Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF NOVEMBER 08, 2008 FBO #2539
SOURCES SOUGHT

70 -- Email Retention and eDiscovery Software Solution

Notice Date
11/6/2008
 
Notice Type
Sources Sought
 
NAICS
423430 — Computer and Computer Peripheral Equipment and Software Merchant Wholesalers
 
Contracting Office
Social Security Administration, Office of Budget, Finance, and Management, Office of Acquisition and Grants, 1st Floor, Rear Entrance, 7111 Security Blvd., Baltimore, Maryland, 21244
 
ZIP Code
21244
 
Solicitation Number
SSA-RFI-09-KHC1
 
Response Due
12/8/2008
 
Archive Date
12/23/2008
 
Point of Contact
Katie Cooney,, Phone: 4109659476, Jane W Quinn,, Phone: 4109659588
 
E-Mail Address
katie.cooney@ssa.gov, jane.quinn@ssa.gov
 
Small Business Set-Aside
N/A
 
Description
The Social Security Administration (SSA) seeks an enterprise-level e-mail retention, archive, and eDiscovery electronic records management (see footnote 1) non-hosted solution. The system should easily integrate into the current network and electronic messaging infrastructure and may be either a software or hardware solution, or combination of both. The SSA electronic messaging infrastructure consists of a distributed Microsoft Exchange server topology, centralized internet and specialized messaging infrastructures. In addition, it should comply with all applicable National Archives and Records Administration (NARA) directives, federal and agency directives as specified. SSA’s network is world-wide in scope and includes approximately 100,000 computer workstations comprised of multiple platforms. The wide-area network is a router/switch based Ethernet architecture supporting the current client/server software architecture model. The solution must be able to operate within a Microsoft Windows/Exchange, Storage Area Network and Active Directory infrastructure. Internet gateways are Unix-based using Sophos, PureMessage for filtering. Client access is through Microsoft Outlook, Outlook Web Access and Blackberry hand-held devices. A. Mandatory Federal Specifications, Regulatory Policies and Directives – The solution must provide: 1) Compliance with NARA Standards: 36 CFR 1234.24 and 36 CFR 1222.34. Reference: NARA Bulletin 2008-05 Guidance Concerning Use of E-mail Archiving Applications to Store E-Mail http://www.archives.gov/records-mgmt/bulletins/2008/2008-05.html. 2) Compliance with the Design Criteria Standard for Electronic Records Management Applications, DOD 5015.2-STD (v.2) (see footnote 2)(http://jitc.fhu.disa.mil/recmgt/standards.html), which has been endorsed by the Archivist of the United States for civilian agency use (http://www.archives.gov/records-mgmt/bulletins/2003/bulletin-2003-03.html). 3) Compliance with Office of Management and Budget (OMB) http://www.whitehouse.gov/omb/memoranda/ Policies and Directives: • M-04-16 Software Acquisition Memo; • M-06-16 Protection of Sensitive Agency Information; • M-08-15 Tools Available for Implementing Electronic Records Management. 4) Compliance with other Federal Directives: • Section 508 for the disabled; • Sarbanes-Oxley (SOx) for effectively managing risk by ensuring data is adequately protected from damage or tampering; • Federal Information Security Management Act of 2002 (FISMA) to ensure system security. • Must meet National Institute of Standards and Technology (NIST) Common Criteria for related functions and be submitted for certification within one year of purchase; • Privacy Act of 1974 for systems of records containing personal identifying information (PII); • Health Insurance Portability and Accountability Act (HIPAA) of 1996 to ensure the security and confidentiality of patient health information. 5) References from similar non-hosted installations (at least 1 Federal and 2 State or equivalent –type commercial organizations) employing a minimum of 50,000 employees in a distributed architecture Storage Area Network (SAN) E-mail environment using Microsoft desktop and Exchange software. B. Mandatory Agency Specifications, Policies and Directives – The solution must provide: 1) The system must be customizable to accommodate Agency-specific security, archiving, retention and disposition requirements. 2) All data, system/management and administration must remain within the SSA network and behind Agency firewalls. This will not be a hosted solution. 3) The archiving system must be scalable (for both numbers of users, data and repository size) so that it can be extended incrementally as SSA’s archiving requirements grow. 4) Provide 24x7 (365 days per year) premiere-level technical support via telephone access. Response time for critical production issues: 2 clock hours; Response time for minor issues: 6 business hours (business hours are 7:00AM-6:00PM Eastern Time). 5) Integration and interoperability: • With existing Wide Area Network (WAN)/Local Area Network (LAN) and E-mail infrastructure: client/server Operating System is Microsoft Windows XP Professional/Windows 2003 Server moving to Microsoft Windows Vista/Windows Server 2008, Microsoft Exchange 2003/2007; • With existing Microsoft Active Directory, E-mail clients and desktop environment: Microsoft Outlook 2003/2007, Microsoft Office 2003/2007, Microsoft Outlook Web Access 2003/2007 and Research In Motion (RIM) Blackberry hand-held devices. 6) Capability to have various archiving methods (based on record classification/groupings). 7) Ability to set retention periods based on specified criteria, policy, time and event-based rules. 8) Capability to flag messages and associate with appropriate classifications at different levels within the software. 9) Record Date format will be specified as: MM/DD/YYYY. [Pending policy determination] 10) Ability for automatic deletion of transitory E-mails – Refer to http://www.archives.gov/records-mgmt/ardor/grs-trs15.html and Item 7 in GRS 23, http://www.archives.gov/records-mgmt/ardor/grs23.html. 11) Ability for metadata storage and retrieval to include: content changes, dates of changes, individuals who made changes, and any other metadata useable to determine final vs. draft. 12) Ability to produce Management Information (MI) such as: monitoring statistics and user specified reports. 13) Auditing capabilities to track and report access to archived records. 14) Ability for the Data Structure in the Archival System to include: the message in its original E-mail format; an index of E-mail content; all relevant Metadata (see #11). 15) Use Single Instance Storage (SIS) technology to store the messages and attachments in the archival system. Capture and archive all E-mail messages/ attachments, entering and leaving the agency, as well as messages between users on an E-mail server as unique, indexed records. 16) Use MD5 Hash, i.e., original set or fingerprint technology to allow accurate de-duplication of files (potentially reducing population of the Archive by a large percentage) and creates a “fingerprint” of the file at that exact time. 17) Use Linkage technology to maintain the integrity of Parent/Child Relationship between the message and attachment documents. 18) The system must be capable of full text indexing. 19) The archiving system must provide access to archived mail in the following clients: • Microsoft Outlook 2003/2007; • Microsoft Outlook Web Access 2003/2007; • Browser-based (Microsoft Internet Explorer 6/7) access. 20) Archival Functionality: • Batch, Bulk Load, or Global archiving (used primarily for search and automatic data import into the repository of existing messages); • Real time archiving (used primarily for new messages, date and event-driven storage into the repository); • Ability to set archival date based on specified criteria, established File Plan or Policy; • Capability for streamlining the E-mail transfer process based on varying personnel actions and/or events (i.e. separation from agency, retirement, termination of employment, end of fiscal year, etc.); • Consolidating and preserving Personal folder (.pst files) and Archive files (E-mail and related files stored on file server, workstation or Compact Disk/Digital Video Disk) into the Archive Store so that they can be managed centrally, by component, and still retain individual discretion to add files/messages as needed; • Provide personal data store migration tools and temporary offline local store option to eliminate the storage of E-mail messages outside the control of the archive system (i.e. no more Personal Folders); • Provide the ability to compress content before storing it; * Provide mailbox management and compliance supervision functions. 21) eDiscovery Functionality: • Must have the capability to Bates Stamp E-mails exported for legal proceedings; • Must have the capability to perform Litigation Holds of E-mails and records, including retaining these records in their authentic state even if their disposition date has passed; • Must be able to perform Redaction on records that have been identified during the eDiscovery process. 22) Search Functionality: • Must have the ability to perform Boolean mode searches; • Must have the ability to perform keyword searches; • Must have the ability to search the results of searches. 23) Must have the ability to set Retention Policy: • According to criteria established by SSA; • According to component need; • According to event or personnel triggers; • With limited personnel able to change policy settings. C. Optional or Requested Specifications - The solution should provide: 1) Product installation methods: vendor installation or customer installation (with proper training). 2) Training and documentation to support routine Administration for Agency administrative personnel. 3) Provide on-site support services within 24 hours. 4) Annual support/maintenance/upgrade at a cost not to exceed 15 percent of original purchase price. • Annual technical support in compliance with Section B4. • Annual product software maintenance/upgrade during the covered period at no additional cost. 5) Monitoring of user accounts. 6) Customizable reporting capability. 7) Ability to import E-mails from cc:Mail DB5 and DB6 era archived files. 8) Minimal or/no configuration of rule sets at firewall. 9) Customizable content filtering. 10) Integration with Voice Over Internet Protocol (VOIP). 11) Extensible to incorporate additional real-time communication technologies (e.g. Instant Messaging, chat log, etc). in a field delimited format for ease of data extraction and utilization by multiple applications (i.e. Delimited Text File, Comma-Separated Values (CSV); XML). 12) Extensible to incorporate additional serial messaging communication technologies (e.g. Wiki, Blog, Discussion Groups, Bulletin Boards/Forums, etc.). 13) Extensible to integrate with enterprise content management (collaborative web sites, SharePoint, etc.) and enterprise records management systems. 14) Ability to save searches. Any firm that feels they have the capability of providing a product that meets the requirements listed above must respond, in writing, within 30 days of this notice. Responses must be specific as to the product proposed. Vendors may submit pricing data. This is not a request for proposal and the Government does not intend to pay for information submitted. The Government will not award a contract based on responses received; however, SSA will use this information to assess capable sources. SSA will not provide acknowledgement of responses received. Responses must be addressed to the following office: Social Security Administration - OAG 7111 Security Blvd. 1st Floor, Rear Entrance Woodlawn, Md. 21224-1811 Attention: Katie Cooney Responses should refer to Synopsis Number SSA-RFI-09-KHC1. FOOTNOTES: 1 The National Archives and Records Administration (NARA) defines electronic record management systems as "a system that meets an agency's record keeping needs...an electronic information system in which records are collected, organized, and categorized to facilitate preservation, retrieval, use and disposition (36 CFR 1234.2). An electronic system that will ensure that the records it maintains will have sufficient authenticity and reliability to meet all of the agency's record keeping needs." 2 The DOD’s 5015.2 standard sets minimum functional requirements for ERM applications. It specifies design criteria needed to identify, mark, store and dispose of electronic records. Its function is to specify mandatory and optional design requirements that a commercial off-the-shelf (COTS) product must support before federal organizations could use it. It does not define how agencies manage electronic records or how an ERM program is to be implemented.
 
Web Link
FedBizOpps Complete View
(https://www.fbo.gov/?s=opportunity&mode=form&id=fe606c72e1c8bd7bcd8982ac20561df2&tab=core&_cview=1)
 
Place of Performance
Address: 3200 Lord Baltimore, Baltimore, Maryland, 21244, United States
Zip Code: 21244
 
Record
SN01701566-W 20081108/081106214720-fe606c72e1c8bd7bcd8982ac20561df2 (fbodaily.com)
 
Source
FedBizOpps Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  Jenny in Wanderland!  © 1994-2024, Loren Data Corp.