CBP Is Looking for a Vendor to Manage Its Multi-Cloud Environment

Per mandates from Congress, the White House and the Homeland Security Department, the Customs and Border Protection agency is getting ready for a wholesale cloud management.

The agency issued a request for information Wednesday to gather preliminary market research on vendors that can manage CBP’s entire cloud environment, including multiple public, private and hybrid clouds.

The agency has recently come under fire for how it collects and stores data.

CBP currently uses a host of cloud providers for various services, including Amazon Web Services, Microsoft Azure, IBM Cloud, Oracle Cloud and Google Cloud Platform for enterprise infrastructure. The agency also uses a number of platform- and software-as-a-service providers, such as Salesforce, ServiceNow, Quip and Presidio, among others.

The agency is looking to make additional moves to the cloud—unspecified in the RFI—in the hopes of improving mission continuity, modernizing IT service delivery and enhancing the agency’s security posture, according to the documents.

The winning vendor will have to manage acquisition of and access to all of these, as well as any additional cloud services added to CBP’s environment.

“The objective is to acquire cloud-computing services directly from commercial cloud service providers with established records for innovation and operational excellence in cloud service delivery for a large customer base,” the RFI states.

The vendor will be expected to manage all of these services while also acting as a consultant when updating or adding new services and providers.

“These ‘as a service’ solutions would allow for building digital solutions based on micro services; implementing application program interface (API) based modern web frameworks; building solutions that are extensible to mobile and forward-looking industry paradigms; building consistent, standard, reliable and portable environments in the cloud; defining container strategies; managing data; and operational models,” the RFI states.

The contractor will have to devise a system that enables fluid movement between cloud environments, as well as the on-premises servers that CBP intends to hold on to.

All of this will be channeled through “a single cloud management interface—single pane of glass—to access, view, monitor and support management of the cloud and hybrid cloud landscape,” according to the RFI. That interface will exist as a dashboard CBP IT managers can use to monitor the health of the environment.

The contractor will also be responsible for managing all of the security issues for all of CBP’s cloud instances, including abiding by all DHS standards, employing a continuous monitoring program and managing all patch deployments.

The RFI includes an extensive list of deliverables. However, the agency was able to sum its priorities under seven objectives:

• Technical Parity: When new cloud services are introduced in the provider’s commercial environment, the same services become rapidly available at all required security levels as prioritized by the government.
• Interoperability/Portability: The provider has the technical capabilities and management processes to effectively and efficiently facilitate application and data interoperability and portability, as prioritized, between cloud environments, including between cloud offerings from different providers.
• Operational Excellence: The provider will deliver operational excellence in cloud computing by such elements as scaling quickly to satisfy user-computing demands, proactively exceeding security requirements, assuring high system availability and data reliability, and providing best-in-class user support.
• Service Pricing Parity: The provider provides a range of service pricing structures to cost-effectively support different use cases and revises pricing regularly to maintain parity with the provider’s commercial environment pricing.
• Superior Contract Management: The provider delivers the expertise and commitment required to manage a complex effort at the speed of mission that is critically important to CBP and national security.
• Security: The provider cloud service offerings proactively ensure protection of the physical infrastructure and information security, and limit and/or migrate against threats, internally and externally, to the CBP environment.
• Bring-Your-Own-License (BYOL): The provider delivers a marketplace capability to facilitate the use and billing of BYOL PaaS and SaaS offerings.

Interested vendors should reply to CBP by 5 p.m. Aug. 1 noting their interest in the opportunity, ability to perform the work, expected teaming arrangements and a rough cost estimate.