The state of Georgia is seeking a qualified vendor to provide a comprehensive, secure, and scalable backup, disaster recovery, and storage solution. The selected provider will be responsible for safeguarding critical data assets, ensuring business continuity, and enabling rapid data recovery in the event of system failure, cyberattack, or other disasters. The solution must address key areas including backup and storage architecture, robust security and compliance features, disaster recovery procedures and testing, ongoing management and support, and demonstrable vendor qualifications.

Specifications include the provision of an on-premises backup appliance with at least 40 TB of usable storage. The backup infrastructure should operate independently of traditional Windows or SQL Server components. Required security measures consist of a secure approval mechanism to prevent unauthorized or accidental changes to data lifecycle policies, implementation of multi-factor authentication (MFA) with support for time-based one-time passwords (TOTP), and resilient time synchronization to defend against tampering and threats like NTP poisoning. Automated backup integrity testing and unified visibility across all protected environments (on-premises, cloud, SaaS) must also be included.

The vendor must provide 24/7/365 support and offer cybersecurity expertise or incident response services, either as part of the service or as an add-on. The contract for this work will be for a three-year period.