Do you know the security questions your customers want answered?
- By Steve Nuelle
- Feb 25, 2019
Federal buyers face a complex set of technical and socio-economic considerations before they make just about any agency purchase. That’s particularly true in information technology where agencies must consider not only the features of the solution they’re buying, but the security and reliability of who they’re buying from.
Given new NIST Guidelines and Federal cyber-security directives, it’s not just a question of whether your solution is secure but is the contractor you’re buying from secure, too?
Choose the wrong firm and you may expose your agency to a cybersecurity problem or end up with counterfeit devices. The “best” outcome from picking the wrong contractor could be that they simply never fulfill your order.
Here are Seven Key Factors every Federal IT buyer should look for when selecting a solution provider:
Does the Contractor Have A Secure Supply Chain?
This starts with the seemingly basic, but not always assured, question of whether the contractor is an authorized re-seller of the product or solution you’re buying. If not, you could be getting out-of-date equipment or counterfeit components (which undermine manufacturer warranties), and you certainly will not get the service you need to ensure that your asset works over time.
Beyond basics, though, ensuring that your contractor meets existing DOD supply chain security mandates or can otherwise validate the integrity of its supply channel is essential. Experienced contractors should be able to provide proof they are working with established companies, each a strong link in a controlled “chain of custody” to ensure that supply chain risks are properly managed.
Can the Contractor Provide Security To The End Points of Your Network?
Feds rightly place a lot of emphasis on ensuring core data and network systems are safe from a cyber-attack. However, most CIO’s and CISO’s now acknowledge that endpoint devices have become the single biggest vulnerability and threat to network security. That networked printer that sits at a remote site? While not everyone realizes it, that network-connected machine could be an excellent, unprotected entry point to your otherwise secure network.
In football, you must have a strong front line to move the ball, but you also need to protect your flanks so your quarterback doesn’t get blindsided. The same concept applies here. Check to see whether your contractor has proven endpoint security experience, down to personal computing devices and user behaviors
What Experience Does the Contractor Have With Innovative Solutions?
We hear a lot about innovation in federal IT, but the reality is that few customers want to be the first ones to take the innovative step. Knowing that a solution has been successfully deployed elsewhere in the public sector, including state or local governments, often provides federal buyers with the assurance that innovation is available at a minimal risk.
Similarly, identifying a contractor that has proven public sector experience with both designing and implementing innovative solutions provides the confidence and assurance those systems will work within a complex network, and that projects will be completed on-time and within budget.
Are These Solutions Accessible?
This is what some in the federal IT arena call the “how” question. You love the solution your contractor is offering, but how do you obtain it quickly, within federal acquisition regs?
Over half of federal IT buying is made via existing task order contracts. Some, such as the GSA Schedules program or NASA SEWP, have been designated “Best In Class” (BIC). These contracts offer buyers an established way to quickly obtain desired solutions from qualified contractors at fair and reasonable prices. More recently, Government Strategic Sourcing (GSS) solutions and Other Transaction Authority (OTA) vehicles have grown to be a widely accepted acquisition path allowing an agency to fill particularly critical, and/or innovative, needs quickly.
Small-business set-asides also can provide an agency with a way to make a quick acquisition, and meet socio-economic goals at the same time. A contractor that has experience with one or more of these can work with you to suggest a potential acquisition approach that meets your time frame and budget.
Does the Contractor Have a Proven Track Record of Responsiveness?
Your agency has critical missions to execute. Your contractor needs to meet your schedule so that mission fulfillment is flawless. Speed isn’t helpful, though, if you get the wrong items. Your contractor needs to fill your order accurately the first time, every time.
A contractor partner committed to speed and accuracy is someone who shares your sense of mission urgency. Responsive companies with strong subject-matter expertise and an established, sustainable federal market presence (backed by strong relationships with their manufacturers and industry partners) can be part of your team, a part you can rely on to be with you whenever, wherever.
Can Your Provider Meet Your Scalability Needs?
A “proof of concept” is great, but being able to scale an initial innovative project can be essential to meeting your agency’s critical missions. The capability to scale up and meet increasing needs is a key factor when selecting a contractor. Scalability means your contractor has the resources and financial capacity to expand its support structure to keep pace as the size and scope of your projects increase. You need contractors who can scale-up rapidly and meet your growing needs as seamlessly as possible.
Have You Considered A Small Business?
Many agencies also look for a small business partner. While all agencies have small business goals, some may be hesitant to use such a firm for all but the most basic projects. Wouldn’t it be great to have a small business partner that possesses all of the traits listed here, though?
A small business partner that is knowledgeable, provides the latest IT solutions, has great contract vehicles, moves with speed and accuracy, and can scale-up as needed is a rare commodity. Such companies, however, do exist. Finding and partnering with them can solve your agency’s IT issues and get you back focused on meeting important missions.
Steve Nuelle is the president of ABM Federal, a contracting firm that provides secure information technology products and managed IT services to the federal government across the U.S. and worldwide.