DISA provides IT solutions to the Department of Defense (DOD). The five-year contract will include cloud storage, database and Web hosting, and virtual machines. “The resulting task order awards shall provide DISA ES [Enterprise Services] the ability to acquire the Commercial Infrastructure as a Service (C-IaaS) in a secure environment,” read the project description published by the agency, “with state-of-the-art global commercial cloud hosting capabilities to meet new/emerging DOD mission partner requirements.” As the project evolves, the DISA will want to add Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) features.
The contractor will also need to integrate tools for monitoring cloud usage, resolving incidents, provisioning and configuring resources, and keeping the whole system locked down to the government’s exacting specifications. The resulting platform must comply with FedRAMP and DISA information security and privacy requirements.
Government clouds have become an active battleground for tech companies seeking lucrative contracts. For example, IBM and Amazon have been locked in fierce combat for a $600 million contract to provide the CIA with a cloud—a contract that Amazon won, only to have the Government Accountability Office (GAO) ask the CIA to re-evaluate its decision after IBM filed a complaint.
IBM, Google and Microsoft have provided the government’s IT for quite some time, and battles between them over federal contracts is nothing new. But Amazon is relatively new to the federal contracting space, despite its extensive background in offering cloud and data services to private companies. If Amazon Web Services becomes more of a government player, it wouldn’t just complicate life for other tech companies that depend on taxpayer-funded contracts—it could encourage other firms to plunge into the government-IT space for the first time.
Whatever company wins the new DISA contract, it may also have to deal with increased public focus on the government’s IT infrastructure. The federal government currently faces widespread protest and criticism over the NSA’s surveillance of digital communications. Earlier this month, The Guardian and The Washington Post posted top-secret documents (provided by former CIA employee Edward Snowden) describing an NSA project codenamed PRISM, which allegedly siphons information from the databases of nine major technology companies. (In emails to Slashdot and other media outlets, as well as postings on their respective corporate blogs, many of these companies have denied involvement with PRISM.)
In theory, any company that provides infrastructure to a government agency involved in defense or intelligence work could find itself wrestling with the very public fallout of a Snowden-style leak (or other incident). But the prospect of hundreds of millions of dollars in contracts could make such trouble well worth it.