Important News:CryptoComply FIPS 140-3 Early Access Program is now open. Learn more!

The SafeLogic Blog

Tackling the Federal Procurement Conundrum

December 3, 2015 Walt Paley

Lt. Col. Scott Trail had a great editorial in National Defense magazine that I read recently. It was titled 'How to Unlock Innovation at the Defense Department'. Coming from a Defense and Aerospace Acquisition Team Lead, this was an interesting topic to be sure.

Trail delivered, as he didn’t pull any punches. He emphasized the need for speed and the real urgency of accelerating the schedule for procurement and deployment, lest we fall [arguably further] behind our global rivals. In fact, he asserts an opinion that we are spending too much time trying to make drastic improvements and we need to take a more agile approach.  Deploy and revise on a much shorter lifecycle, he says.  "Speed should be considered as a strategic enabler over fielding full capacity in a single step."  While Trail uses helicopters and amphibious transports as the examples from his area of expertise, the concept extends to smaller technology and definitely applies to software.

In our sphere, we see engineering teams that are so accustomed to the legacy FIPS 140-2 process that they automatically peg it for a future release barely on the horizon. They expect hundreds of man-hours and months of aggravation. They figure that since it used to take a year to a year-and-a-half, nothing that they build during that waiting period really matters for federal procurement. As a result, we get federal-specific software releases that are obsolete before they even get a SKU assigned, because the supported platforms are so old. Why? Because those were the relevant operating environments when the FIPS effort began.

Bottom line – it’s all too often that the software offered to the public sector is either old or non-compliant. What a conundrum! The product is updated for private use – quickly, frequently and effectively – but hasn’t received the proper testing for federal deployment. Unhelpful. The product earmarked for government has been updated, but slowly, sporadically and it’s frankly irrelevant by the time it has been revved. This is not competitive and it doesn’t help anyone!

FederalGraphicEvery production version of your solution should be ready for federal procurement. That’s our philosophy. You should be able to move at the speed of business, not on a timeline set by testing labs and consultants. The company that will win is the one that is able to sell their current product [yes, the one that marketing has described as “bleeding edge” and “next gen”] in real-time to federal, in full compliance with procurement requirements on the actual operating environments that are being used. We will be in 2016 in the blink of an eye. The fact that this is still being regarded as the stuff of sci-fi is just sad. We can do it today.

I’m not saying that SafeLogic is saving America… but I am saying that faster FIPS 140-2 validation yields faster product iterations, faster acquisitions and faster deployments. Soldiers and bureaucrats have the same appetite for current technology. Let’s give it to them as soon as possible. THAT is what will benefit our nation… and your revenue numbers.

Contact us for information on our lightning fast RapidCert FIPS 140-2 validations and how we can keep your certificate perpetually updated.  We're ready.

Walt Paley

Walt Paley

Walter Paley is the VP of Communications for SafeLogic. He is responsible for strategy, content, marketing, and outreach. Walt has worked with a series of start-ups and companies in growth stages, including Nukona (acquired by Symantec), Qubole, Bitzer Mobile (acquired by Oracle), and TigerText, among others. An Alumnus of the psychology program at UC San Diego, Walt lives in Southern California with his wife, kids, and their black lab, Echo.

Share This:

Back to posts

Popular Posts

Search for posts

Tags

See all