THE EUROPEAN – SECURITY AND DEFENCE UNION
The NATO AEW&C Programme Management Agency (NAPMA) uses a SINA1 solution, enabling staff members to securely work with classified and unclassified data simultaneously. In December 2017, the specific N APMA infrastructure which includes the SINA solution was granted security accreditation by the NATO Office of Security. Furthermore, the agency recently decided to extend the solution.
The following interview was conducted by secunet, the German company that developed the SINA solution. Stephan Sauer who was heading NAPMA’s Information Management Branch from February 2017 to March 2019 elaborates on the initial challenges and how the SINA solution solved them.2
S
ecunet: Who and what is NAPMA and what is the organization’s mission? Stephan Sauer: The NATO Airborne Early Warning & Control (NAEW&C) Programme Management Organization (NAPMO) was created in 1978. This organization is responsible to the North Atlantic Council for the NAEW&C Programme – which, in short terms, is the NE-3A aircraft, the NATO AWACS. The NAEW&C Programme Management Agency (NAPMA) is the executive agency of NAPMO. Within the responsibilities granted to NAPMA, the agency manages all aspects of the Programme from acquisition through delivery and on through Life Cycle Management of the NE-3A. secunet: Within NAPMA, what do you and your team look after? What are your key operational responsibilities, goals & objectives? Stephan Sauer: NAPMA’s Information Management Branch is the Information Management (IM) and Information Technology
32
(IT) service provider of the agency. Its mission is to enable NAPMA with IM/IT services and capabilities needed to perform NAPMA’s executive, administrative, and project management functions in an effective and efficient manner. The availability and control of information is critical to NAPMA’s organizational success. Currently, NAPMA operates a small secure dedicated CIS environment centered on Microsoft technology to provide office automation and external connectivity located at one site in Brunssum, The Netherlands. The main services provided to the users are e-mail (MS Exchange), document management (MS SharePoint) and an enterprise resource planning system (SAP). With the extension of the SINA laptops and secure smartphones, around 70% of the NAPMA staff is now equipped with a SINA laptop. secunet: When working in such an operational environment you need to be able to securely receive, store, work on and transmit sensitive and/or highly-sensitive data. What kind of CIS policies & processes do you need to follow to ensure compliance? Stephan Sauer: As with other NATO entities, NAPMA shall comply with NATO-wide IT related and CIS Security policies, directives, and guidelines. At NAPMA those policies, directives, and guidelines are further tailored to NAPMA’s business requirements while maintaining a security accreditation by the NATO Office of Security (NOS). A prominent milestone was achieved
photo: NAPMA
NAPMA further expands its SINA Secure Remote Access capability
