If you were to write a song and record it, you would own the rights to the music, and the studio that recorded it would own the rights to the recording. And whenever, say, a restaurant plays that song, they would have to pay royalties to both you and the studio.

The Internet of Things is helping kickstart a similar concept across industries, where payment is oriented toward services rather than physical goods. Whether it’s called “power by the hour” or a shift from a capital expenditure (Capex) to operational expenditure (Opex) model, or something else, the concept is taking off. “This whole topic of paying per use versus owning is a megatrend,” says Nils Herzberg, global GTM lead and senior vice-president in SAP’s IoT division. “Past generations wanted to own; future generations will just want to use.”

Richard Soley, co-chair of the Industrial Internet Consortium, shares that sentiment. “If you are not looking at new potential business models that are about leasing rather than selling, you are missing the point already,” he says.

Examples of companies that have made the leap with IoT technology seem to be popping up everywhere. For instance, there’s the air-pump company Kaeser Compressors, which is moving toward selling compressed air-as-a-service rather than pumps and compressors. And then there are jet engines, trains, elevators, turbines — all of which are available to rent rather than own.

“This concept is not new,” Herzberg says. Rolls-Royce trademarked the term “power by the hour”—coined in 1962—to refer to the notion of selling a turbojet engine as a service. Recently, the popularity of cloud computing and the software-as-a-service model, ride sharing and websites like Airbnb have further popularized the concept, as have printing companies such as Xerox, Lexmark and HP. “But now, it seems to be that one industry after another is going down that path,” Herzberg says. The Internet of Things is helping drive the trend.

“What is important to understand is that no customer buys IoT for the sake of IoT,” Herzberg stresses. “They buy IoT for the sake of better business outcomes—whatever that is,” he says. “The process starts with IoT, but ends with an invoice.”

Such a shift, however, is by no means straightforward and often requires that enterprise companies rethink product design and re-envision their entire organization. Here are seven factors to consider when making the transition.

1. Figure out the ROI

Power-by-the-hour business models may be formidable, but they don’t work for every application. For instance, Mark Patel, a McKinsey partner, explained in an IoT Institute article by Tom Kaneshige that power-by-hour arrangements may be trendy but that they don’t always make financial sense. McKinsey worked with the maker of an industrial-strength soap dispenser that wanted to switch to a razor/razorblade model. The idea was simple: Give away connected self-monitoring soap dispensers and make money on soap replenishment. But McKinsey found that the cost of adding sensors and connectivity to the soap dispensers was prohibitively expensive to warrant giving them away. “The consumption-based model appears to be pretty powerful for unlocking a lot of opportunities, but we have to be careful how we get to it,” Patel said.

When launching a product-as-a-service business model, business leaders should factor in the upfront costs, as well as other factors such as maintenance that can influence the total cost of ownership such as taxation and liability, says Kshitish Soman of KPMG Management Consulting.

2. Factor in Product Redesign 

Closely related to the ROI question is the need to incorporate new types of sensors into the product. Simply put: You can’t shift from delivering a product without a service without gauging how often that product is used. Clearly mapping out the type of data to be gathered, sensor location, and how often it will be analyzed are all crucial, as explained in the Harvard Business Review article “How Smart, Connected Products Are Transforming Companies.” “The design of the product itself has to change because of the fact that it’s collecting and talking data,” explains Kshitish Soman. Bsquare senior director of products Dave McCarthy agrees: “Usage data is just one piece of information that plays into building a better product and service,” he says. “Analyzing varied streams of data better informs the entire design process — from whether the product is being used as intended, to which components are likely to fail in the future, to boosting product performance and availability.”

3. Map Out All of the Relevant Business Impacts

The best power-by-the-hour pitches come with added benefits. General Electric, for instance, leases jet engines but also will help airlines optimize fuel consumption. “The way they are doing that is by taking data from the engine and using it to optimize maintenance and performance,” says Richard Soley of IIC. “They know more about General Electric engines than anyone else in the world, obviously. But they can use that knowledge to guarantee the quality and the uptime of the engine,” he says. “It is a huge disruption for the company—if for no other reason that the maintenance is now done by General Electric [rather] than by the airline.”

[Hear from 151 Advisors partner Steve Brumer and other IIoT experts at Enterprise IoT World on October 16–17 in Chicago.]

On the other hand, Steve Brumer, a partner at 151 Advisors LLC, counsels that enterprise companies also think carefully about potentially negative business outcomes from such arrangements. “We tend to make a lot of assumptions when we enter into as-a-service contracts,” Brumer says. “But the more you go move to a cloud-based service model, the more you risk giving up access to your ownership and data rights. I get worried any time you get into a service contract where things are included in the price you pay that you have no control over.”

4. Don’t Just Reimagine Products; Rethink the Entire Organization

The shift from selling a product to a service can send ripples reverberating throughout an organization. To pull off the transition, an organization must weigh how the change will affect everything from accounting to IT architectures, business procedures, and sales and marketing. Public companies switching over to an as-a-service model will likely have to adjust their quarterly earnings reports, taxes, sales procedures and marketing activities. In the end, an IoT strategy shouldn’t focus just on individual products or services, but on how the entire organization can transform.

“There is a reason the terms digital transformation and business transformation go hand-in-hand,” says Dave McCarthy of Bsquare. “These initiatives have a tendency to blur functional silos, requiring a new look at how the business is organized. It is one reason you see more industrial companies adding chief digital officers to their rosters and developing IoT centers of excellence.”

5. Find Leadership to Navigate the Metamorphosis

As the topic of IT/OT integration weren’t difficult enough, making the jump to selling a product as a service only complicates matters. Executives can start assessing their in-house expertise, but there will likely be gaps. To manage the transition, Richard Soley of IIC stresses the importance of “building” the right talent, saying it is often difficult for industrial organizations to find the right talent to help manage the transition externally.

Steve Brumer, a partner at 151 Advisors, says it is vital to have the right executive talent when leveraging IoT to change business models. “I believe we are getting to the point where something like a chief IoT officer is going to be required under the CIO banner,” he says. “There are just so many different aspects keep track of: legal issues, business matters, privacy concerns, skills, etc. As IoT explodes and more companies want to get into it, you will have to have more of an executive focus to help pull all these pieces together.”

6. Read the Fine Print Through a Security Lens

If you are on the buying end of an as-a-service contract, you will likely assume that the vendor selling it will assure that it is secure. “I would think: If I am paying for the service from you and I am going through your cloud, you damn well better secure it,” Brumer says.

Security, however, is rarely so simple in the world of enterprise IoT. Simply put, as the scale of IoT increases to encompass tens of billions of devices, so does the attack surface for cybercriminals. This fact incentivizes all companies involved to minimize their liability and risk.

“I don’t think there is much of a mystery here,” says David Zahn, general manager of PAS’ Cybersecurity business unit. “Product-as-a-service providers will aim to limit their liability as much as possible.” The quotient of who owns more liability will be market-driven, Zahn says. “If vendors offer a commodity product and customers demand that security be included as a feature, then providers will own more liability.” If the product is differentiated or a security preference does not exist, then the opposite will be true, Zahn says.

When establishing liability, it is common to consider whether an organization’s actions were reasonable, says Bob Noel, director of strategic relationships and marketing for Plixer. One key area for this is in the implementation. If something goes wrong, both parties are likely to point fingers. “Deploying IoT device using default usernames and passwords would certainly not be deemed as reasonable,” Noel says.

Another consideration is monitoring the traffic to and from IoT devices. Scrutinizing traffic analytics, IoT device traffic flow and metadata telemetry reduces risk. “A lack of active monitoring would also likely be determined as unreasonable and liability may fall on the provider,” Noel explains. “If the provider has taken reasonable precautions and a breach occurs, a signed waiver would likely transfer the liability onto the customer consuming the service.”

7. Keep an Eye on Regulation

Legal frameworks guiding as-a-service contracts could have a dramatic effect on power-by-the-hour contracts. Describing regulation as an “x-factor,” David Zahn of PAS Cybersecurity points to the example of how regulation has altered the credit card industry. “If a credit card is stolen and fraudulent charges result, the consumer’s risk is limited to $50 by regulation,” he says. “This dramatically shifts cybersecurity risk to the credit card companies, which is why they are so diligent about monitoring credit card activity and so ready to replace a card with a new one.”

Ultimately, it is highly likely that government will play a bigger role in regulating industries deemed as critical infrastructure, Zahn says. “But we should not expect to see product-as-a-service penetrate deep into industrial process facilities,” he says. Such business models could gain a foothold when it comes to analytics-as-a-service or managed services, he says, but are not likely to gain ground in systems that have primary responsibility for production and safety.

8. Determine Who Should Have Access to the Data

For the most part, companies providing IoT-connected equipment are the owners of IoT data, so when Pratt & Whitney or GE sells a jet engine via a rental model, they control the data it generates. “You could argue that it should be the airline, the airplane manufacturer, or a third-party maintenance company, but it’s not. The engine manufacturers are the only ones that are under contract that have the rights to own that data,” Steve Brumer says.

“This practice is no different than the question of who owns that data coming from your smart TV or your Alexa or Nest thermostat,” Brumer says. “You may think that you own it, but really it is a big tech company holding the data and reselling it.”

As the industrial IoT market matures, it is likely that vendors selling products as a service will also look to create new data products based on the anonymized data. A maker of farm equipment, for instance, could get into the commodities market by leveraging data from its network of connected tractors and harvesters. “You could look at trend data and weather information to forecast that the corn yield in a given year tends to be lower in other similar years and then turn around and sell that information to a commodities broker,” says Mike Quindazzi, a managing director at PwC.

In a similar vein, Caterpillar recently increased the size of its data services unit to help support the growth of its network of 500,000 connected sensors installed in machinery globally. The goal of the initiative is to sell its customers custom reports and analytics to help inform the management of building and mining projects, according to a post in WSJ.

Battles over data are to be expected for organizations using IoT-fueled power-by-the-hour arrangements, but that doesn’t mean that an adversarial approach is necessarily the best option. The sellers in such business models can use data to boost their customer service while the buyers gain in terms of flexibility. The most-enlightened arrangement would be a mutual sharing of data that results in gains for all of the parties involved. “I don’t want other organizations to not get my data,” says Don DeLoach, co-author of The Future of IoT: Leveraging the Shift to a Data Centric World. “I just don’t want them to get the data at my expense. Everybody wins if you get the right data to the right constituent at the right time.”

Tamara McCleary, CEO of Thulium, agrees on the power of sharing IoT data but stresses that organizations must be careful when considering power-by-the-hour business models. “I cannot help but worry about giving up our power to the cloud,” she says. “If the future generation wants to rent rather than own, then we have to ask ourselves who retains the power in an as-a-service business model? The renter or the owner?”

It will likely be the latter, McCleary says. If data is the new currency of the IoT world, organizations that best harness AI and machine learning tools could dominate the landscape. In a sober-minded business world, she recommends that enterprise companies contemplate the potential ramifications of such business models. She points to internet pioneer Tim Berners-Lee’s prediction that superintelligence will be based in the cloud as an example as a useful thought experiment that could become a reality. “People tend to think about the Singularity as physical robots taking over the world, but where will the real power reside? The most powerful AI will be in the cloud,” she says. “AI, however, does not have legal rights, but the companies owning that technology do,” McCleary says. Parties on both sides of the equation should contemplate the power dynamics and data rights built into such arrangements and their consequences,” she says. “In the end though, we are already leashed to the cloud. The question is: Who is on the other end and what do they have planned?”