IT reseller challenges USDA’s ’20-year tradition’ of sticking with Microsoft
Google reseller Westwind Computer Products challenged the U.S. Department of Agriculture’s “20-year tradition of standardizing on Microsoft products,” in a successful protest of a sole-source procurement earlier this month.
For the second time, Westwind protested USDA‘s attempt to award a Solutions for Enterprise-Wide Procurement (SEWP) task order for productivity software to Microsoft because its requirement that offerers use Microsoft Enterprise was “unduly restrictive of competition.”
The Government Accountability Office sustained the protest on the grounds USDA failed to meet the Federal Acquisition Regulation (FAR) market research requirement to prove similar products like Google Workspace can’t be modified to meet its needs.
Based in Albuquerque, New Mexico, Westwind is a small, woman-owned, minority-owned, HUBZone-designated IT solutions reseller.
“We recommend that the agency either prepare a properly documented and supported justification, consistent with this decision and the FAR or, alternatively, obtain competition for the requirement without the brand-name restriction,” reads GAO’s decision issued Dec. 8.
USDA has yet to amend the solicitation or compete the task order, according to a person with knowledge of the situation. But Google projects its software would cost USDA $58 million over the contract’s five-year lifespan, compared to $170 million in Microsoft’s case.
Neither Microsoft nor USDA provided a comment by publication time.
The solicitation’s deadline for offerers was Aug. 31, as USDA’s existing Microsoft licenses were set to expire on Sept. 30. USDA cancelled its nearly identical, original solicitation, after GAO sided with Westwind on April 26, only to issue another brand-name justification effectively committing to using the Microsoft platform through March 31, 2026.
USDA said Microsoft products were “essential” to its COVID-19 relief, wildland firefighting and Supplemental Nutrition Assistance Program (SNAP) efforts, in its justification.
“Considering the current operational environment of maximum telework, and the additional usage and data it creates, it is estimated that it would take at least four years to migrate all the data,” reads the justification.
USDA further argued switching to a different software provider would prevent “timely” implementation of its zero-trust security architecture, as ordered by the White House.
The department proposed moving forward with the Microsoft contract and reevaluating IT enterprise solution requirements in 2022 with a “detailed technical assessment” of other products, prior to competing a new solicitation. Westwind said the assertion USDA wouldn’t exercise the contract’s four option years was “not believable,” and the proposal of a technical assessment was a “tacit admission” alternative solutions exist in the cloud marketplace, in its protest.
“The theme of USDA’s sole source justification is that it is too inconvenient and too risky to transition to a new platform,” reads the protest. “An agency’s desire to avoid what it perceives as the inconvenience of transitioning to a new software product cannot form the basis for a sole-source procurement — that would be antithetical to the clear requirements set forth in the Competition in Contracting Act to maximize competition.”
Google has a proven history of performing such transitions without service interruptions throughout the pandemic, without needing several years for compliance, the protest continues.
Westwind further argued that rapid shifts in cloud computing necessitate competing contracts, rather than promoting vendor lock-in — an issue GAO highlighted in a December 2018 report. GAO found agencies obligated more than $15 billion, or 30%, of annual IT contract spending on a noncompetitive basis between 2013 and 2017.
“Competition is a cornerstone of the federal acquisition system and a critical tool for achieving the best possible return on investment for taxpayers,” reads the report.
As for USDA’s argument switching from Microsoft would impact security, Westwind didn’t mince words when it came to the former’s “recent and well-publicized history of vulnerabilities and breaches” tied to its email service.
Microsoft was implicated in the SolarWinds breach that saw hackers infiltrate the email accounts of Treasury Department leadership, as well as the Exchange hack that victimized at least 30,000 U.S. organizations, small businesses and government officials, reads the protest.
“When implemented according to Google instructions, there have been no account compromises of Google’s zero-trust solution,” the protest continues. “By contrast, there were 100 vulnerabilities for Microsoft email products in the past 10 years.”