Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
SAMDAILY.US - ISSUE OF MARCH 25, 2022 SAM #7420
SOLICITATION NOTICE

70 -- Market Survey for Office M365 Data Migration by third party vendor from Proofpoint

Notice Date
3/23/2022 5:40:51 AM
 
Notice Type
Presolicitation
 
NAICS
541511 — Custom Computer Programming Services
 
Contracting Office
692M15 ACQUISITION & GRANTS, AAQ600 ATLANTIC CITY NJ 08405 USA
 
ZIP Code
08405
 
Solicitation Number
RFI_M365_DATA_Migration
 
Response Due
4/22/2022 2:00:00 PM
 
Point of Contact
Elizabeth Ford Ochs, Phone: 6094855557
 
E-Mail Address
elizabeth.a.ford-ochs@faa.gov
(elizabeth.a.ford-ochs@faa.gov)
 
Description
1.0 ��PURPOSE AND INTRODUCTION: This announcement is a Market Survey.� This announcement is NOT A SCREENING INFORMATION REQUEST (SIR) or REQUEST FOR PROPOSAL (RFP).� Further, the FAA is not seeking or accepting unsolicited proposals.� The FAA will not pay for any information received or costs incurred in preparing the response to the market survey.� Any costs associated with the market survey submittal is solely at the interested vendor�s expense. Please read the entire Market Survey carefully.�� The FAA is seeking industry capability statements and technical solutions to determine the existence of any viable commercial solutions present in the current marketplace and to help determine the proper acquisition strategy for this requirement. No notification about the outcome of this Market Survey will be released except as deemed appropriate in the FAA�s sole discretion. The FAA is interested in the capabilities of both small and other than small businesses to perform the services and is particularly interested in the capabilities of small business and strongly encourages responses from those businesses. This Market Survey does not guarantee that a solicitation or procurement of any kind will be issued, and it should not be construed as a commitment by the Government to enter into a contract. If a solicitation is issued, it will be announced on the Government's Contract Opportunities web page at SAM.gov. Any interested party should monitor this site for the release of any such solicitation. Respondents to this Market Survey are referred to herein as �you�, �Vendor�, or �Vendors�. 2.0 ��BACKGROUND:� The FAA utilizes products provided by Microsoft pursuant to a combination of FAA-licensed Microsoft M365 E3 and Microsoft M365 E5 subscriptions hosted in Microsoft�s Government Community Cloud (GCC).� Several components of the M365 E3 / E5 products enable FAA�s employees to create, store, transmit, and delete email, chat messages, audio files, video files, and other file types. The FAA has a need for a vendor-provided, FISMA-accredited data migration services to ingest 8 years of historic archived data from a third party vendor, Proofpoint to M365 Exchange on-line archive in the FAA�s production tenant.�� Currently, the FAA utilizes an email archiving service provided by Proofpoint, Inc., via the services of third-party integrators, which includes: Capture of all messages, using Exchange Online journaling, before they are delivered to the end users� mailboxes. Transmittal of those messages to, and storage at a data center operated by Proofpoint.�� The FAA currently utilizes the services of General Dynamics Integration Technology (GDIT) as the integrator for Proofpoint services.� There are approximately 64,000 active and 55,000 inactive Exchange Online user accounts at this time whose data is retained in Proofpoint�s archiving service pursuant to the FAA�s record retention requirements. 3.0 DATA MIGRATION REQUIREMENTS �3.1 Data Migration Requirements The FAA requires the migration of existing journaled archived messaging data (approximately 350 terabytes single-instance, de-duplicated data) from the Proofpoint data center into Microsoft M365 Exchange Online archive in the FAA�s production tenant. The data is comprised of approximately 118,000 email accounts, both active and inactive, meeting invitations, and files attachments in emails. � FAA archiving and retention policies must be applied during and post data-migration, while maintaining the metadata integrity associated with each email.� Retention tags on custodial emails currently tagged in the Proofpoint data center must be retained upon migration into Exchange Online archiving.� Data must be indexed and be available for e-discovery searches and reports. Existing data format must be maintained upon migration completion. Detail the options and approach(es) for ingesting ProofPoint data in M365. Eliminate duplicates from ingested archive data from Proofpoint with existing email residing in user's primary mailbox or online-archive. Proofpoint archive data ingested into M365 online archives are viewable and accessible by end-users, as opposed to being available only to admins for e-discovery or Compliance searches. Legal holds configured in Proofpoint must be preserved or recreated in M365 as part of migration or post-migration process. Options/ capability to perform legal and compliance searches against recalled/staged Proofpoint archive data prior to ingestion into M365.� Detail the options and approach(es) for retrieving/recalling data from Proofpoint. 4.0�� SUBMITTAL REQUIREMENTS AND INSTRUCTIONS:� � The FAA is requesting that interested Vendors provide a capability statement and a high level summary of effective solutions for the following:� 1. Data Migration (see Section 5, below) 2. Technical Approach and Security Compliance (see Section 6, below) 3. Describe the pricing schemes you would offer in providing the requirements identified in Sections 5 and 6, below.� For example: flat rate pricing; pricing per terabyte or other unit of storage, or other schema or combinations of schemas. The submission must follow the outline below and be limited to a combined total of ten (10) pages. Market Survey responses must be submitted via electronic mail (email) to the Contracting Officer, Elizabeth Ford Ochs at Elizabeth.a.ford-ochs@faa.gov, no later than April 22, 2022 by 5:00 pm ET.� Questions must be submitted in writing prior to the closing date and directed to elizabeth.a.ford-ochs@faa.gov. The FAA encourages Vendors to submit comments and suggestions regarding this effort.� Comments and suggestions must be provided separately from the Capability Statement and are limited to a combined total of five (5) pages. A vendor's failure to respond to this Market Survey will not exclude a vendor from the competition.� Any information provided under this Market Survey is for informational purposes only and will not be released to the public except as required under the Freedom of Information Act (FOIA) or any other applicable law, regulation and/or policy. Any proprietary information submitted must be conspicuously marked as proprietary. The Government, to the extent permitted by law and regulation, will safeguard and treat information obtained pursuant to the vendor's disclosure as confidential where the information has been marked 'confidential' or 'proprietary' by the company. The Government may transfer documents provided by the vendor to any department or agency within the Executive Branch if the information relates to matters within the organization's jurisdiction. 5.0 DATA MIGRATION CAPABILITIES Provide a high-level summary of how the data migration requirements identified in Section 3.0, above would be met. 6.0 TECHNOLOGY AND SECURITY CAPABILITIES � Provide a high-level summary of an effective solution by addressing items in paragraph 6.1 Technology Employed, and how the Security Requirements in paragraph 6.2 would be met. 6.1 Technology Employed Describe the technology that Vendor�s migration service will employ to fulfill each of the requirements in Sections 5 and 6, above. Explain the architecture and process flow of data migration including but not limited to data preparation, staging areas, actual transfer of data, rate of transfer and data preservation techniques. Explain the implementation and post-implementation operations approach for setting up the Vendor�s migration service for FAA.� For example, will both the implementation phase and post-implementation operations phase be solely performed by the Vendor?� Or, are the services of a third-party integrator required for the implementation and post-implementation operations phases?� Or some other approach? Will the data be transmitted and stored at an interim location in the Vendor�s own cloud, or in some third-party cloud?� If a third-party cloud is required, please indicate which one(s). Identify all assumptions, tasks, capabilities, equipment, infrastructure that would require FAA resources for your data migration approach. �6.2 Security Capabilities Provide a high-level summary of how each of the following Security Requirements would be met: A secure, encrypted transmittal of data in transit for this data migration. If your approach requires data to be stored in an interim storage prior to injection into Exchange on-line archiving, provide information on the security and encryption of data at rest and data in transit during injection into Exchange on-line archiving. �Data currently hidden from end-users in Proofpoint needs to be migrated and hidden once injected into Exchange on-line archiving. Describe your process and capabilities to meet this requirement.� Ensure that fidelity and chain-of-custody for the data migrated from Proofpoint to Exchange on-line archiving. A migration service that complies with National Archives and Records Administration (NARA) requirements applicable to the operation of an archiving system. A migration service that complies with NARA requirements applicable with Universal Electronic Records Management (ERM) requires, v2.x or greater.� � A migration service that provides periodic backup, recovery, and refresh operations. A migration service that supports the export of content to DoD 5015- or NARA-compliant repositories for items requiring records classification, all as stipulated through FAA requirements.� Comply with the requirements of the FISMA and NIST standards for Moderate Impact systems (as defined by NIST Federal Information Processing Standard (FIPS) 199 and NIST SP 800-53, latest, currently Rev 4); and meeting FedRAMP requirements if cloud solution.� Supply the FAA�s Cyber Security Management Center (CSMC), Office of Investigations, or the U.S. Computer Emergency Readiness Team (US-CERT) with access to security logs and other incident information in accordance with US-CERT reporting requirements specified in the US-CERT Federal Incident Reporting Guidelines to investigate potential security events.� Comply with International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27001:2005 and 27002:2005. �� The Archiving Service and the Vendor�s cloud service provider (CSP) must be FedRAMP certified.� Please provide the relevant FedRAMP ID(s) with your technical approach. Use a FedRAMP approved independent third party to perform an initial security assessment of the cloud service and on-going monitoring of controls.� Provide the necessary information for use by the FAA in moving towards compliance with NIST Special Publication 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. Comply with FedRAMP requirements. Provide and maintain the following artifacts: Privacy Threshold Assessment (PTA)/Privacy Impact Assessment (PIA) FedRAMP Security Authorization Documents Security Assessment Report Security Plan Plan of Action and Milestones (POA&M) Continuous Monitoring Plan FedRAMP Monthly Continuous Monitoring submittals 7.0 LOCATION OF WORK (ANTICIPATED) Work is anticipated to be performed at the contractor�s facility. 8.0 PERIOD OF PREFORMANCE (ANTICIPATED) TBD 9.0 NORTH AMERICAN INDUSTRY CLASSIFICATION SYSTEM (NAICS) CODE The North American Industry Classification System (NAICS) code for this procurement is expected to be 541511 (Custom Computer Programming Services) with a size standard of $30 million. OTHER:� The FAA may request that one, some, all, or none of the respondents to this Market Survey provide additional information. No evaluation of vendors will occur based on this additional information, and vendor participation in any informational session is not a promise for future business with the FAA.
 
Web Link
SAM.gov Permalink
(https://sam.gov/opp/27420cf651644d038cc5510e3de14ee1/view)
 
Place of Performance
Address: USA
Country: USA
 
Record
SN06277045-F 20220325/220324211508 (samdaily.us)
 
Source
SAM.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's SAM Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.