SOURCES SOUGHT
D -- Data Encryption Solution
- Notice Date
- 8/16/2006
- Notice Type
- Sources Sought
- NAICS
- 541519
— Other Computer Related Services
- Contracting Office
- Securities and Exchange Commission, Procurement and Contracts Branch, Operations Center, 6432 General Green Way, MS 0-20, Alexandria, VA, 22312-2413
- ZIP Code
- 22312-2413
- Solicitation Number
- SECHQ1-06-Q-0367
- Response Due
- 8/25/2006
- Archive Date
- 8/28/2006
- Description
- *** Technical Requirements for Data Encryption Solution *** ***Introduction: The Securities and Exchange Commission seeks a technical solution for the encryption of all user data on all agency laptops and portable media devices. The technical solution must satisfy all the following requirements.*** ***Security Requirements: The product must encrypt the entire hard disk (full-disk) so that if a disk were pulled and analyzed on a sector by sector basis, it would be unreadable. The product must encrypt hibernation and other system files. The product must ensure that encrypted volumes, including the operating system, are only accessible after the user enters a pre-OS password to decrypt the volume. The product must encrypt all removable media upon connection to the system after allowing the user to cancel the encryption based on SEC policy. The product must allow the administrator to refuse to mount a device for which the user has cancelled encryption. The product must encrypt read-only media on creation based on user or administrator preferences. The product must use strong Advanced Encryption Standard (AES) algorithms with 256 bit key lengths at a minimum. The structure of passwords used in the product must contain at least eight characters and must contain at least one lower-case alphabetic character, one upper-case alphabetic character, one digit (0-9), and one special character (e.g., #, $, etc). ***Management and Recovery Requirements: The product must allow enterprise policies to be centrally configured. The product must be fully integrated with Active Directory for managing policies and user authentication. The product must allow enterprise policies to always override locally configured policies. The product must allow administrators to dynamically access all files on the drive regardless of their state of encryption; ensure that an employee?s files are accessible for years after the employee has left the SEC; ensure that EnCase Enterprise agents are always able to pull data; and ensure that automated remote processes running with credentials (for example, vulnerability scanning platforms) operate unhindered. The product must allow administrators to reset a user?s password and be able to force the user to change it on the user?s next logon. The product must centrally report all policy compliance events, and centrally report all software errors including, at a minimum, encryption errors, software corruption, and authentication errors. The product must allow application of patches and updates regardless of whether the user is logged into the bios-level encryption application or the Windows operating system. The product must support single-sign on technology, thereby ensure users are only required to log into the bios-encryption application when during a ?Cold Boot?. The product must support Wake on LAN remote management feature whereby a network message (?Magic Packet?) is sent to a workstation to cause it to turn itself to a fully operational state.. The product must allow the remote installation of software updates through SMS or other enterprise-wide management tools without having to decrypt/re-encrypt the hard drive. The product must allow remote software installations and upgrades without hindrance and without user log on or require any manual intervention to the computer. The product must allow patch management (Bigfix, WSUS, and SMS 2003) to occur without hindrance on encrypted laptops that touch the network. ***Self-Service and Helpdesk Support Requirements: The product must allow help desk technicians who are not domain administrators to help users with remote recovery in the event of a data lockout. The product must allow users to recover by themselves using a recovery disk or self-service password recovery questions. ***Encryption Software Installation and Deployment Requirements: The product must have client application that can be cleanly packaged and installed using SMS. The product must have an administrator configurable message during installation. For instance, it could be used to alert users that their disks are being encrypted and not to attempt a shut-down or restart of their systems until the encryption is complete. The product must allow interruption by power-loss or disconnection from the network of the encryption process without data corruption. ***Portable Media Encryption: The product must be able to encrypt all portable media storage devices including USB and USB2 based thumb drives, floppy disks, DVD/R?s, and CD/R?s. The product must be able to encrypt all portable media without user intervention. The product must be able to decrypt data encrypted on portable media devices from any computer, including computers that have not been encrypted, provided the correct user credentials are applied. The product must not have any limitations on the number of times that data can be encrypted or decrypted on portable media storage devices. The product must be able to encrypt current PDA technologies including Palm and Treo. The product must provide central management of policies that can be applied to all workstations that encrypt portable media. ***Integration Services: On-site (at SEC) integration services are required for approximately two (2) weeks to plan, engineer and deploy the technical data encryption solution. ****** Interested GSA Schedule holders should respond via email to baierl@sec.gov and provide: (1) name of company, (2) GSA Schedule contract number and expiration date, (3) brief statement that vendor can provide a product and service that meets ALL of the requirements listed. RFQs may be sent to only those vendors that confirm that they can meet all requirements. ***NO PHONE CALLS PLEASE; EMAIL ONLY***
- Place of Performance
- Address: 6432 General Green Way, Alexandria VA
- Zip Code: 22312
- Country: UNITED STATES
- Zip Code: 22312
- Record
- SN01117350-W 20060818/060816222232 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |