Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF APRIL 03, 2010 FBO #3052
SOURCES SOUGHT

D -- Enterprise Data Protection (EDP) Solution Integrator (SI)

Notice Date
4/1/2010
 
Notice Type
Sources Sought
 
NAICS
541519 — Other Computer Related Services
 
Contracting Office
Department of Homeland Security, Transportation Security Administration, Headquarters TSA, 601 S. 12th Street, TSA-25, 10th Floor, Arlington, Virginia, 20598, United States
 
ZIP Code
20598
 
Solicitation Number
TSAEDP2010
 
Point of Contact
Renee Grace, Phone: 571-227-1411, Tonya R Pruitt, Phone: 571-227-3892
 
E-Mail Address
renee.grace@dhs.gov, tonya.pruitt@dhs.gov
(renee.grace@dhs.gov, tonya.pruitt@dhs.gov)
 
Small Business Set-Aside
N/A
 
Description
Title: The Transportation Security Administration (TSA) is seeking sources for an Enterprise Data Protection (EDP) Solution Integrator (SI). Description: The Transportation Security Administration (TSA) is requesting information regarding prospective Solution Integrators (SI) to identify, deploy, manage, and maintain an Enterprise Data Protection (EDP) solution to the TSA enterprise. This is a Sources Sought Notice only and responders will not be compensated for the information provided. No solicitation will be issued at this time. The Transportation Security Administration's (TSA) mission is to protect our Nation's transportation sector and to ensure the free and unrestricted movement of people and commerce. To support this mission, the TSA is investigating Solution Integrators (SI) that may be able to assist with implementing a TSA enterprise-wide EDP solution. The integrated EDP solution is a combination of Data Loss Prevention (DLP) and Digital Rights Management (DRM) technologies that can provide the ability to identify and protect digital content within the TSA environment. The EDP unified solution will allow administrators and end-users to locate, label, and protect sensitive information, to assign usage restrictions to documents, to generate reports based on the creation, usage, and disposition of documents, and will integrate with existing document generation and management tools and systems. Please note: DRM is also known as IRM (Information Rights Management), ERM (Enterprise Rights Management) as well as other names, however this document will use the generic DRM term for enterprise Digital Rights Management functions used to protect sensitive content from unauthorized activities and use. Please provide a detailed description of your organization's capabilities and experiences with project management, detailed planning, technical design, system implementation, and operation and maintenance of an integrated EDP solution for large, distributed organizations with complex information sharing relationships. Please include at a minimum the following information: • Describe your organization's experience with implementing EDP solutions for large organizations that have sensitive information that must be securely shared with many different parties, both internally and externally to the organization. • Discuss the strategy and proposed methodology your organization would utilize to ensure a successful deployment of EDP technologies to a large distributed, geographically diverse, heterogeneous environment. • Describe the DLP and DRM technologies your organization has successfully deployed. Discuss the number of users the system supports, the number of external entities using the system, and the total number of documents protected. • Describe your organization's experience in deploying DLP technologies to a large distributed, geographically diverse, heterogeneous environment. Please describe your experience with DLP Data at Rest, Data in Motion, and Data in Use deployments. • Describe your organization's experience in deploying enterprise-wide DRM technologies where information sharing recipients that may be using TSA trusted, semi-trusted, and untrusted systems where TSA is unable to control and/or install software on semi-trusted and untrusted systems. • Describe your organization's experience with integrating DLP and DRM functionalities. Discuss how data coherency is maintained between the DLP and DRM systems. Discuss whether or not the two systems will either seamlessly share information with each other, or utilize a single, unified database between both platforms. • Describe your approach to integrating and deploying the EDP solution to end users. Describe how your organization would gather solution requirements for end users, how the solution would be deployed, what your training strategies would be, and how the solution would be maintained throughout the systems lifecycle. • Discuss integration mechanisms that allow for a single unified user interface for both DLP and DRM functionalities. This capability refers to both administrative user and end-user interfaces. • Describe your organization's experience with DLP and DRM integrations that utilize a common schema to label the sensitivity of files, to include DLP solutions that are capable of identifying sensitive content within files that have been encrypted with DRM controls. • Describe how integrated DLP and DRM solutions will utilize a common set of administrative policies that govern the usage and access controls in place for all sensitive information. • Describe methods used to provide authorized external third parties (i.e. Federal, State, Local and Tribal agencies, and applicable private sector partners and organizations) access to DRM protected content. • Describe the capability to provide TSA trusted, semi-trusted, and untrusted systems updates for DRM file protection attributes, certificates, and control mechanisms when these attributes/control structures change while a user(s) is/are off-line. • Describe how the EDP solution will monitor and control sensitive information within the Continental United States (CONUS) and international locations. • Describe your operations and maintenance (O&M) strategy and service level capabilities required to support 24x7x365 operations. • Discuss your organization's System Development Life Cycle that would be leveraged for this solution, and experience with FISMA Certification and Accreditation processes, procedures, and documentation. • Describe previous experience that would be utilized to ensure the EDP solution meets Section 508 standards compliance. Provide company information and product history to include: • Professional services capabilities and partnerships. • Number of years in the marketplace. • Is the organization and/or the technology(s) used foreign-owned? If so, please describe. • Total number of deployments and number of deployments to Federal agencies. Please provide references and points of contact. • Number of successful DLP/DRM integrations and the associated technologies used. ADMINISTRATIVE All interested parties should submit a capability statement to the TSA Office of Acquisition (OA). The capability statement should clearly explain the contractor's abilities and experience directly related to the capabilities listed in this notice. Please refrain from superfluous discussion. Do not include generic marketing material which does not directly address the specific capabilities enumerated in this notice. Submissions shall not exceed 10 pages in length. A company must identify its business size status, type of small business, and applicable NAICS code(s) in the capability statement. Capability statements are required to be received electronically via email to renee.grace@tsa.dhs.gov. Subject: TSA Enterprise Data Protection Solutions Integrator, no later than 4/8/2010 at 5:00 p.m. Eastern Time. Responses received after this deadline or which do not conform to this instructions provided herein will not be reviewed. TSA's primary point of contact is the Contracting Officer Renee Grace, who can be reached via e-mail at renee.grace@dhs.gov. Any questions regarding this notice shall be directed to Mrs. Grace in writing, via email 4/5/2010 at 5:00 p.m. Eastern Time. Companies responding to this Sources Sought Notification are responsible for all expenses associated with responding to this Notification. (Note: TSA will not pay any costs associated with this effort). The TSA is not seeking or accepting unsolicited proposals. Since this Sources Sought Notification is for information and planning purposes, no evaluation letters or results will be issued to respondents.
 
Web Link
FBO.gov Permalink
(https://www.fbo.gov/spg/DHS/TSA/HQTSA/TSAEDP2010/listing.html)
 
Record
SN02110152-W 20100403/100401235527-3bf19444a248a5e28cd41f17905df116 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.