U.S. Customs and Border Protection is seeking potential partners to help manage much of the agency’s IT infrastructure and applications in the commercial cloud, according to a July 10 request for information.
CBP plans to acquire cloud infrastructure as a service (IaaS), platforms as a service (PaaS), software as a service (SaaS), and any additional “as a service” offerings directly from multiple commercial cloud service providers. This will enable the agency to “modernize and innovate the way software and data are built, deployed and managed within CBP’s current capability and as future offerings become available,” according to a corresponding statement of objectives (SOO).
The goals for the initiative include automating much of the work for deploying software applications and operating their supporting infrastructure, implementing modern microservice web frameworks that rely on application programming interfaces (APIs), building portable applications that can be deployed just as easily in the cloud or in on-premises environments, implementing sophisticated identity and access management controls, and improving the security and resiliency of the agency’s IT infrastructure, the SOO states.
The agency, responsible for preventing unauthorized individuals, goods, and trade from entering the U.S., hasn’t offered a projected value for the contract. But based on the scope of work described in the SOO and the size of CBP’s current cloud footprint, Bloomberg Government estimates that it could generate $500 million to $750 million over ten years.
Homeland’s Enterprise Cloud Migration
The proposed commercial cloud contract represents a major development in the Department of Homeland Security’s enterprisewide cloud migration. In February 2019, DHS unveiled an ambitious proposal to shutter one of its two on-premises data centers, Data Center 2, rationalize its application portfolio, and shift the majority of its workloads to the commercial cloud.
DHS’s plan called for a multi-vendor, multi-cloud strategy that would put considerable decision making authority in the hands of DHS sub-agencies, including CBP, the Transportation Security Administration (TSA), U.S. Customs and Immigration Services (USCIS), and the Cybersecurity and Infrastructure Security Agency (CISA).
CBP had previously announced in March 2018 its intention to migrate its entire application portfolio out of Data Center 2. Its July 10 RFI represents the boldest step to-date toward DHS’s enterprise cloud migration strategy and will likely add millions of dollars per year to CBP’s cloud computing footprint.
Effect on CBP Cloud Initiatives
CBP’s commercial cloud initiative will both augment and centralize management of the agency’s existing suite of cloud programs. Cloud-related spending at CBP has grown rapidly over the last half-decade, with contract obligations increasing from $10.5 million in fiscal 2015 to $58.2 million in fiscal 2018, according to BGOV’s market definition. The agency has already obligated $58 million on cloud services through three quarters of fiscal 2019, with more spending expected in Q4.
Acquiring tools for managing its proliferating suite of cloud solutions appears to be a top priority for CBP officials. CBP already relies on cloud infrastructure from all five U.S. hyperscale cloud providers – Amazon Web Services Inc., Microsoft Corp., International Business Machines Corp., Oracle Corp., and Google Inc. – as well as cloud software offerings from companies such as Salesforce.com Inc., ServiceNow Inc., Zoom Inc., and Presidio Inc, according to the RFI.
The SOO outlines a set of cloud management capabilities, including the provisioning of an inter-connection point that offers users secure “single hop” connectivity between multiple cloud environments and the core CBP network. The ability to control multiple cloud platforms and pivot between them from a single access point has emerged as a key requirement not only for CBP and DHS, but also for the Central Intelligence Agency with the announcement of its multi-cloud Commercial Cloud Enterprise contract that is potentially worth “tens of billions” of dollars.
Spurred on by interest from public sector and enterprise customers, some of the cloud market’s largest players have made big bets on multi-cloud management technologies. Some have speculated that IBM’s $34 billion acquisition of Red Hat Inc. was driven by its desire to corner the market for hybrid cloud and multi-cloud management. Google followed in April 2019 with the launch of a competitive offering, Anthos.
A top priority for the RFI is to solicit advice on CBP’s acquisition strategy. The agency plans to “establish a flexible contracting vehicle(s) that provides the integration of multiple public-sector resellers, keeps pace with the complexities of cloud migrations and new technology offerings, and delivers optimal pricing to meet CBP’s mission needs,” according to the RFI.
The suite of contract vehicles under the umbrella of Enterprise Acquisition Gateway to Leading Edge Services (EAGLE) Next Generation is one option for CBP. In December 2018, DHS chief procurement officer Soraya Correaannounced that instead of competing a direct follow-on to EAGLE II, DHS would “balance the use of existing governmentwide acquisition contracts (GWACs),” such as Schedule IT-70 and Alliant, “in conjunction with the creation of a portfolio of IT services contract vehicles with specialized, targeted scope.”
Interested parties have until Aug. 1 to respond to the RFI by submitting answers to an attached questionnaire and a 10-page white paper outlining their cloud capabilities. CBP expects to issue a request for proposal by the end of the first quarter of fiscal 2020, with an award expected sometime in Q2 2020.
Chris Cornillie is a federal market analyst with Bloomberg Government.
To contact the analyst on this story: Chris Cornillie in Washington at firstname.lastname@example.org