CORRECTION: Federal News Radio misstated the process for certification and accreditation. Vendors will not have to run their offerings through the Federal Risk and Authorization Management Program (FedRAMP). The story has been updated to show the correct process.
The General Services Administration awarded 11 vendors spots on the first governmentwide contract for cloud computing.
GSA announced Tuesday a blanket purchase agreement for infrastructure-as-a-service (IaaS), including cloud storage, virtual machines and Web hosting. All of these services eventually will be available through the Apps.gov portal.
“Offering IaaS on Apps.gov makes sense for the federal government and for the American people,” said Vivek Kundra, federal chief information officer, in a release. “Cloud computing services help to deliver on this administration’s commitment to provide better value for the American taxpayer by making government more efficient.”
The winning vendors are:
Apptis Inc. partnered with Amazon Web Services
Autonomic Resources partnered with Carpathia, Enomaly and Dell
Computer Literacy World partnered with Electrosoft, XO Communications and Secure Networks
Computer Technology Consultants partnered with Softlayer, Inc.
Eyak Tech LLC
General Dynamics Information Technology partnered with Carpathia
This is the first major award under the federal cloud computing initiative. The Office of Management and Budget hopes to add platform-as-a-service and software-as-a-service to Apps.gov. GSA issued two requests for information for SaaS, including one more than a year ago.
GSA is considering e-mail-as-a-service as its next offering, said Ed O’Hare, GSA’s assistant commissioner for Integrated Technology Services in the Federal Acquisition Service last August.
Under the BPA, each of the vendors will have to go through the certification and accreditation (C&A) process at the moderate level under the Federal Information Security Management Act (FISMA).
GSA will administer the C&A process and offer approval so agencies can buy these services.
One unanswered question, however, is how does the Federal Risk and Authorization Management Program (FedRAMP) apply to these services?
Under Apps.gov, FedRAMP, which is run by GSA, and the departments of Defense and Homeland Security, is suppose to be “a consolidated point for governmentwide security authorization and related risk management activities of cloud computing systems (both commercial and government). This includes ongoing monitoring, assessment, reporting, and remediation of security risk.”
FedRAMP is suppose to be a place where vendors can “obtain an Authority to Operate for their cloud system which can then be leveraged and shared across multiple federal agencies.”
“Through offerings such as IaaS, GSA is providing government entities with easy access to cost-saving, high-value, more efficient technology solutions by doing a major part of the procurement processes upfront,” said Dave McClure, GSA’s associate administrator of Citizen Services and Innovative Technologies.
GSA said through Apps.gov, IaaS offerings will include on-demand self-service that lets federal, state and local agencies utilize and discontinue use of products when and as needed.
GSA said one benefit of IaaS offerings will be rapid elasticity for real-time, customizable scaling of service and automatic provisioning of virtual machines, storage and bandwidth, and visibility into service usage and order management through measured services.
“Cloud solutions not only help to lower the cost of government operations, they also drive innovation across government,” Kundra said.