The document outlines an amendment to a solicitation by the Federal Deposit Insurance Corporation (FDIC) regarding a two-factor authentication (2FA) solution for its Extranet Identity Management (EIDM) system. Key components involve extending the offer due date to December 30, 2024, and updating the Statement of Work (SOW) to include a Control Assessment Schedule. The 2FA service aims to ensure secure access for external users and integrates with existing FDIC systems while requiring compliance with various security standards. Essential requirements for the service include 99.9% uptime, administrative capabilities, and disaster recovery provisions. The contractor must also provide a subject matter expert, support for users, and detailed deliverables including ongoing security assessments and documentation. Overall, this amendment indicates FDIC's commitment to enhancing security and managing external relationships in a rapidly evolving technological landscape.
The document outlines a Request for Proposal (RFP) from the Federal Deposit Insurance Corporation (FDIC) for Thales Hardware Maintenance and Support Services related to a two-factor authentication (2FA) solution. The primary goal is to ensure secure access for external users to FDIC resources, thereby safeguarding data integrity.
Key components include:
- Provision of vendor-hosted 2FA services, integrating with existing Identity Management solutions and supporting various authentication methods (hard tokens, SMS, etc.).
- The contractor is required to ensure system availability (99.9%), user support, and compliance with stringent security regulations (e.g., FIPS 140-2).
- Specific deliverables include a functional 2FA platform across different environments, regular status reports, and documentation for user registration and system configuration.
The proposed period for performance spans from March 1, 2025, to February 28, 2029, with mandatory inspections and acceptance criteria set by the FDIC. The process also mandates a rigorous security assessment and authorization review.
This document serves as a critical framework necessary for upholding the security of FDIC's external interactions, thereby reinforcing its mission of maintaining public trust in the financial system while ensuring compliance with federal standards.
The document pertains to the FDIC's Pre-Award Risk Management (SCRM) Information, focusing on essential requirements for potential offerors in federal solicitations. It emphasizes the importance of accurately identifying the status of the offeror as either an Original Equipment Manufacturer (OEM), Aftermarket Manufacturer (AM), or Authorized Supplier. Failure to provide this designation may lead to disqualification from the award process. The document requests detailed information, including solicitation numbers, product specifications, and the names and addresses of manufacturers and subcontractors involved. This structure highlights the procedural aspects of government procurement, reinforcing accountability and transparency within federal RFPs and grants.
The document outlines a Request for Proposal (RFP) for the Thales hardware maintenance and support services. This service pertains to the Federal Deposit Insurance Corporation (FDIC) Enterprise Identity Management (EIDM) 2FA solution, ensuring secure external user authentication for access to critical FDIC resources, such as FDICConnect and Examination Tool Suite.
The document details a price schedule divided into various line items categorized as hardware maintenance and services, including costs for authentication services, hard token purchases, SMS messaging, bandwidth provisions, and related IT infrastructure components.
The requirements specify a total service period from March 1, 2025, to February 28, 2029, with options for continued support in subsequent periods. These provisions underscore the FDIC's emphasis on maintaining a robust security framework to protect its systems and data from unauthorized access.
Overall, the document is structured to provide detailed pricing and performance expectations for potential vendors, thus illustrating the FDIC’s commitment to securing its operational integrity through robust two-factor authentication protocols.