GSA lays groundwork for online cloud computing store

The General Services Administration has issued a request for quotations from vendors interested in providing software as a service to federal agencies, taking a significant step toward establishing an online storefront with cloud computing offerings.

The July 30 special notice posted on the Federal Business Opportunities Web site outlines GSA's expectations for vendors that will sell software applications to agencies but retain responsibility for maintenance, network connectivity and support. That practice, when combined with offering infrastructure services such as remote storage, is known as cloud computing.

Federal Chief Information Officer Vivek Kundra is a strong advocate of cloud computing and asserts that the government could save billions of dollars by embracing the approach. In July he announced that GSA will be the hub of federal cloud computing and it will launch an online storefront for cloud services in an attempt to replicate the shopping experience on commercial sites such as Amazon.com.

GSA did not respond to multiple requests for comment on the special notice.

Ray Bjorklund, senior vice president and chief knowledge officer at the McLean, Va., consultancy FedSources, noted the government has embraced the concept of infrastructure as a service for a long time through programs such as the Navy Marine Corps Intranet. Government also has used the concept of software as a service, through lines of business initiatives and shared service centers. But Bjorklund said the newer offerings differ because the government wouldn't own any part of the physical infrastructure. This could prove to be a sticking point.

"You have outsourced not only the software and use of that software, but you have basically let the accountability and responsibility for the performance of that software reside with the vendor who is providing the service," Bjorklund said. "It's the last big step, where you're completely relying on vendors. Agencies might not be sure if they're on solid ground or stepping in a puddle."

The RFQ emphasizes security requirements. According to the notice, the contractor will be responsible for supplying, securing, monitoring and maintaining the hardware, networks and software that support the service offered. Additionally, the contractor must document that low- and moderate-risk systems are secure.

Most of the security mandates are part of the 2002 Federal Information Security Management Act, which asks agencies to provide documentation showing they comply with myriad security requirements. But Bjorklund said the process can be administratively focused and agencies would be wise to bring in a third party to perform independent testing to ensure their systems are secure.

The earlier requests for information for infrastructure and software as service were posted on the agency's IT Schedule 70, which looks like the early favorite to be the primary contracting vehicle for cloud services. Other possibilities include the Networx telecom contract and the Alliant governmentwide IT vehicle. Bjorklund said Schedule 70 offers vendors more latitude, making it easier to fit cloud offerings into the existing contracting vehicle.

GSA is expected to release a second RFQ for infrastructure as a service during the next couple weeks. No date has yet been set for the release of the cloud storefront, though Coalition for Government Procurement President Larry Allen said the storefront likely will use the existing GSA Advantage system. Allen noted GSA Advantage is 15 years old and needs significant updates.