SAP NS2
German company
From Wikipedia, the free encyclopedia
SAP National Security Services, Inc. (SAP NS2) is an independent U.S. subsidiary of the German software company SAP SE. Headquartered in Newtown Square, Pennsylvania, the company provides SAP enterprise software, cloud solutions, and support services specifically tailored to the United States government, the Department of Defense (DoD), the Intelligence Community, and highly regulated commercial industries.[1]
| |
| Company type | Subsidiary |
|---|---|
| Industry | Cloud computing, Enterprise software |
| Founded | 2004 |
| Headquarters | Newtown Square, Pennsylvania |
Area served | United States |
Key people | Harish Luthra (CEO), Frances Fragos Townsend (Chair) |
| Parent | SAP SE |
| Website | sapns2 |
SAP NS2 operates under a specialized security agreement with the Defense Counterintelligence and Security Agency (DCSA) to mitigate foreign ownership, control, or influence (FOCI). This structure allows the company to handle classified information and sensitive government data despite its foreign ownership.[2]
History
SAP NS2 was established in 2004 to address the security requirements of the U.S. federal government.[1] In 2012, SAP consolidated its federal civilian and Sybase federal divisions into the SAP NS2 organization to unify its government operations.[2]
In 2018, the company partnered with Amazon Web Services (AWS) to deploy the SAP HANA database on the AWS GovCloud region.[3] By 2020, SAP NS2 rebranded its offering as the "Cloud Intelligent Enterprise" (CIE), focusing on FedRAMP-authorized implementations of SAP's commercial software suite.[4]
In 2022, Mark Testoni, who had led the organization for over a decade, stepped down as CEO and was succeeded by Harish Luthra.[2]
The company secured significant government contracts in the mid-2020s. In 2025, the United States Army awarded SAP NS2 a $1 billion contract to manage the Army's enterprise resource planning (ERP) modernization using the "RISE with SAP" software package.[5][6] That same year, the General Services Administration (GSA) announced a "OneGov" agreement with SAP, establishing a government-wide procurement vehicle for SAP software and cloud services.[7]
Ownership and governance
While wholly owned by SAP SE, SAP NS2 operates independently under a proxy agreement with the Defense Counterintelligence and Security Agency (DCSA). This legal arrangement is designed to insulate the subsidiary from foreign control, allowing it to hold facility security clearances and perform on classified contracts.[2]
The company is governed by a board of directors composed exclusively of U.S. citizens who hold security clearances. As of 2026, the board includes Frances Fragos Townsend, a former Homeland Security Advisor.[8] The proxy agreement mandates that all personnel supporting SAP NS2's secure cloud operations must be "U.S. persons on U.S. soil."[9]
Services and technology
SAP NS2 constitutes the United States delivery model within SAP's global "SAP Sovereign Cloud" portfolio. Designed to maintain control over data, infrastructure, and compliance according to local regulations, the portfolio employs different operational models based on the region.[10] While European implementations of the sovereign cloud utilize SAP-owned data centers and open-source infrastructure,[11] SAP NS2 utilizes a "sovereign hyperscaler" approach.[10]
Under this model, the company does not build its own physical data centers; instead, it deploys SAP applications on government-specific regions of hyperscale providers, including AWS GovCloud, Microsoft Azure Government, and Google Cloud Assured Workloads.[3][12]
The company segments its cloud offerings into three environments based on compliance requirements:
- Cloud Intelligence Enterprise (CIE): Designed for federal civilian agencies and state/local governments, aligned with FedRAMP standards.[13]
- DoD Cloud Environment: Tailored for defense agencies, meeting the DoD Cloud Computing Security Requirements Guide (SRG) Impact Level 4 (IL4).[14]
- Commercially Regulated Environment (CRE): Serves private sector industries with strict compliance needs, such as utilities and aerospace.[15]
The technology stack includes secure versions of SAP S/4HANA Cloud (Private Edition), SAP SuccessFactors, SAP Business Technology Platform (BTP), and SAP Analytics Cloud.[16]
Compliance and certifications
SAP NS2 maintains authorizations under the FedRAMP program, including Joint Authorization Board (JAB) Provisional Authority to Operate (P-ATO) at the Moderate impact level.[17] For defense clients, the company holds a Provisional Authorization (PA) for Impact Level 4 (IL4) from the Defense Information Systems Agency (DISA).[16]
The company also supports compliance with the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR) for customers handling export-controlled data.[18]
Partnerships
In addition to its infrastructure partnerships with AWS, Microsoft, and Google, SAP NS2 collaborates with other technology vendors and systems integrators. In 2025, the company announced a partnership with Palantir Technologies to integrate SAP's data handling capabilities with Palantir's artificial intelligence platforms for government use.[19] The company also distributes its software through government aggregators such as Carahsoft.[20]
See also
- SAP SE
- FedRAMP
- Foreign ownership, control, or influence (FOCI)
- Defense Counterintelligence and Security Agency
- SAP Cloud Infrastructure
- AWS GovCloud