Prohibited Companies, Technology, Software, and Services
NDAA889
The National Defense Authorization Act Section 889 (NDAA 889) is an amendment to the Federal Acquisition Regulation (FAR) prohibiting government agencies from entering into, extending, or renewing contracts with an company using hardware, software, or services developed or provided in whole or in part (e.g. components, etc.) by a prohibited company.
Prohibited Companies
Below is a provisional list of prohibited companies as the federal government continuously updates it. Some prohibited companies include:
- Huawei Technologies Company
- ZTE Corporation
- Hytera Communications Corporation
- Hangzhou Hikvision Digital Technology Company
- Dahua Technology Company
- China Mobile International USA, Inc.
- China Telecom (Americas) Corp.
In addition to the aforementioned companies (and their subsidiaries, affiliates, and successor organizations), NDAA 889 also applies to entities the Secretary of Defense designates as entities "owned or controlled by, or otherwise connected to, the government of a covered foreign country."
For a current list of prohibited companies, visit the System for Award Management (SAM.gov) and search for the company in question. If it is marked “Excluded”, then it is considered a prohibited company and use of their technologies and/or services are prohibited.
Prohibited Technology, Software, and Services
In addition to the products and services from the aforementioned prohibited companies, there are a couple more organizations’ products and services which are also banned for use on any device owned by Drexel University. These include:
- Kaspersky Lab (See FAR 52.204-23)
- TikTok/ByteDance Limited (See FAR 52.204-27)
How does this affect Drexel?
Since Drexel receives federal funding, the University must comply with this requirement. Therefore, purchasing and/or using equipment, software, and/or services from these prohibited companies could jeopardize Drexel's ability to receive federal funding.
Recommendations
- Utilize Drexel University equipment, network, and services.
- Educate researchers and those with purchasing authorization about these restrictions and the use of government funds to purchase equipment or services produced by these prohibited companies.
- Vet vendors of hardware, software, and services to ensure no purchases are made of prohibited items from prohibited companies. If you have questions, please reach out to Information Security.
- Perform a search for prohibited hardware, software, and/or services. Notify Information Security immediately if any prohibited items are located or used in any laboratories, offices, classrooms, or other University spaces.
FAQs
- These regulations apply to grants, contracts and cooperative agreements, as well as subcontracts and subawards.
- The University is requiring all staff, faculty, and administrators to be aware and comply with these restrictions to assist Drexel University's compliance requirements as well as ensuring that the University remains eligible for research contracts and grants from federal agencies.
- Yes, regardless of the source of the grant or contract these restrictions are in place.
- First find out the manufacturer of your device/or service provider, be sure to also find out if/who the parent company is.
- Then visit SAM.gov to search for the name of the manufacturer. If the entry has “Exclusion” in it, then the entity and their products/services are prohibited.
- These regulations do not prevent these devices or software from being used on personal devices or for personal use; however, your personal device(s) wouldn’t be allowed to be used for Drexel University business.
For more information, visit: