Solutions · Public Sector
Sovereign device control for regulated public-sector buyers — government agencies, healthcare networks under LGPD, public-sector procurement contexts that cannot accept third-party SaaS in the command path. Built on Lockia's Sovereign UEM platform: public AOSP APIs, self-hosted MDM, customer-region deployment.
01 · The Problem
Regulated public-sector buyers in Latin America, the EU, and emerging markets increasingly write specific architectural requirements into their RFPs: in-country data residency, no third-party SaaS provider in the command-and-control path between the buyer and their device fleet, no foreign-government service dependencies, and contractual data-handling terms the buyer's procurement office can govern. These are not optional preferences; they are disqualifiers. A platform that cannot satisfy them architecturally is not eligible to bid.
The dominant enterprise UEM vendors — Microsoft Intune, Jamf, VMware Workspace ONE, IBM MaaS360, ManageEngine — operate as third-party SaaS layers. For Android, their architectures route commands through Google's Android Management API and Firebase Cloud Messaging. For Apple, their MDM servers operate in the vendor's cloud between the customer's Apple Business Manager tenant and the device fleet. Both halves of the device estate sit on US-hyperscaler infrastructure.
For most enterprises, that's an acceptable trade. For a Mexican federal agency procuring endpoint management under data-residency requirements, a Brazilian healthcare network governed by LGPD, a Chilean public-sector buyer with sovereignty mandates, or an EU government office under digital-sovereignty procurement frameworks, US-SaaS-in-the-data-path is not an architectural inconvenience — it is a procurement disqualification. The contract cannot include those vendors regardless of how good the product is in non-sovereignty-constrained deployments.
The architectural gap is real and growing. Public-sector buyers are increasingly forced into either (a) deploying a vendor that doesn't meet sovereignty requirements and accepting compliance risk, (b) building custom in-house platforms (expensive, slow, rarely operationally sustainable), or (c) declining to procure modern endpoint management entirely. None of those are good outcomes.
02 · Lockia's Approach
Public AOSP DevicePolicyManager APIs, not Google AMAPI. Lockia's Cipher DPC is built directly on the public AOSP APIs that ship in every Android Enterprise–capable device. The DPC enrolls as Device Owner at first boot. Command and policy decisions route through Lockia's own backend infrastructure on a push transport (LockiaPush) that does not depend on Firebase Cloud Messaging or any Google service as transport. Google services remain absent from the data path between the buyer and their fleet.
Self-hosted MDM server for Apple, integrated with the buyer's ABM tenant. Lockia operates Cipher MDM — derived from the open-source NanoMDM core — on Lockia's Kubernetes infrastructure. The buyer's Apple Business Manager tenant federates with Lockia's self-hosted MDM server. There is no third-party MDM SaaS between ABM and the device fleet. Apple's APNs is mandatory infrastructure for any iOS MDM and remains in the path — that is non-negotiable Apple infrastructure that applies to every MDM, including ours. What is removed is the additional layer of third-party SaaS.
Customer-region Kubernetes deployment. For sovereignty-bound contracts, Lockia operates the platform infrastructure in the jurisdiction the buyer's procurement contract specifies. The buyer's data-handling agreements govern the deployment terms; Lockia operates within those terms. This is the architectural property "customer-controlled data path" as defined in our Sovereign UEM platform overview — not a hosting-region promise, but a contractually deployable infrastructure model.
Compliance and procurement posture. Lockia's SOC 2 Type II audit is in progress with Prescient Security. The Cipher Protocol architecture is patent-pending (USPTO provisional 63/940,826, "Bypass-Resistant Device Locking", December 2025). Multi-region Kubernetes infrastructure is operational across the Americas with additional regions on roadmap as procurement contracts require them. The legal entity converting from Florida LLC to Delaware C-Corp aligns with enterprise procurement preferences for vendor incorporation.
03 · How It Works
Sovereignty-requirements scoping
Lockia's deployment team reviews the buyer's procurement contract, identifies data-residency and architectural-sovereignty clauses, and confirms the deployment region and infrastructure footprint required.
Infrastructure provisioning
Lockia provisions Kubernetes infrastructure in the buyer-required region under terms the buyer's data-handling agreements govern. Cipher MDM and Lockia's backend deploy into the region; no cross-region data egress for command-and-control.
Apple Business Manager federation
The buyer's ABM tenant federates with the deployed Cipher MDM server. iOS devices enroll via ABM DEP. Apple's APNs is the mandatory command-transport infrastructure for any MDM; no other third-party SaaS sits in the path.
Android enrollment
Android devices enroll via QR provisioning or OEM factory pre-installation. Cipher DPC activates as Device Owner at first boot. The command channel is LockiaPush in the deployment region.
Live operations + audit posture
Production fleet runs with policy enforced continuously. Audit logging captures every command and policy decision. The buyer's compliance officers have direct visibility into the data path; no third-party vendor sits between the buyer and the audit record.
04 · Compared To
Architectural facts. Public-sector procurement reviewers evaluating UEM platforms encounter the same architectural pattern across most named vendors. The comparison is not about feature parity — it is about which architecture the procurement contract can sign.
| Lockia | Microsoft Intune | VMware Workspace ONE | IBM MaaS360 | |
|---|---|---|---|---|
| Android substrate | Public AOSP DevicePolicyManager APIs (no Google partner-program dependency) | Google AMAPI partner-program SaaS | Google AMAPI partner-program SaaS | Google AMAPI partner-program SaaS |
| Apple MDM model | Self-hosted Cipher MDM via buyer's ABM tenant | Microsoft cloud MDM (US-hosted) | VMware cloud MDM (US-hosted) | IBM cloud MDM (US-hosted) |
| Customer data path | Lockia-hosted, buyer-region deployment | Microsoft cloud (global) | VMware cloud (global) | IBM cloud (global) |
| Sovereignty posture | Architecturally deployable for sovereignty-bound contracts | US-hyperscaler dependency; sovereignty mandates typically disqualify | US-hyperscaler dependency; sovereignty mandates typically disqualify | US-hyperscaler dependency; sovereignty mandates typically disqualify |
| Procurement framework fit | LGPD, Mexico FDPL, EU sovereignty contracts, government data-residency clauses | Standard enterprise procurement; not sovereignty-aligned by architecture | Standard enterprise procurement; not sovereignty-aligned by architecture | Standard enterprise procurement; not sovereignty-aligned by architecture |
05 · Deployment Patterns
Anonymized patterns from procurement and deployment work with public-sector and regulated-industry buyers. No named customers; the patterns are detailed enough to be credible without identifying the specific institution.
A Mexican federal-level agency procuring endpoint management for a multi-vendor Android fleet (Samsung and Motorola handsets plus locally imported regional OEMs) requires in-country data residency and explicit separation of the command-and-control path from US-hosted services. Cipher MDM and the Lockia backend deploy on Kubernetes infrastructure in the buyer-required region; Cipher DPC enrolls devices on public AOSP APIs without AMAPI dependency. The agency's procurement contract names the architectural requirements explicitly, and the Lockia deployment satisfies them as a structural property rather than as a contractual hedge.
A Brazilian healthcare network governed by LGPD manages patient-facing iPad devices across a clinic footprint. LGPD requires auditable in-country data handling for patient-adjacent infrastructure. The buyer's Apple Business Manager tenant federates with a self-hosted Cipher MDM instance deployed in Brazil; no third-party MDM SaaS sits in the path between ABM and the device fleet. The compliance officer can audit the data path end-to-end without coordinating with a US vendor in the audit trail.
A regional government office in a sovereignty-focused public-sector buyer cohort runs a mixed-platform endpoint fleet (Android handsets for field staff, iPads for administrative roles). The procurement contract specifies that no US-hyperscaler SaaS may sit in the command-and-control path for the deployment. Traditional enterprise UEM vendors evaluated did not qualify; Lockia's architecture did. The deployment is operational with the buyer's sovereignty terms governing infrastructure operations.
06 · One of Many
Public-sector device sovereignty is one configuration of Lockia's Sovereign UEM platform. The same Cipher Protocol, the same Cipher DPC, the same Cipher MDM, the same Guardian AI agentic layer. What changes for public-sector deployment is the procurement framework (sovereignty clauses, data-residency requirements, vendor-incorporation preferences), the deployment region, and the audit posture. The architectural commitment is the same as for every other vertical Lockia serves.
For a procurement reviewer or a public-sector IT director evaluating Lockia: the platform you deploy for sovereignty-bound public-sector device management is the same platform that powers Lockia's device-financing, carrier-subsidy, and OEM-partner deployments. The architectural choice once; the vertical configurations downstream.
Next Step
If your procurement requirements include data-residency, sovereignty, or architectural restrictions on third-party SaaS in the command-and-control path, the most useful next step is a call with Lockia's deployment team. We will walk through your specific procurement contract language, your deployment region, and how Lockia's architecture maps to the audit posture your compliance office requires.