Device Management for Africa’s Public Sector: Lessons from the Field

Managing public sector device fleets has never been a simple feat—especially across the vast, distributed government environments of Africa. During a recent Hexnode Live session, Kyle Manilal, Senior Manager of Digital Innovative Solutions at Sizwe Africa IT Group, shared insights into how public sector organizations across Africa are navigating these increasingly complex ecosystems.

Manilal explained that devices are no longer just IT assets; they are the foundation of service delivery. From office laptops to rugged field tablets and shared clinic kiosks, endpoints now power essential government workflows. Yet many departments still struggle with limited visibility, fragmented tools, and small IT teams. Addressing this requires a more unified approach to device management that can scale across government environments.

Managing the “Hidden Fleet”: Solving the Visibility Crisis in Government IT

For many government departments, the first challenge in managing devices is simply knowing they exist. Public sector IT systems often evolve over decades, with devices added across departments and regions without a centralized tracking system.

Manilal noted that this “visibility gap” is more prevalent than many organizations realize. In one specific case, a department believed they had 4,000 devices in circulation, but a thorough discovery process revealed the actual number was nearly double after accounting for shared, unmanaged, and unregistered endpoints.

When IT teams lack a unified view of their device ecosystem, enforcing consistent security policies becomes significantly harder. Updates may be missed, unsupported devices may remain active, and unmanaged endpoints can quietly expand the organization’s attack surface.

The Scale Paradox: Managing Government Endpoints with Lean IT Teams

Even with better visibility , managing devices at scale creates immense friction. “The biggest challenge we see is scale versus resources,” Manilal explained. “There are tens of thousands of devices across the country, but very small IT teams supporting them.”

This imbalance makes routine tasks, like deploying patches or securing lost devices, difficult. When management relies on manual intervention, it forces a choice between security and productivity – something public sector environments cannot afford.

“Service delivery cannot slow down,” Manilal noted. “You can’t delay a clinical queue simply because a patch needs to run.” To overcome this, the focus is shifting toward remote automation. By shifting from manual supervision to automated systems, departments can ensure essential services remain uninterrupted. Whether in healthcare or public safety, operations stay secure regardless of the size of the supporting IT team.

Never Trust, Always Verify: Why Zero Trust Matters for Government IT

For years, public sector security relied on the network perimeter. But in a hybrid work environment, a secured network no longer guarantees a secured device. Threats such as credential theft or device tampering can easily bypass traditional network defenses.

“We’ve noticed departments are no longer trusting devices just because they are inside the network,” Manilal observed. “Zero Trust has ultimately become very practical in the environments we support.”

Instead of a one-time login, the system constantly evaluates the state of the device: Is it encrypted? Is it patched? If a device falls out of compliance, it immediately loses access to sensitive government systems until it is remediated.

This level of control allows IT to move away from “all-or-nothing” security and toward context-aware policies. As Manilal noted, a personal BYOD (Bring Your Own Device) device shouldn’t have the same level of trust as a government-issued rugged tablet or a clinical kiosk. By using tailored policies, administrators can assign distinct policies to different devices.

For instance, a clinic kiosk can be locked into a dedicated “Kiosk Mode,” restricting the interface to a single healthcare application and hardening the device against unauthorized use. Meanwhile, BYOD devices can be managed through containerization, separating personal data from encrypted corporate workspaces. This ensures that the endpoint becomes the primary enforcement point for security.

The 2026 Roadmap: Transforming Device Management into a Strategic Government Asset

The transition toward a digital-first public sector has redefined the role of the IT department. As device fleets continue to expand, the ability to manage and secure endpoints directly affects how effectively governments deliver public services.

A unified endpoint management (UEM) strategy brings together the core capabilities public sector IT teams need: real-time device visibility, automated patching and policy enforcement, secure management of shared and BYOD devices, and consistent security controls across distributed environments. By consolidating these fragmented tools into a single, proactive platform, organizations can finally shift from reactive troubleshooting to proactive service delivery.

As highlighted by Kyle Manilal during the session, this evolution transforms what was once a technical burden into a powerful operational advantage. “Most importantly, endpoint management is now a strategic enabler for digital public services,” he noted. “With unified visibility, remote monitoring, and XDR integrations, organizations can finally respond effectively while the landscape is changing.” Ultimately, securing the public sector fleet is about ensuring that the digital tools powering healthcare, education, and public safety remain as resilient as the communities they serve.

Frequently Asked Questions (FAQs)

1. What critical factors should public sector leaders prioritize when selecting a UEM solution?

Leaders should look for a platform that prioritizes interoperability and integration. A modern UEM must coexist with legacy infrastructure through robust APIs while offering native support for major operating systems (Windows, Android, iOS, and Linux). Choosing a vendor that provides a comprehensive suite of integrated solutions—rather than a patchwork of third-party tools—ensures a smoother transition and reduces the risk of “rip and replace” failures. Additionally, ensure the solution supports Zero Trust frameworks and offers a single pane of glass for total fleet visibility. This “single pane of glass” approach allows for a phased migration that standardizes security policies across the entire environment without disrupting existing workflows.

2. How does a device management strategy help government departments maintain POPIA compliance in the event of hardware loss?

Under POPIA, the loss of a device containing citizen data is considered a reportable security compromise. A centralized UEM platform acts as a critical fail-safe by allowing administrators to trigger an immediate Remote Wipe or a cryptographic lock the moment a device is reported missing. This ensures that sensitive personal information is rendered inaccessible before a breach can occur. By maintaining a verifiable audit trail of these security actions, departments can demonstrate “reasonable technical measures” were in place, significantly reducing the legal and reputational risks associated with hardware theft.