The US Government's JEDI project - how not to handle a public sector cloud procurement

Profile picture for user slauchlan By Stuart Lauchlan October 10, 2018
The US Department of Defense's JEDI procurement has led to some very public protests from tech vendors, the latest of which is IBM.

Department of Defense
Want to know how not to handle a multi-billion dollar government cloud procurement? Take a look at the US Department of Defense’s $10 billion JEDI contract.

With tomorrow’s deadline for proposals for the  deal looming, IBM has become the latest vendor to lodge a formal protest about the terms of the procurement.

The contract for the Joint Enterprise Defense Infrastructure (JEDI) has been mired in controversy as a result of the Pentagon’s decision to award the contract to a single contractor rather than breaking it up. That led to fears that such a contract structure favored Amazon Web Services.

Other potential providers have openly criticised and protested, including Oracle, whose co-CEO Safra Katz is believed to have raised the matter directly with President Donald Trump over dinner. The firm also lodged a formal protest earlier in the year.

Now at the eleventh hour, IBM has filed its own objection with the US Government Accountability Office (GAO), contesting that single-vendor factor. In a blogpost, Sam Gordy, IBM's US Federal General Manager, outlines three main objections:

JEDI’s primary flaw lies in mandating a single cloud environment for up to 10 years. Leading global enterprises want clouds that are flexible, provide access to the best applications from multiple vendors, and can smoothly transition legacy systems. JEDI is a complete departure from these best practices. It denies America’s warfighters access to the best technology available across multiple vendors, complicates the integration of legacy applications and walls off access to future innovations. JEDI’s single-cloud approach also would give bad actors just one target to focus on should they want to undermine the military’s IT backbone. The world’s largest businesses are increasingly moving in a multi-cloud direction because of security, flexibility and resilience; the Pentagon is moving in precisely the opposite direction.

JEDI turns its back on government-recognized best practices. Recently, the Office of Management and Budget issued a new government-wide cloud strategy, “cloud smart,” that specifically emphasizes the need for multi-cloud and hybrid solutions and calls for a “technology neutral” approach. That’s not what we see in JEDI, which also ignores the intent of Congress to ensure America’s warfighters benefit from healthy competition and access to multiple technologies from multiple suppliers.

Finally, the JEDI solicitation restricts the field of competition. Certain requirements in the RFP either mirror one vendor’s internal processes or unnecessarily mandate that certain capabilities be in place by the bid submission deadline versus when the work would actually begin. Such rigid requirements serve only one purpose: to arbitrarily narrow the field of bidders.

The language of the blogspot is potentially incendiary, essentially accusing the DoD of not having the best interests of the US military at heart:

IBM knows what it takes to build a world-class cloud. No business in the world would build a cloud the way JEDI would and then lock in to it for a decade. JEDI turns its back on the preferences of Congress and the administration, is a bad use of taxpayer dollars and was written with just one company in mind. America’s warfighters deserve better.

It adds:

The importance of this transition cannot be overstated: JEDI will be the foundation for integrating advanced technologies such as Artificial Intelligence and Augmented Reality into America’s warfighting capability. Unfortunately, JEDI, as outlined in the final solicitation, would not provide the strongest possible foundation for the 21st century battlefield.

Gordy calls on the US Government to change its ways even at this late stage:

IBM has proudly supported America’s armed services for decades, and we plan to submit a bid that provides our warfighters as much flexibility and innovation as possible within the scope of the JEDI solicitation. It is our hope, though, that highlighting our serious concerns through this protest might create one last opportunity for this process to be aligned with commercial best practices, the desires of Congress and the Trump administration, and the best interests of our men and women in uniform – not to mention taxpayers, who will foot the bill.

When Oracle filed its own complaint in August, a statement from the firm said:

The technology industry is innovating around next generation cloud at an unprecedented pace and JEDI virtually assures [the DoD] will be locked into legacy cloud for a decade or more. The single-award approach is contrary to industry’s multi-cloud strategy, which promotes constant competition, fosters innovation and lowers prices. The DoD seeks to procure so-called 'commercial services' that are wholly inconsistent with the commercial sector and the D&F [Determination and Findings] falls far from meeting the rigorous legal standards required for a single award contract.

Earlier this week, Google ruled itself out of the running for the ten year contract, citing concerns about potential ethical violations relating to the use (or misuse) of AI capabilities. But it also highlighted the single vendor angle as a reason for pulling out:

Had the JEDI contract been open to multiple vendors, we would have submitted a compelling solution for portions of it. Google Cloud believes that a multi-cloud approach is in the best interest of government agencies, because it allows them to choose the right cloud for the right workload. At a time when new technology is constantly becoming available, customers should have the ability to take advantage of that innovation. We will continue to pursue strategic work to help state, local and federal customers modernize their infrastructure and meet their mission critical requirements.

My take

This is a very messy procurement - and it’s only likely to get messier. Badly done, DoD, badly done.