8 Strategies to Transition to a Product-as-a-Service Business Model
“We tend to make a lot of assumptions when we enter into as-a-service contracts,” Brumer says. “But the more you go move to a cloud-based service model, the more you risk giving up access to your ownership and data rights. I get worried any time you get into a service contract where things are included in the price you pay that you have no control over.”
4. Don’t Just Reimagine Products; Rethink the Entire Organization
The shift from selling a product to a service can send ripples reverberating throughout an organization. To pull off the transition, an organization must weigh how the change will affect everything from accounting to IT architectures, business procedures, and sales and marketing. Public companies switching over to an as-a-service model will likely have to adjust their quarterly earnings reports, taxes, sales procedures and marketing activities. In the end, an IoT strategy shouldn’t focus just on individual products or services, but on how the entire organization can transform.
“There is a reason the terms digital transformation and business transformation go hand-in-hand,” says Dave McCarthy of Bsquare. “These initiatives have a tendency to blur functional silos, requiring a new look at how the business is organized. It is one reason you see more industrial companies adding chief digital officers to their rosters and developing IoT centers of excellence.”
5. Find Leadership to Navigate the Metamorphosis
As the topic of IT/OT integration weren’t difficult enough, making the jump to selling a product as a service only complicates matters. Executives can start assessing their in-house expertise, but there will likely be gaps. To manage the transition, Richard Soley of IIC stresses the importance of “building” the right talent, saying it is often difficult for industrial organizations to find the right talent to help manage the transition externally.
Steve Brumer, a partner at 151 Advisors, says it is vital to have the right executive talent when leveraging IoT to change business models. “I believe we are getting to the point where something like a chief IoT officer is going to be required under the CIO banner,” he says. “There are just so many different aspects keep track of: legal issues, business matters, privacy concerns, skills, etc. As IoT explodes and more companies want to get into it, you will have to have more of an executive focus to help pull all these pieces together.”
6. Read the Fine Print Through a Security Lens
If you are on the buying end of an as-a-service contract, you will likely assume that the vendor selling it will assure that it is secure. “I would think: If I am paying for the service from you and I am going through your cloud, you damn well better secure it,” Brumer says.
Security, however, is rarely so simple in the world of enterprise IoT. Simply put, as the scale of IoT increases to encompass tens of billions of devices, so does the attack surface for cybercriminals. This fact incentivizes all companies involved to minimize their liability and risk.
“I don’t think there is much of a mystery here,” says David Zahn, general manager of PAS’ Cybersecurity business unit. “Product-as-a-service providers will aim to limit their liability as much as possible.” The quotient of who owns more liability will be market-driven, Zahn says. “If vendors offer a commodity product and customers demand that security be included as a feature, then providers will own more liability.” If the product is differentiated or a security preference does not exist, then the opposite will be true, Zahn says.
When establishing liability, it is common to consider whether an organization’s actions were reasonable, says Bob Noel, director of strategic relationships and marketing for Plixer. One key area for this is in the implementation. If something goes wrong, both parties are likely to point fingers. “Deploying IoT device using default usernames and passwords would certainly not be deemed as reasonable,” Noel says.
Another consideration is monitoring the traffic to and from IoT devices. Scrutinizing traffic analytics, IoT device traffic flow and metadata telemetry reduces risk. “A lack of active monitoring would also likely be determined as unreasonable and liability may fall on the provider,” Noel explains. “If the provider has taken reasonable precautions and a breach occurs, a signed waiver would likely transfer the liability onto the customer consuming the service.”
7. Keep an Eye on Regulation
Legal frameworks guiding as-a-service contracts could have a dramatic effect on power-by-the-hour contracts. Describing regulation as an “x-factor,” David Zahn of PAS Cybersecurity points to the example of how regulation has altered the credit card industry. “If a credit card is stolen and fraudulent charges result, the consumer’s risk is limited to $50 by regulation,” he says. “This dramatically shifts cybersecurity risk to the credit card companies, which is why they are so diligent about monitoring credit card activity and so ready to replace a card with a new one.”
Ultimately, it is highly likely that government will play a bigger role in regulating industries deemed as critical infrastructure, Zahn says. “But we should not expect to see product-as-a-service penetrate deep into industrial process facilities,” he says. Such business models could gain a foothold when it comes to analytics-as-a-service or managed services, he says, but are not likely to gain ground in systems that have primary responsibility for production and safety.
8. Determine Who Should Have Access to the Data
For the most part, companies providing IoT-connected equipment are the owners of IoT data, so when Pratt & Whitney or GE sells a jet engine via a rental model, they control the data it generates. “You could argue that it should be the airline, the airplane manufacturer, or a third-party maintenance company, but it’s not. The engine manufacturers are the only ones that are under contract that have the rights to own that data,” Steve Brumer says.
“This practice is no different than the question of who owns that data coming from your smart TV or your Alexa or Nest thermostat,” Brumer says. “You may think that you own it, but really it is a big tech company holding the data and reselling it.”
As the industrial IoT market matures, it is likely that vendors selling products as a service will also look to create new data products based on the anonymized data. A maker of farm equipment, for instance, could get into the commodities market by leveraging data from its network of connected tractors and harvesters. “You could look at trend data and weather information to forecast that the corn yield in a given year tends to be lower in other similar years and then turn around and sell that information to a commodities broker,” says Mike Quindazzi, a managing director at PwC.
In a similar vein, Caterpillar recently increased the size of its data services unit to help support the growth of its network of 500,000 connected sensors installed in machinery globally. The goal of the initiative is to sell its customers custom reports and analytics to help inform the management of building and mining projects, according to a post in WSJ.
Battles over data are to be expected for organizations using IoT-fueled power-by-the-hour arrangements, but that doesn’t mean that an adversarial approach is necessarily the best option. The sellers in such business models can use data to boost their customer service while the buyers gain in terms of flexibility. The most-enlightened arrangement would be a mutual sharing of data that results in gains for all of the parties involved. “I don’t want other organizations to not get my data,” says Don DeLoach, co-author of The Future of IoT: Leveraging the Shift to a Data Centric World. “I just don’t want them to get the data at my expense. Everybody wins if you get the right data to the right constituent at the right time.”
Tamara McCleary, CEO of Thulium, agrees on the power of sharing IoT data but stresses that organizations must be careful when considering power-by-the-hour business models. “I cannot help but worry about giving up our power to the cloud,” she says. “If the future generation wants to rent rather than own, then we have to ask ourselves who retains the power in an as-a-service business model? The renter or the owner?”
It will likely be the latter, McCleary says. If data is the new currency of the IoT world, organizations that best harness AI and machine learning tools could dominate the landscape. In a sober-minded business world, she recommends that enterprise companies contemplate the potential ramifications of such business models. She points to internet pioneer Tim Berners-Lee’s prediction that superintelligence will be based in the cloud as an example as a useful thought experiment that could become a reality. “People tend to think about the Singularity as physical robots taking over the world, but where will the real power reside? The most powerful AI will be in the cloud,” she says. “AI, however, does not have legal rights, but the companies owning that technology do,” McCleary says. Parties on both sides of the equation should contemplate the power dynamics and data rights built into such arrangements and their consequences,” she says. “In the end though, we are already leashed to the cloud. The question is: Who is on the other end and what do they have planned?”