Choosing how to run your technology is as important as choosing the technology itself. When you start comparing managed IT services in South Africa, the real question is not which vendor to sign with — it is how much of the work you want to keep in-house and how much you want to hand over. That decision usually lands in one of three buckets: self-managed, co-managed or fully managed. Each suits a different stage of growth, budget and tolerance for risk. This guide walks through all three so you can match the model to your business rather than the other way round.
The three IT management models explained
Think of these models as a spectrum of responsibility. At one end you own everything; at the other end your provider owns the day-to-day. Most South African businesses sit somewhere in between, and the sweet spot shifts as the company grows.
- Self-managed: You run your own infrastructure, security and monitoring. A provider supplies the platform and the expertise on request, but your team holds the controls.
- Co-managed: You and the provider split responsibilities. Your internal IT person handles the familiar, day-to-day tasks while the provider covers the specialist or after-hours load.
- Fully managed: The provider runs it end to end — monitoring, patching, threat response and reporting — so your team can focus on the business.
Self-managed: maximum control, maximum responsibility
The self-managed model puts you in the driving seat. You keep full visibility and control, and you pay primarily for the platform rather than for ongoing labour. That appeals to businesses with capable internal IT and a culture of doing things their own way.
Best fit
- You have a skilled in-house IT team with spare capacity.
- You want predictable platform costs and tight control over configuration.
- Your risk appetite is moderate — you are comfortable owning the response when something breaks.
The trade-off
Control cuts both ways. Cover for leave, after-hours incidents and skills gaps all sit with you. If your IT person resigns, the knowledge can walk out the door. Self-managed works beautifully until the team is stretched — and then the cracks tend to show at the worst possible moment.
Co-managed: the pragmatic middle ground
Co-managed IT is where most growing SA businesses find their feet. Your internal staff keep doing what they do well, and LDD layers in specialist depth, escalation paths and round-the-clock cover where it matters. It is the model of choice when you have some internal capacity but not enough to cover everything credibly.
Best fit
- You have one or two IT people who are good but overloaded.
- You need 24/7 monitoring or security expertise you cannot justify hiring full-time.
- You are scaling and want to add capability without immediately growing headcount.
The main caution with co-managed IT is clarity. Split responsibility only works when the boundaries are written down — who patches what, who responds first, who signs off changes. Get that right and you get the best of both worlds.
Fully managed: hand it over and focus on the business
In the fully managed model, your provider takes ownership of the technology so your team can spend its energy on customers and growth. This is the natural fit for businesses with little or no internal IT, those that view downtime or a breach as an existential risk, and leaders who would simply rather not think about it.
Best fit
- You have minimal in-house IT and no desire to build a team.
- Compliance obligations such as POPIA make professional oversight essential.
- You value a single accountable partner and predictable monthly reporting.
The trade-off is dependency: you are placing real trust in a partner, so choose one that gives you transparent reporting and a clear exit path. POPIA is worth keeping front of mind here — non-compliance carries penalties of up to R10 million, and fully managed cover is one of the cleaner ways to demonstrate that controls are actually in place.
How LDD’s Pulse products flex across all three
What makes the decision easier is that you do not have to apply one model to everything. LDD’s managed Pulse products — InfraPulse for infrastructure monitoring, ThreatPulse for security, and VaultPulse for backup and recovery — are each offered across all three bands. That means you can mix and match by service rather than committing to a single stance.
- InfraPulse wraps an enterprise-grade monitoring engine in LDD’s management layer, so you can self-host the dashboards, co-manage alerting with our team, or hand the whole watch over to us.
- ThreatPulse pairs a security engine with LDD’s management layer and, where needed, a specialist remote-monitoring partner — self-managed for the hands-on, co-managed for shared response, or fully managed for around-the-clock cover.
- VaultPulse handles backup and recovery on the same flexible basis, so your restore strategy matches how much you want to own.
A common pattern is to keep infrastructure monitoring co-managed, push security to fully managed because the stakes are highest, and run backups self-managed because the team is comfortable there. LDD also offers fixed-scope security testing through a bespoke, custom-built testing stack — per-server bundles and quarterly retests — priced on application; just request a quote so the scope matches your environment.
There is no universally correct model — only the one that fits your internal capacity, budget, risk appetite and growth stage today. Start by mapping each service to the band that makes sense now, and revisit it as you grow. Because the Pulse products move with you, you are never locked into a decision you have outgrown.
Frequently asked questions
What is the difference between co-managed and fully managed IT?
In a co-managed model your internal IT staff handle day-to-day tasks while the provider covers specialist work, escalations and after-hours cover, with responsibilities split by agreement. In a fully managed model the provider takes end-to-end ownership of monitoring, security, patching and reporting, which suits businesses with little or no internal IT capacity.
Which IT management model is best for a small South African business?
It depends on your internal capacity and risk appetite. Many small SA businesses with no dedicated IT person lean toward fully managed for peace of mind and compliance support, while those with one capable but overloaded IT person often choose co-managed. Self-managed suits teams that already have skilled IT staff with spare capacity.
Can I use different management models for different services?
Yes. LDD’s Pulse products — InfraPulse, ThreatPulse and VaultPulse — are each offered across self-managed, co-managed and fully managed bands, so you can mix and match. A typical setup might keep infrastructure monitoring co-managed, run security fully managed, and handle backups self-managed.
How does managed IT help with POPIA compliance?
Professional monitoring, security oversight and documented backup and recovery all help demonstrate that you have reasonable controls in place, which is central to POPIA. This matters because non-compliance can carry penalties of up to R10 million, so many businesses choose co-managed or fully managed cover to keep these controls maintained and evidenced.
Does LDD offer security testing, and what does it cost?
Yes. LDD runs fixed-scope security testing using a bespoke, custom-built testing stack, available as per-server bundles with quarterly retests. Pricing is on application because it depends on the size and complexity of your environment, so the best step is to request a quote so the scope is matched to your setup.
What are InfraPulse, ThreatPulse and VaultPulse?
They are LDD’s managed Pulse products. InfraPulse provides infrastructure monitoring built on an enterprise-grade monitoring engine wrapped in LDD’s management layer, ThreatPulse provides security monitoring and response, and VaultPulse handles backup and recovery. Each is available across all three management models so you can choose how much to run yourself.
Talk to LDD about how this applies to your business.
