Understanding new security, certification and supply chain requirements get System Integrators in the U.S. Federal ICT game.
The shift in the Information and Communications Technology (ICT) landscape has been a game-changer across organizations globally. However, perhaps none have felt it more than System Integrators working in government environments where security, certification, compliancy and the instability of the global supply chain have created uncertainty not previously experienced.
When the world was catapulted into disruption, government organizations were forced to side-line any digital transformation planning that may have been in the works. They needed to rapidly ensure remote worker environments were secure, products were certified, and that the supply chain met government standards. A tall task at any time — a monumental task in globally uncertain times.
An evolving ICT market creates evolving challenges
As we settle in, changes introduced to address the qualm of the last three years are being re-visited. The new normal demands new deployments leverage cloud networking to meet citizens’ service expectations and support employee hybrid working. This has created significant challenges for System Integrators as new security, reliability and technical requirements must be met to deliver the ICT solutions governments demand.
In addition to global supply chain issues that create delays in invoicing and impact operating cost, evolving security and compliance requirements further complicate integration efforts. To deliver the networks governments demand, today’s System Integrators must:
• Source more efficient and intelligent network infrastructure solutions
• Deliver more functionality while keeping a close eye on costs
• Leverage network infrastructures that can be quickly and easily delivered, configured and maintained
Network and data security continue to be one of the most significant challenges System Integrators face. A 2020 review of data breaches exposed the U.S. government’s susceptibility to attack across all levels. The four most significant attacks included breaches into the Office of Personnel Management, the Department of Veteran Affairs, the National Archives and Records Administration, and the U.S. Voter Database.
Today’s federal government ICT networks are more complex than ever. Hardware and software for communications and computing, Internet of Things (IoT) devices that enable smart buildings, surveillance and security solutions, and heating, ventilation and air conditioning (HVAC), all connect to a main operations center either on premises or in the cloud. And with every connected device and access point a potential gateway into the network is created for any nefarious actors looking to infiltrate the network.
A secure and reliable supply chain
Secure networks require secure supply chains. Federal government departments must ensure that the suppliers they engage deliver the critical ICT elements through secure supply chains.
Two 2021, U.S. Executive Orders put a spotlight on ITC supply chains. The first resulted in eight recommendations from the Department of Commerce (DOC) and Department of Homeland Security (DHS) about how to strengthen supply chain resiliency. A key recommendation was to build resiliency through secure and transparent supply chains with “procurement and monitoring efforts such as implementing an Assured Supplier Program for PCBs for Federal Government and establishing a Critical Supply Chain Resilience Program at the Department of Commerce.” The second Executive Order created guidelines for enhancing software supply chain security, as well as minimum standards for vendors’ testing of their software source code..
The goal of these efforts is to reduce the potential for backdoor gateways into critical ICT infrastructures. What that means for System Integrators, however, is that the process of supplying ICT hardware and software to federal government agencies has become much more regulated and protected. System Integrators must now ensure that any solution they propose meets new secure supply chain requirements and standards before they can even respond to an RFP.
While System Integrators may find suppliers that can meet most or all the requirements, the challenge of finding a reliable and ongoing supply of hardware and software will continue for some time. The global semiconductor shortage further exacerbated already stressed supply chains, with some analysts predicting shortages will continue to affect most industries until 2024 or later.
Certified and compliant
In the U.S. System integrators must also ensure the products they deliver are certified to federal government standards. This means networking solutions proposed for Department of Defense (DOD) contracts must be on the Department of Defense Information Network (DoDIN) Approved Products List (APL). And to be on that list, all products must be certified to meet major security standards, such as the:
• International Common Criteria guidelines and specifications for IT security
• U.S. Joint Interoperability Test Command (JITC) compliance tests
• U.S. Federal Information Processing Standard (FIPS) 140-2
Although not all federal government RFPs require certification to meet specific DoD standards, System Integrators that can provide products that meet these certifications can count themselves in the game.
In addition to all of the above, the “Buy American” requirement adds yet another level of challenges. New rules dictate that federal procurement policies now require all purchases to have a higher level of “Made in America” products. Under the “Buy American” program, products must “have at least 60% of the value of components made in the U.S., up from the current threshold of 55%. The rules will increase that standard to 65% in 2024 and 75% by 2029.”
Delivering secure, compliant and flexible solutions
It goes without saying that providing ICT integrations to the U.S. federal government has changed significantly over the last few years. The right network solutions will be key to offering comprehensive integrations that enable the efficient exchange of information among government employees and with citizens, wherever they are. Alcatel-Lucent Enterprise’s partnership approach, exceptional professional services and track record delivering government ICT solutions has made us a trusted partner for System integrators around the world. Secure, compliant and flexible networks that provide a vital link to cloud-based applications are essential. The Alcatel-Lucent OmniSwitch family of products goes beyond supply chain and network security standards, are TAA-compliant, included on the DoDIN APL and certified to meet major security standards. Learn more about our network solutions for defense and civilian agencies, healthcare, transportation, aviation and justice.