DOCUMENT
D -- iOS Management and Security - Attachment
- Notice Date
- 6/2/2011
- Notice Type
- Attachment
- NAICS
- 541512
— Computer Systems Design Services
- Contracting Office
- Department of Veterans Affairs;Technology Acquisition Center;260 Industrial Way West;Eatontown NJ 07724
- ZIP Code
- 07724
- Solicitation Number
- VA11811RQ0465
- Response Due
- 6/7/2011
- Archive Date
- 8/6/2011
- Point of Contact
- Brandon Utt
- E-Mail Address
-
8-5426<br
- Small Business Set-Aside
- N/A
- Description
- The purpose of this Request for Information is to search for qualified vendors capable of meeting the Department of Veterans Affairs requirement to define compensating controls to secure, manage, and protect Apple iOS devices. The Department of Veterans Affairs (VA), Office of Information & Technology (OIT), Office of Cyber Security intends to define compensating controls to secure, manage, and protect Apple iOS devices. Many of these controls have the potential to be managed through mobile device management (MDM) solutions. There are four primary areas that need to be addressed by this project; Access control, visibility, and security. The focus of this project is to determine if the Application Programming Interface (API) list released by Apple is sufficient for mitigating the lack of FIPS 140-2 encryption on the devices within VA's network environment. The project will also determine if the MDMs are able to provide management of custom VA applications the ability to manage and identify who has downloaded an application, testing the native MDM store app capabilities, and the development of an infrastructure for secure application development and distribution. The Contractor shall manage and conduct a pilot of two (2) MDM solutions in three (3) diverse sites for a period of three (3) months. The diversity of the sites shall include network diversity, topography, IT staff size, and medical staff size. The Contractor shall be responsible for determining if the native MDM capabilities are sufficient for mitigating the known security risks as defined by the OIT analysis study. The Contractor will also be responsible for design, development, and testing of a VA enterprise app store to regulate internal application access as well allowing the installation of consumer applications available on the iTunes App store. The Contractor shall perform comprehensive testing of the MDM enrollment and provisioning processes. The Contractor shall build profiles to the defined VA specifications, and provision the devices at each site for each MDM solution. The Contractor shall test the process, document the results and make recommendations to the VA. Apple has released an extensive list of Application Programming Interfaces (APIs) that allow MDM solutions to control many aspects of the iOS devices OTA. The Contractor shall test the following capabilities for each MDM solution. 1.Remote Wipe2.Password Enforcement3.Minimum Password Age 4.Max. Failed Passwords5.Require Numbers and Letters6.Inactivity Time in Minutes 7.Prohibit Simple Password8.Password History9.Policy Refresh Interval 10.Min. Number of Complex Characters11.Allow/Disable Camera12.Allow/Disable Web Browser 13.Require Manual Sync when Roaming14.Device Inventory15.Ownership Status 16.User Self Service (Invitation)17.Send Message18.Group Actions 19.Lock and Unlock Device20.App Control Policy21.Service Monitoring 22.App Install (through Links)23.ActiveSync Policies24.Enforce Encryption The Contractor shall document the performance results of each of the above functions for each site and MDM. The Contractor shall identify and test any other unique capabilities and /or functionality for each MDM solution, test those capabilities, and provide a report documenting the performance, differences and results and benefits to VA. The Contractor shall perform a technical assessment of the capabilities and effectiveness of the MDM's ability to detect individuals "jail breaking" their devices as well as an assessment of any Intruder detection capabilities present within the MDM solutions. One of the key factors for success of mobile smartphone platforms has been the robust mechanism for easily distributing apps to the devices. The iTunes Store and others like it have enabled consumers to find and download apps over the air in a manner that is simple, fast, and reliable. As VA begins to deploy custom developed apps, having a similar sort of "store" for private app distribution is a critical component of the mobile architecture to manage and control what applications are provided to users. VA also requires a uniform development and testing framework for government development of iOS applications. The Contractor shall design, develop, and test a private application store to deliver custom VA applications to the iOS devices over the air (OTA). The Contractor shall evaluate the MDM solutions identified above regarding their software components in support of an enterprise app store. Based on the VA review of findings, the Contractor shall supplement security, access, and publishing controls and capabilities. The NAICS code for this effort is 541512. The period of performance is expected to be a 3-month Base Period. This is a request for information only. This is not a solicitation announcement. Please submit a brief technical capabilities statement if interested. Questions may also be submitted to Sharon Fernandes at Sharon.fernandes@va.gov through 5:00pm EST, June 7th 2011.
- Web Link
-
FBO.gov Permalink
(https://www.fbo.gov/notices/a4080b84dde6b2289725a6dd98c3ea29)
- Document(s)
- Attachment
- File Name: VA118-11-RQ-0465 VA118-11-RQ-0465.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=206559&FileName=VA118-11-RQ-0465-000.docx)
- Link: https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=206559&FileName=VA118-11-RQ-0465-000.docx
- Note: If links are broken, refer to Point of Contact above or contact the FBO Help Desk at 877-472-3779.
- File Name: VA118-11-RQ-0465 VA118-11-RQ-0465.docx (https://www.vendorportal.ecms.va.gov/FBODocumentServer/DocumentServer.aspx?DocumentId=206559&FileName=VA118-11-RQ-0465-000.docx)
- Record
- SN02462213-W 20110604/110602234442-a4080b84dde6b2289725a6dd98c3ea29 (fbodaily.com)
- Source
-
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |