VA awards $21.3M contract for enterprise data loss prevention services to Maveris LLC

Contract Overview

Contract Amount: $21,272,621 ($21.3M)

Contractor: Maveris LLC

Awarding Agency: Department of Veterans Affairs

Start Date: 2023-09-27

End Date: 2026-09-26

Contract Duration: 1,095 days

Daily Burn Rate: $19.4K/day

Competition Type: FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES

Number of Offers Received: 6

Pricing Type: FIRM FIXED PRICE

Sector: IT

Official Description: PROJECT MANAGEMENT, AND TECHNICAL SERVICES TO AUGMENT THE CURRENT VA ENTERPRISE DLP PROGRAM IN ACCORDANCE WITH EXISTING VA ENTERPRISE SECURITY DIRECTIVES AND STANDARDS

Place of Performance

Location: MARTINSBURG, BERKELEY County, WEST VIRGINIA, 25401

State: West Virginia Government Spending

Plain-Language Summary

Department of Veterans Affairs obligated $21.3 million to MAVERIS LLC for work described as: PROJECT MANAGEMENT, AND TECHNICAL SERVICES TO AUGMENT THE CURRENT VA ENTERPRISE DLP PROGRAM IN ACCORDANCE WITH EXISTING VA ENTERPRISE SECURITY DIRECTIVES AND STANDARDS Key points: 1. Contract focuses on augmenting existing data loss prevention (DLP) programs. 2. Services align with established VA enterprise security directives and standards. 3. The award is a delivery order under a larger contract vehicle. 4. The contract duration is three years, ending in September 2026. 5. This contract is a firm-fixed-price type, indicating predictable costs. 6. The primary location for performance is West Virginia.

Value Assessment

Rating: good

The contract value of $21.3 million for three years of project management and technical services for data loss prevention appears reasonable given the scope. Benchmarking against similar IT security services contracts within the federal government suggests this pricing is within expected ranges for specialized technical support. The firm-fixed-price structure provides cost certainty for the VA, reducing the risk of cost overruns for the defined services.

Cost Per Unit: N/A

Competition Analysis

Competition Level: full-and-open

This contract was awarded under full and open competition after exclusion of sources, indicating that multiple vendors had the opportunity to bid. The presence of 6 bidders suggests a competitive environment for this type of specialized IT security service. A competitive process generally leads to better pricing and service offerings for the government.

Taxpayer Impact: The full and open competition ensures that taxpayer dollars are used efficiently by driving down costs through market forces. It also allows the VA to select the most capable vendor at the best value.

Public Impact

The Department of Veterans Affairs benefits from enhanced data security and protection of sensitive veteran information. Services delivered include project management and technical support for the VA's enterprise data loss prevention program. The geographic impact is primarily focused on West Virginia, where the contractor is located. The contract supports specialized IT security roles, potentially creating or sustaining jobs in this field.

Waste & Efficiency Indicators

Waste Risk Score: 50 / 10

Warning Flags

Potential for vendor lock-in if services are highly specialized and integrated.
Reliance on a single vendor for critical data security functions could pose a risk.

Positive Signals

Clear alignment with existing VA security directives reduces implementation risk.
Firm-fixed-price contract provides cost predictability.
Full and open competition suggests a robust selection process.

Sector Analysis

This contract falls within the Computer Systems Design Services sector, a critical component of the broader IT services market. The federal government's spending on cybersecurity and data protection services is substantial and growing, driven by increasing cyber threats and the need to safeguard sensitive information. This contract for data loss prevention is a key element in the VA's overall cybersecurity strategy, complementing other security measures.

Small Business Impact

The data indicates this contract was awarded under full and open competition and does not specify any small business set-aside provisions. Therefore, the direct impact on small businesses through this specific award is likely limited unless Maveris LLC engages in subcontracting with small businesses. Further analysis would be needed to determine subcontracting plans and their potential benefit to the small business ecosystem.

Oversight & Accountability

The contract is managed by the Department of Veterans Affairs, which has established oversight mechanisms for its IT procurements. Accountability is ensured through the firm-fixed-price structure and the delivery order process, which allows for specific performance requirements. Transparency is generally maintained through federal procurement databases, though detailed performance metrics are typically internal.

Related Government Programs

VA Enterprise Security Directives
Data Loss Prevention Programs
Cybersecurity Services
IT Project Management

Risk Flags

Data Security Risk
Vendor Performance Risk
Integration Complexity

Frequently Asked Questions

What is this federal contract paying for?

Department of Veterans Affairs awarded $21.3 million to MAVERIS LLC. PROJECT MANAGEMENT, AND TECHNICAL SERVICES TO AUGMENT THE CURRENT VA ENTERPRISE DLP PROGRAM IN ACCORDANCE WITH EXISTING VA ENTERPRISE SECURITY DIRECTIVES AND STANDARDS

Who is the contractor on this award?

The obligated recipient is MAVERIS LLC.

Which agency awarded this contract?

Awarding agency: Department of Veterans Affairs (Department of Veterans Affairs).

What is the total obligated amount?

The obligated amount is $21.3 million.

What is the period of performance?

Start: 2023-09-27. End: 2026-09-26.

What is Maveris LLC's track record with the VA or similar federal agencies for IT security services?

Information regarding Maveris LLC's specific track record with the VA or similar federal agencies for IT security services would typically be found in contract performance databases and award histories. A review of past performance evaluations, if publicly available, would indicate their success in delivering similar projects, adherence to timelines, and overall client satisfaction. Without direct access to these performance records, it's difficult to provide a detailed assessment. However, the award of this contract suggests they met the VA's requirements for technical capability and past performance during the bidding process.

How does the $21.3 million contract value compare to similar VA data loss prevention contracts?

Comparing the $21.3 million contract value requires access to historical data on similar VA contracts for enterprise data loss prevention (DLP) services. The value appears to be a reasonable figure for a three-year engagement involving project management and technical services for a large enterprise like the VA. Factors influencing this value include the scope of DLP implementation, the complexity of the VA's IT infrastructure, the specific technologies employed, and the level of technical expertise required. Benchmarking against contracts for similar IT security services, especially those focused on data protection and compliance, would provide a more precise context for value assessment.

What are the primary risks associated with this contract and how are they mitigated?

Key risks for this contract include potential technical challenges in integrating DLP solutions with the VA's existing infrastructure, the risk of vendor performance issues, and the possibility of evolving cyber threats requiring adaptive security measures. Mitigation strategies likely include the firm-fixed-price contract type, which shifts some cost risk to the contractor, and the requirement for services to align with existing VA security directives, ensuring compatibility and adherence to standards. The competitive award process also helps mitigate risks by selecting a vendor with demonstrated capabilities. Continuous monitoring and clear performance metrics within the delivery order would further manage performance risks.

How effective is the VA's current enterprise DLP program, and how will this contract enhance it?

The effectiveness of the VA's current enterprise DLP program is not detailed in the provided data. This contract is specifically aimed at 'augmenting the current VA enterprise DLP program.' This suggests that the existing program requires additional support, expertise, or resources to maintain or improve its capabilities. The services provided by Maveris LLC will likely focus on enhancing the program's ability to detect, monitor, and prevent unauthorized data exfiltration, ensuring compliance with security standards and protecting sensitive veteran information. The contract's success will be measured by its contribution to strengthening the overall data security posture.

What are the historical spending patterns for data loss prevention services at the VA?

Historical spending patterns for data loss prevention (DLP) services at the VA are not provided in the current data. To analyze this, one would need to examine past VA contracts related to cybersecurity, data security, and specifically DLP solutions over several fiscal years. This would involve looking at the total amount spent, the number of contracts awarded, the types of services procured (e.g., software, hardware, managed services, technical support), and the primary contractors involved. Understanding these patterns would reveal trends in VA's investment in data protection and help contextualize the current $21.3 million award.

What specific technical services will Maveris LLC provide under this contract?

The contract specifies 'PROJECT MANAGEMENT, AND TECHNICAL SERVICES TO AUGMENT THE CURRENT VA ENTERPRISE DLP PROGRAM.' This implies that Maveris LLC will provide a range of services including planning, organizing, and overseeing DLP initiatives, as well as offering technical expertise. This could encompass tasks such as system configuration, integration support, troubleshooting, performance tuning of DLP tools, developing and implementing DLP policies, and potentially providing training or documentation related to the DLP program. The services are bound by existing VA Enterprise Security Directives and Standards, ensuring alignment with the agency's security framework.

Industry Classification

NAICS: Professional, Scientific, and Technical Services › Computer Systems Design and Related Services › Computer Systems Design Services

Product/Service Code: IT AND TELECOM - INFORMATION TECHNOLOGY AND TELECOMMUNICATIONS › IT AND TELECOM - SECURITY AND COMPLIANCE

Competition & Pricing

Extent Competed: FULL AND OPEN COMPETITION AFTER EXCLUSION OF SOURCES

Solicitation Procedures: SUBJECT TO MULTIPLE AWARD FAIR OPPORTUNITY

Offers Received: 6

Pricing Type: FIRM FIXED PRICE (J)

Evaluated Preference: NONE

Contractor Details

Address: 126 E BURKE ST STE 19, MARTINSBURG, WV, 25401

Business Categories: Category Business, Corporate Entity Not Tax Exempt, Limited Liability Corporation, Service Disabled Veteran Owned Business, Small Business, Special Designations, U.S.-Owned Business, Veteran Owned Business

Financial Breakdown

Contract Ceiling: $28,966,911

Exercised Options: $21,272,621

Current Obligation: $21,272,621

Actual Outlays: $16,499,109

Subaward Activity

Number of Subawards: 16

Total Subaward Amount: $15,553,679

Contract Characteristics

Commercial Item: COMMERCIAL PRODUCTS/SERVICES PROCEDURES NOT USED

Cost or Pricing Data: NO

Parent Contract

Parent Award PIID: 36C10B21D1037

IDV Type: IDC

Timeline