CONTRA COSTA COUNTY - File #: 23-664

• File #: 23-664
• Version: 1
• Type: Consent Item
• Status: Passed
• File created: 10/3/2023
• In control: BOARD OF SUPERVISORS
• On agenda: 10/17/2023
• Final action: 10/17/2023
• Title: APPROVE and AUTHORIZE the Purchasing Agent, on behalf of the Chief Information Officer, to execute a purchase order with NTT America, Inc. in an amount not to exceed $453,600 for the renewal of Proofpoint email protection software and services for the period of October 1, 2023 through September 30, 2024. (100% User Departments)

Date	Ver.	Action By	Action	Result	Tally
10/17/2023	1	BOARD OF SUPERVISORS	approved	Pass

To:                                          Board of Supervisors

From:                                          Marc Shorr, Information Technology Director

Report Title:                     Purchase order with NTT America, Inc.

☒Recommendation of the County Administrator ☐ Recommendation of Board Committee

RECOMMENDATIONS:

APPROVE and AUTHORIZE the Purchasing Agent, on behalf of the Chief Information Officer, to execute a purchase order with NTT America, Inc. in an amount not to exceed $453,600 for the renewal of Proofpoint email protection software and services for the period of October 1, 2023, through September 30, 2024.  

FISCAL IMPACT:

The cost of this purchase will be offset by charges to user departments.  (100% User Departments)

BACKGROUND:

Proofpoint email protection software guards against malware and non-malware threats such as impostor, phishing emails and spam by authenticating all senders without blocking legitimate emails. The Proofpoint software delivers an effective unified solution to protect critical data from advanced email breaches which are an ongoing cyber threat. This software will benefit all County departments except the Health Services Department, which currently has its own Proofpoint software. 

On September 7, 2021, the Board approved Proofpoint’s annual subscription purchase order with an initial term of  September 1, 2021 through August 31, 2022, and General Terms and Conditions which includes a limitation of liability clause that limits Proofpoint’s liability under the Terms and Conditions to an amount not to exceed the annual subscription fee paid to Proofpoint, provided that the limitation does not apply to Proofpoint’s indemnity obligations, gross negligence, or breach of confidentiality provisions. 

An informal solicitation process and analysis was conducted in 2021. Proofpoint was ultimately selected from a competitive review of five (5) vendors. The Department of Information Technology will conduct a formal Request for Proposals in preparation of Proofpoint’s conclusion of its third year of services and in accordance with the County’s Purchasing Policy.

Service outcomes will be measured on indicators such as: number of email threats blocked, number of phishing emails reported by users, and data related to specific malicious threats or actual breaches.

CONSEQUENCE OF NEGATIVE ACTION:

This software is critical for ensuring a consistent approach to email security for the County's email systems which will be at increased risk of security breaches.