OMB finalizes acquisition language for standard desktop configuration
Agencies must include provisions by June 30 in all procurements.
The Office of Management and Budget yesterday gave agencies the basic language they will be required to use in all procurements after June 30 to ensure they are purchasing hardware and software that meet a standard Windows desktop configuration. The Office of Federal Procurement Policy also will work with the Federal Acquisition Regulations Council to update the section of the guidance to include the standard desktop configuration requirements, Paul Denett, OFPP administrator, and Karen Evans, OMB’s administrator for IT and e-government, wrote in a memo to chief information officers and chief acquisition officers. OMB issued a memo March 22 requiring agencies to move to the standard desktop by Feb. 1, 2008, for Windows XP and Vista. Agencies were to have submitted their implementation plans to OMB by May 1 and have until the end of this month to begin putting requirements in acquisitions. OMB, the National Institute of Standards and Technology, and the Homeland Security Department hoped to have released the basic configuration by April 20, but it hasn’t been finished yet. Multiple sources said coming to a standard Windows XP and Vista desktop has been more difficult than first imagined. “The NIST and DHS continue to work with Microsoft to establish a virtual machine to provide agencies and information technology providers access to Windows XP and Vista images,” the memo said. “The images will be pre-configured with the recommended security settings for test and evaluation purposes to help certify applications operate correctly.” The latest memo provides agencies with an important start to moving to the standard desktop. The language is designed to “help agencies articulate to your IT providers what you need in your IT acquisitions” to achieve the goal of a secure, standardized desktop environment, said Dan Costello, an OMB senior policy analyst at a recent event. The memo outlines three basic contract provisions. • The vendor shall certify applications are fully functional and operate correctly as intended on systems using the Federal Desktop Core Configuration (FDCC) for Internet Explorer 7 on Windows XP and Vista. • The standard installation, operation, maintenance, update and/or patching of software shall not alter the configuration settings from the approved FDCC configuration. The IT also will use the Windows Installer Service for installation to the default “program files” directory and should be able to silently install and uninstall. • Applications designed for normal end users shall run in the standard user context without elevated system administration privileges.
NEXT STORY: Security training effective, survey says