Just a few months after seeking bids to stand up a Defense Enterprise Office Solutions (DEOS) cloud contract, the General Services Administration has plans to launch another version aimed at civilian agencies.
Alan Thomas, the commissioner of GSA’s Federal Acquisition Service, said the agency remains in the early stages of standing up a Civilian Enterprise Office Solutions (CEOS), with enterprise standardization as its focus.
While GSA has played a leading role in helping agencies transition to the cloud and providing IT modernization support, Thomas said its work moving agencies to the next-generation Enterprise Infrastructure Solutions (EIS) telecommunications and network contract help ensure supply chain security.
“We’re trying to move agencies to managed service, and we’re trying to reduce the attack surface of the network. If you get agencies to buy a managed service, where security is already embedded in the solution, it’s going to be probably a lot more secure than what we have out there today,” Thomas said Tuesday at the BMC Exchange conference in Washington.
While the Department of Homeland Security has taken the lead on early efforts to shore up the security of the government’s supply chain, GSA now plays a more prominent role. Thomas serves on the new Federal Acquisition Security Council, which held its first meeting last week.
“I think you’re going to see probably a lot more public activity around security in the supply chain, particularly with respect to the buying channel in the government,” Thomas said.
Lessons learned from TMF
More than a year after the Technology Modernization Fund launched its first round of projects, Thomas, one of the members of the board that oversees the fund, has some advice for agencies looking to seek a loan from the fund.
“We’re not naive enough to think that you’re going to transform and modernize the whole federal government with $100 million,” Thomas said. “The goal was to pick a cross-section of projects that we thought would have broad applicability across the agencies, and kind of serve as leading lights, or examples. If we can invest the money in those and do those properly, then it could be something that agencies could follow with their own money.”
For agencies looking to submit proposals this year, Thomas said agencies need to build incremental benchmarks into their proposal, not just to keep progress on-track, but to keep the board from pulling the plug on funding.
“Part of the board’s responsibility is to conduct quarterly reviews on the projects that we invest in, and make sure that things are going as planned. And if they’re not, then we haven’t put all of our chips in on the table,” he said.
As a second rule of thumb, Thomas said agencies should make sure their proposals focus on value creation and cost savings, since the board expects agencies to pay back their TMF loan through the cost savings they’ve achieved.
“The TMF is a loan. It’s not a grant [and] there’s a pretty stringent payback provision in the law,” he said. “As we worked with the agencies that submitted projects, we really got them to think about, ‘Are you going to reduce O&M costs in the future? Are you going to in some way, shape or form, avoid labor costs and apply those elsewhere?’ You’ve got to really think about generating real savings because the fund expects to get paid back.”
Finally, Thomas urged agencies to coordinate internally on its proposals before submitting them. For example, one agency submitted a “flurry” of eight proposals, but from different components and bureaus. In the end, the board sent all those proposals back.
“They actually came back with a single proposal that we think has a pretty good chance of getting funded,” Thomas said. “But we did see a number of instances like that where agencies, bureaus and silos within agencies are still operating in a very individual fashion and [are] not coordinated.”
But the Federal Acquisition Service has its own IT modernization needs. One of its internal systems, FSS 19, will soon turn 40 years old. And it’s built with older programming languages that aren’t part of more contemporary IT curricula.
“There’s a lot of COBOL and a lot of PowerBuilder, and a lot of stuff that a lot of people don’t even know about.
“We have a lot of legacy applications and many of them are what I would call task-based. They were built at a point in time to solve a specific problem, and then kind of integrated in some way, shape or form into the environment,” Thomas said. “Everyone has a closet like that in their house, that sort of accumulates stuff over time. And every once in a while you open it up, and you’re like, “We’ve got so much stuff in here.’ That’s a little bit how I feel with our IT systems.”