Sources Sought Notice: DIU Multi-Factor Authentication Support Services

Subject: Sources Sought Notice: DIU Multi-Factor Authentication Support Services
Solicitation Number: SY05032021200
Notice Type: SRCSGT
NAICS: 518210
Notice Published: 05-03-21
Response Due: 05-07-21

Agency: Other Defense Agencies
Office: Washington Headquarters Services
Contact: Steven Yang This email address is being protected from spambots. You need JavaScript enabled to view it.
Office Address: WASHINGTON, DC 203011000
Place of Performance: Mountain View, CA 94043

Related Notices:
        05-07-21 SRCSGT

Click for official SAM (FBO) notice, additional information, and accompanying attachments

I. Introduction. THIS IS A SOURCES SOUGHT ANNOUNCEMENT ONLY. This notice does not constitute a commitment by the Government. All information submitted in response to this announcement is voluntary, and the Government will not pay for information requested nor will it compensate any respondent for any cost incurred in developing information provided to the Government. In order to proactively plan for future requirements, The Department of Defense (DoD), Washington Headquarters Services (WHS), Acquisition Directorate (AD) is conducting market research to locate qualified, experienced, and interested business concerns capable of providing Multi-Factor Authentication Services consisting of cloud network infrastructure and strong two factory authentication for the single sign-on (SSO) access in support of the Defense Innovative Unit (DIU). The Government is specifically performing Market Research to see if there are potential large or small business concerns capable of providing the services outlined in the Draft Performance Work Statement (PWS). Respondents will not be notified of the results of the sources sought evaluation. This is not a solicitation announcement. This notice neither constitutes a Request for Proposal, nor does it restrict the Washington Headquarters Services, Acquisition Directorate (WHS/AD) to the ultimate acquisition approach. No contract will be awarded from this announcement and requests for solicitation will not receive a response. No reimbursement will be made for any cost associated with providing information in response to this announcement. Any information submitted by respondents is strictly voluntary. All information received in response to this Sources Sought marked "Proprietary" will be protected and handled accordingly. Interested parties are responsible for adequately marking proprietary or competition sensitive information contained in their response. Responses to the Sources Sought will not be returned. Responders are solely responsible for all expenses associated with responding to this Sources Sought. The Government will not pay for information received in response to this Sources Sought. The results of this sources sought notice will assist the Contracting Officer in determining the best strategy for this procurement. Responses to this synopsis may also be used to aide in establishing realistic and achievable small business participation goals. The applicable North American Industry Classification System (NAICS) code assigned to this procurement is NAICS: 511210 Software Publishers. At this time, no solicitation exists. This acquisition has an estimated minimum dollar amount of $6,000,000.00 and an estimated maximum dollar amount of $7,500,000.00. The Government anticipates an award of a blanket purchase agreement with an estimated period of performance of five (5) years. II. Instructions. If your company is an interested large or small business that has the capability to perform Multi- Factor Authentication Services, please send the capability statement to the following contact listed below: Contract Specialist, Steven Yang, This email address is being protected from spambots. You need JavaScript enabled to view it. Contracting Officer, Kealon Wallace, This email address is being protected from spambots. You need JavaScript enabled to view it. No phone calls related to this Request For Information (RFI) will be accepted. All correspondence shall be via email. Responses must be submitted no later than Friday, May 7th, 2021 at 12:00 PM (Eastern Standard Time). Capability statements will not be returned. Please provide the following information: 1. A brief three to five page synopsis of similar work performed. 2. DUNS and CAGE Code Number. 3. Company name and address. 4. Company Point of Contact, phone number and email. 5. NAICS codes associated with the company. 6. If applicable, GSA contract number(s) and schedule(s). 7. Identify contracts your company has been awarded under NAICS: 511210 Software Publishers. Additional information on NAICS codes can be found at 8. Specific examples of prior efforts same/and or similar to Multi-Factor Authentication Services as outlined in the attached Draft PWS. 9. Recommended/suggested NAICS codes for this effort. 10. Recommended/suggested contract type. 11. Number of contracts currently held with the Government to include any Federal Supply Schedules listed under GSA Advantage. 12. Point of Contact, phone number, and emails of individuals who can verify the demonstrated capabilities identified in the responses. 13. Company must identify if they are a small business under the NAICS code identified for this RFI. Small business concerns must identify their small business category (Ex: 8(a), Service-Disabled Veteran-Owned, HUBzone, Small Disadvantaged, Veteran-Owned, or Women-Owned. 14. Respondents are limited to 10 pages. A minimum font size 12, left justified, and one inch margins all around. 15. Respondents must submit documents in Word or PDF format. Neither zipped files will be accepted nor telephone requests be honored. In addition to the above questions, interested vendors must address the following: Question 1. What are your current federal government certifications and what are your future federal government certification plans? Question 2. Describe your technology or platform default approach to authenticating users and what multi-factor authentication options do you support? Question 3. What malware scanning capabilities does your technology or platform have? Question 4. What strategy does your technology or platform implement for machine-based identity? Question 5. What is your strategy for post quantum cryptography scenarios? Question 6. What is your approach to NIST 800-63 FAL 3 compliance?