Buyer Prepare

The Cyber Edge
August 28, 2017
By David Young

New GSA contract requires agencies to consider processes, benefits and change management.

The U.S. General Services Administration’s latest endeavor to help government agencies increase their buying power offers a portfolio of providers to simplify the way they acquire and implement telecommunications and IT infrastructure services. According to administration officials, the 15-year, $50 billion Enterprise Infrastructure Solutions (EIS) contract, awarded this summer, will help agencies establish a solid foundation to modernize the government’s IT infrastructure, implement advanced cybersecurity solutions and improve service to the public.

The ability to bridge–and often replace–legacy systems with new technology and delivery platforms has never been more critical. Government agencies have entered an exciting era in the technology journey, infusing what was learned throughout the Networx contract into the Enterprise Infrastructure Solutions contract. Through EIS, agencies can transition to newer technology as well as transform their infrastructure in a way that puts them on the cutting edge.

Digital transformation is about more than new systems. It is about rethinking an entire organization and the fluidity of the workforce, breaking down the silos and sharing accountability. An important part of that evolution is migrating legacy technology to more accessible and secure platforms. The EIS contract gives government entities access to a portfolio of providers that can work with them to simplify this process.

The rapid pace of technology evolution and the cost associated with keeping up with advancements poses the cost versus benefit conundrum. However, organizations must keep in mind that maintaining outdated hardware and software can cost more than upgrading to an efficient infrastructure. From a security perspective, upgraded systems are more secure, which, given the vast number of cyber attacks that occur on a daily basis, is of the utmost importance.

For many agencies, the challenge can be the upfront investment in upgrades, particularly when capital expenditure budgets are shrinking. Nevertheless, today’s needs have changed dramatically. As a result, the massive upfront capital investments in infrastructure and equipment in the past can now be accomplished remotely or by contractors with expertise in a particular area and technology. Because of this shift to a contractor-owned, contractor-operated (COCO) model, many of the transformative measures EIS affords can fall under operating expenditures.

Government entities interested in working with the providers under the EIS contract must ensure the match will meet their needs. They should determine if the provider offers solution options throughout the process and come to the table with a consultative approach. In addition, acquisition personnel should ask if the company offers value-added communications services, such as the ability to bridge legacy technology with new platforms, at a pace that best meets the business needs of the agency.

They also should keep in mind the scope and scale of services the provider can offer. This applies to network and solutions capabilities as well as the company’s ability to deliver a consistent operating experience to agency users no matter where their location.

Leading change requires new thinking and looking with a critical eye at an industry partner to transform legacy communications environments into state-of-the-art technology. With so much riding on the effort, diligence about other aspects also is crucial.

For example, issues such as understanding a provider’s track record with large-scale transformation engagements, knowing who will be working on the transition team and what, if any, access personnel will have to legacy systems should be discussed early in the decision-making process.

In addition to these topics, government agencies must consider the mobile technology environment. Although employees can literally work virtually at any time anywhere, mobile devices continue to pose security challenges that must be taken seriously. A 2015 study of 1,000 personnel from 20 civilian, intelligence and military agencies found 60 percent of employees know some risk exists when using a personal device for work; however, 85 percent said, despite the risk, they “…do it anyway.”

Agencies should evaluate their security posture to determine if their risk management framework includes policies, protections and mitigations for personal devices. If it does not, they should create one that is inclusive and responsive to the needs of the work force. Even with a policy in place, managers must keep in mind that personnel may use their own devices on an agency’s network in violation of policies.

Without a doubt, organizations—from Fortune 500 companies to federal agencies—are in a constant battle to mitigate threat proliferation. While all systems are vulnerable, agencies under the EIS contract can put additional security measures in place at the individual agency level, as well as the system level, with solutions such as continuous technology refresh mechanisms in the contracts.

In addition, EIS mandatory telecommunications services are being bundled with optional services such as cloud, managed services, data centers and security operations centers. Consequently, agencies can choose security solutions that help contain costs while making it easier for security professionals to manage all the layers necessary to safeguard federal agencies.

But technology is merely a tool. It does little to insulate agencies from being victimized by nefarious actors without regular training of employees and contractors. As a result, agencies must develop and implement an education program that helps employees understand their importance to overall network security. And, while cybersecurity is paramount, employees also must be reminded of the importance of physical security, including locking their workstation when they leave, maintaining badge access and following password protection guidelines.

As agencies retire legacy infrastructure and modernize their networks and applications, they must consider reliability. The EIS contract promotes the use of government-shared services, which helps reduce procurement complexities and streamline solution transitions.

While the value of this approach cannot be overstated, agency managers must make sure they understand the service and support models of each vendor. Most companies offer managed services, which often provide a dedicated 24/7 support team through the entire process. Others offer less robust service models or only provide service until the migration is complete.

In addition, they must be clear about what is being transitioned or modernized and if it is an upgrade or equivalent to current system. When simply replacing current technologies, agency managers must determine how the new systems will affect performance and end-user experience.

David Young is the regional vice president at Level 3 Communications in charge of the company’s Government Markets Group. The company is one of 10 EIS industry partners.

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Share Your Thoughts: