Two more authorities to operate bring the total to five, with four more vendors waiting to get certified to get a piece of GSA’s massive Enterprise Infrastructure Solutions contract.
Two more vendors on the General Services Administration’s $50 billion Enterprise Infrastructure Solutions telecom contract received an authority to operate, or ATO, verifying they can provide a baseline of cybersecurity for the infrastructure that enables agencies’ IT to function.
BT Federal and Harris have been added to the list of completed ATOs, where they join AT&T, CenturyLink and Verizon. The remaining four vendors—CoreTech, Granite, MetTel and MicroTech—are still in progress, GSA confirmed.
“We’re currently in the assessment phase with the remaining vendors who are working to receive an ATO for their Business Support Systems," Allen Hill, director of GSA’s Office of Telecommunication Services, told Nextgov in an email Tuesday. "The next BSS Security Assessment and Authorization Status Report will be posted on Interact tomorrow, October 9. We’re engaged daily with all our industry partners to ensure the success of the EIS program.”
The two companies officially obtained their ATOs on Sept. 25, just five days before the end of the fiscal year and GSA’s deadline for agencies to issue task orders. GSA has been pushing agencies to move on the EIS transition to ensure there is enough time to switch over from contracts on the expiring Networx and WITS-3 contracts, though in the past Hill had said that many were not going to make the Sept. 30 deadline.
“Even though the Sept. 30 date may pass for some agencies, it’s more of a yellow light type thing for folks who really need to turn it up a little more in these next few months and get things out there,” Hill said in August. “And agencies are responding, they really are. They are buckling down.”
While the task order deadline is fuzzy, the May 2023 expiration of the Networx and WITS-3 contracts are not.
"They are there because we have mandates that we have to meet and so those dates don’t change,” Hill said. “We have been working very closely to understand where the agencies are and I don't think they are going to miss any of the other dates. They are really applying all the resources and they’re working as hard as they can.”
With an official ATO, BT Federal and Harris are now positioned to take advantage of their position on EIS, as the companies were not eligible for task orders on the contract until their cybersecurity postures had been verified.
The companies will also have to maintain that certification through continuous monitoring of their security systems. The ATOs also expire in three years, meaning the vendors will have to go through the process again in order to continue work on ongoing and future task orders.
“We’re excited to help federal agencies accelerate their IT modernization objectives, enabling them to focus on delivering mission-critical services,” BT Federal President Tony Wellen said in a statement. “In addition to enabling federal agencies to adopt disruptive new solutions to modernize their legacy IT infrastructure, we’re also delivering the innovative cybersecurity solutions required to defend distributed network architectures.”
GSA originally awarded 10 spots on the contract in 2017, but the merger between CenturyLink and Level 3 last year led to a merger of their contract award, as well.