MAS) program (aka the Schedules). We plan to look across the entire enterprise to find out where we’ll gain the most benefits within the Schedules program.

The pilot will create a DLT-based software layer over GSA’s existing infrastructure which creates transparency and documents activities between industry partners (contractors/vendors) and GSA.

This layer will make the proposal review process accountable and allow for a controlled reduction in fixed costs. Also, the pilot automates financial reviews and other GSA Schedules business processes.

For example, we can identify offerors with substandard financial ratios based on the average (as reported by the IRS) of their respective NAICs code. Offerors with poor financial ratios will be flagged for further review; if the ratios look good they will move to the next step.

This first pilot will break down and modularize the workstream and build out a micro-service for the financial responsibility process. Implementing a manageable business process, this will enable us to more simply capture information and to build analytics.

Next, We’ll Run – Production/Sustainment

If the pilot is successful, we’ll continue its development and our efforts to make this a reality by awarding another contract for a full-scale production.

Think IT Modernization? Think GSA

Our team has the expertise and agility to try new things and test new IT solutions. We launch, test, learn, and then use those lessons learned to support our customers.

So, when you think about modernizing your IT systems, think GSA! We have the experts and acquisition solutions in place to make IT modernization a reality for the federal government.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.

The five steps to accelerate the process to award contracts and make life better for the workforce and vendors.
Posted on

5 Considerations for Using the CDM Tools SIN

While threats to our most critical systems increase, agencies face ongoing challenges to keep IT assets safe from adversaries. On August 11, 2018, the continuous diagnostics & mitigation tools continuous monitoring as a services (CDM/CMaaS) blanket purchase agreements (BPAs)expired and were replaced by a new special item number (SIN) on IT Schedule 70: The CDM Tools SIN (132-44).

The CDM Tools SIN on IT Schedule 70 provides agencies with easier access to a governmentwide set of information security continuous monitoring (ISCM) tools.

The CDM Tools SIN also:

  • Allows for added flexibility and speed to market for emerging technologies related to the CDM Program
  • Supports an expanded pool of industry partners offering CDM tools

Here are five considerations for choosing the CDM Tools SIN, when implementing your system security plans and IT security solutions:

1. We’ve made it easier to strengthen your network

Our CDM Tools SIN provides agencies with products and associated services that monitor and report into their CDM agency dashboard. It also allows them to manage:

  • What is on the network
  • Who is on the network
  • What is happening on the network
  • How data is protected

2. The Department of Homeland Security (DHS) has vetted all products on the CDM Tools SIN

GSA’s partnership with DHS ensures that the products available on the CDM Tools SIN have gone through a sophisticated vetting process. They are added to DHS’s CDM approved products list (APL) before being added to the CDM Tools SIN. Products on the APL are consolidated and categorized for ease of discovery.

The APL is the authoritative approved product catalog for products that meet the department’s CDM requirements. DHS reviews new products every month, allowing for new and emerging products to become part of the CDM marketplace. Once approved and placed on the APL, vendors can apply to IT Schedule 70 to sell their new product on the SIN.

3. The CDM Tools SIN is open to all GSA IT Schedule 70 users

Federal agencies can use the CDM Tools SIN; state, local, tribal, and territorial government entities can also access the CDM Tools SIN through GSA’s Cooperative Purchasing Program.

The SIN is also available to Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) awardees purchasing CDM tools, the Department of Defense, and other organizations that can use IT Schedule 70.

4. Chief Information Security Officer (CISO) Handbook calls out the CDM Tools SIN

The CIO Council recently published the CISO Handbook to give chief information security officers (CISOs) important information they need to implement federal cybersecurity at their agencies. The CDM tools SIN is called out as a resource for CISOs to address federal cybersecurity requirements.

Agencies use CDM Tools to comply with various federal mandates and to strengthen their network defenses through sustained monitoring of network activity and automatic identification and prevention of any activity determined to be unauthorized.

5. We make it easy for you to order CDM Tools SIN

GSA makes it easy to access these tools through the www.gsa.gov/cdm webpages, featuring an ordering guide and links to GSA eLibrary’s CDM Tools page. We update the site every month with the new DHS Approved Products List. We also feature a guide for industry vendors interested in applying to sell products on the CDM Tools SIN.

For more information on the CDM Tools SIN, visit www.gsa.gov/cdm, or contact the IT Security Subcategory Team at itsecuritycm@gsa.gov.

Please follow us on Twitter @GSA_ITC and LinkedIn to join our ongoing conversations about government IT.