After the massive digital transformation triggered by mobile and cloud, the Internet of Things (“IoT”) is now the next stage of digital transformation. IoT enables enterprises to collect real-time data about the location and status of their most important things, which leads to increased efficiency, the automation and/or elimination of manual tasks, better customer service, and even new revenue opportunities. To maintain a competitive edge and stay relevant, all enterprises that touch the physical world need to implement IoT applications.

“Gartner data shows that two-thirds of all business leaders believe that their companies must pick up the pace of digitalization to remain competitive…[Looking ahead] Gartner anticipates three high demand skills: Artificial Intelligence (AI), Digital Security, [and] Internet of Things (IoT)”

‍Gartner Says Digital Disruptors Are Impacting All Industries; Digital KPIs Are Crucial to Measuring Success

Right now, the IoT industry is maturing from test projects and pilots to full-scale IoT applications deployed across large enterprises. However, as the industry is rapidly maturing, we’re faced with a critical question: which department(s) will be responsible for managing these new IoT applications?

IoT applications aren’t something that you set and forget. IoT applications are living, breathing things that require care and feeding to thrive. While this is also true of the myriad of SaaS applications that have been adopted by enterprises over the past few decades, a critical difference is that IoT has an intensely physical component. For example, new network infrastructure might need to be installed and managed to enable an IoT application, and separate sensing devices are typically attached to assets. Many of these assets are constantly moving and/or distributed across broad areas. Contrasted with pure software applications, this requires operational proficiency to manage the physical infrastructure (both network and devices) and adapt to and transform existing operational processes.

In addition, a challenge shared by both pure software applications and IoT applications is the cross-departmental nature. Both pure software applications and IoT applications can be focused on point problems and siloed departments. Still, the greatest value is unlocked when the enterprise’s systems are integrated. As a small example, sales data helps marketing and product teams make better decisions, while data about product usage helps marketing and sales target their messaging. Value flows in all directions throughout an enterprise when systems are effectively integrated.

This is equally, if not more, true of IoT. Like an asset’s location, asset data can enable on-the-ground staff to quickly find what they need and save time. Data about asset utilization can help operational teams proactively provide predictive maintenance to assets before they break. For example, an IoT application focused on indoor asset tracking in a hospital setting can enable nurses to quickly and smoothly find the medical equipment they need (IV pumps, telemetry transmitters, wheelchairs, etc.) rather than spending 30+ minutes manually searching. The clinical engineering department at that hospital can use the same IoT application to maintain equipment more effectively and leverage equipment utilization data to optimize the procurement of additional assets.

The point here is that value is created across the entire business and not in one department, making it unclear which department should be ultimately responsible at first glance. Before answering whether or not that department should be IT, let’s address what IT departments do today.

What Do IT Departments Do?

If you already work in IT, this section will probably be familiar to you. If you don’t work in IT, please read on as this section provides key background context for when we later discuss whether IT is best suited to be responsible for IoT.

Let’s start with some history. The seeds of the modern IT department were sown in the era of mainframes. At first, the IT department was primarily focused on supporting back-office functions. This meant operating and maintaining the hardware of the mainframes and creating and enhancing critical back-office applications.

After mainframes came PCs. PCs were essentially mini-mainframes, not yet networked with each other, so IT’s job was primarily focused on ensuring that PC applications were available for users and troubleshooting issues with the PCs and/or their applications. PCs thus expanded the responsibilities of the IT department by adding a desktop support function. This required the addition of new skills and capabilities, specifically, about the software applications now available to users, especially as shrink-wrapped PC productivity applications exploded in popularity.

As PCs became networked to each other within the enterprise, the scope of IT responsibilities expanded once again. No longer was the IT department focused primarily on being a help desk and troubleshooting technical issues, but it was now key to integrating business processes for the enterprise. Network management and database development had to be added to IT’s skillset. Networks of computers now meant more applications and more data, elevating the responsibilities of IT to include integration of disparate applications, aggregating and organizing data, and exposing that data in valuable ways internally and externally.

Next came the Web. If networking computers within an enterprise meant more applications, more data, and more complexity, then networking computers globally via the Web only supercharged these trends, meaning more opportunities and more challenges for the IT department. Now that applications could be procured in a SaaS model, IT’s responsibilities expanded once again to include managing integrations with external applications, managing user access across disparate applications, and creating and enforcing processes, policies, and procedures across the entire enterprise in the interest of security and cohesion.

After the Web came to the advent of both mobile and cloud, security has become even more important as employees bring their own devices into the enterprise environment and/or work remotely. In addition, as workloads and applications have been moved to the cloud, IT departments have had to expand their skillsets to include management and orchestration of cloud services.

From its start as the humble helpdesk and technical support, the IT department has rapidly evolved and expanded to become mission-critical to enterprise success by cutting costs, improving efficiencies, surfacing insights, and even generating revenue directly. Each successive wave of digital transformation, from mainframes to PCs to the Web to mobile/cloud, has meant new opportunities and challenges, necessitating new skills and capabilities.

IoT is the next stage of digital transformation, and once again, new skills and capabilities are required.

What Skills and Capabilities Are Needed for IoT?

Let’s temporarily put aside the question of who should be responsible for IoT and first understand what skills and capabilities are required for success.

Device Management

IoT can represent multiple orders of magnitude increase in the number of devices an enterprise needs to manage. IoT is still in the early stages, but already 69% of enterprises estimate that the majority of devices on their enterprise network are either IoT or unmanaged. Whereas there might be hundreds or thousands of employees, each with their own laptops and smartphones, an IoT application might require tens or hundreds of thousands of IoT devices.

Not only can the total number of IoT devices be immense, but for large enterprises, there will often be a large number of IoT device types. One of the key differences between an IoT application and a classic SaaS application is the addition of sensors and actuators. IoT applications are defined by their ability to automatically collect data from and perform actions in the physical world. However, there isn’t a single device to rule them all – different IoT devices are optimized for different business problems.

Together, these factors mean that a successful IoT application necessitates the following device management skills and capabilities:

1. Evaluation & Procurement. Which IoT devices are best suited for the particular needs of the business? How do you test and compare them to determine which options are best? For very large enterprises, does it actually make sense to design and manufacture custom IoT devices to optimize for your particular needs and to reduce costs? How do you procure the IoT devices and ensure a secure supply chain?
2. Initial Device Deployment. How do you attach and pair your new IoT devices to existing assets without disrupting business operations? How do you ensure that you cover all existing assets?
3. Operational Management. Once your IoT devices are deployed, how do you ensure that the IoT device-to-asset attachment and pairing remains accurate? What is the process for attaching and pairing new assets to IoT devices to ensure you maintain complete coverage? As IoT devices drain their batteries, how do you ensure they’re recharged or their batteries are replaced at the appropriate times? How do you flag IoT devices that are having issues and how do you determine what the issues are (e.g. a network coverage deadzone vs. a defect vs. physical damage vs. lost vs. stolen etc.). Then, what is your process for investigating and addressing issues with your IoT devices?
4. Firmware Management. Keeping firmware up-to-date is critical for maintaining security and patching bugs, but how do you roll-out firmware to select groups of devices for testing? Given bandwidth constraints for many IoT networks, how do you ensure retries when firmware updates fail? How do you effectively deploy different firmware versions to different devices for different use cases? How do you know the current firmware version of each device?

Network Management

As mentioned above, there isn’t a single device to rule them all, different IoT devices are optimized for different business problems. This means that when choosing and/or building an IoT application, one of the design considerations is the network connectivity. How is the system wirelessly communicating with the IoT devices?

IoT connectivity options abound. While many IoT applications can leverage public networks provided by carriers, including NB-IoT, LTE-M, 5G, and more, other IoT applications require the deployment of a dedicated private network, e.g., a local LoRa network.

Depending on your choice of network connectivity for your IoT application, you may need the following skills and capabilities:

1. Installation & Tuning. Where are the optimal places to install gateways? How do you ensure that the gateways have power and internet backhaul? How do you properly tune your gateways such that you make best use of your local RF spectrum, especially when using public RF bands? For IoT applications where the network is also acting to determine location, such as indoor asset tracking use cases that leverage Bluetooth gateways for locationing, how do you adjust sensitivity and make proper tradeoffs between coverage, accuracy, and overall cost?
2. Authentication & Security. An open network means an open attack surface for cyber attacks, so securing a network is key. Just like enterprise WiFi networks, you don’t want just any person or device connecting to the network. So how do you verify and permission your IoT devices so that only authenticated devices are given access to your network?
3. Deduplication. You will often have multiple gateways responsible for “listening” for messages from your IoT devices. If multiple gateways “hear” the same message, how do you recognize that these messages are the same and deduplicate for clean data?

Application Development & Configuration

It bears repeating that there is no one-size-fits-all solution in IoT. Not only is there a huge number of combinatorial solutions when it comes to device selection and connectivity selection, but every business is fundamentally different. Every business has different nomenclature for assets, different types of users and org structure, different existing business systems and applications, and more.

Whether you are building a custom IoT application from scratch (not recommended) or getting a jumpstart with a vendor’s offering, this means that some level of configuration will always be a necessity. Configuration needs include:

1. User Roles & Permissions. What are the user types? For each user, what data and capabilities do they have access to? What data and capabilities should be restricted? Can you integrate user roles and permissions with your existing identity management system for SSO and centralized role management?
2. Locations & Zones. Where is this IoT application going to be deployed? Do these locations need to have a digital floor plan (as in the case of indoor asset tracking applications) and/or do these locations need to have defined geofences (as in the case of outdoor asset tracking applications)? How do you easily set up and maintain these locations and zones?
3. Data Visualizations & Layout. What views of your data are key for each user role? Do you need a map, a table, a gantt chart, a graph, or all of the above? How are these different views organized relative to each other? Are they on the same page or separate pages? That is, what is the overall data and page hierarchy?
4. Look & Feel. Employees are used to incredibly easy-to-use applications in their personal lives, so look and feel will directly impact employee uptake and usage. Does the IoT application match your company’s branding? Do the icons for assets and other things within the application match your use case and your business? Does the IoT application have great overall UI/UX?

Business Integration & Workflow Management

IoT enables enterprises to get real-time insight into key attributes of their most important assets. This new data stream means that integration with existing business systems is critical to unlocking maximum value from new IoT applications. This business integration can be conceptualized as two types of integration:

1. Technical Integration. How do you effectively pull data from existing systems within your business (e.g. ERPs) to enrich and contextualize the data about the IoT devices? How do you effectively pull data from your new IoT application to augment your existing systems? Do your existing systems support modern communication protocols (e.g. RESTful APIs) or do your systems use legacy protocols that will require adaptors/translators to normalize the data?
2. Operational/Workflow Integration. A workflow is the way people get work done, including who is responsible for what and when. IoT applications promise to streamline existing workflows by removing manual steps, but also usually require the addition of new steps and entirely new workflows. So what existing workflows will be effected across your organization? What steps can be removed? What steps need to be added? Who is responsible for each of these reimagined steps of your workflows? How do you retrain and reallocate resources that are now out of a job? As you make these changes and decisions, how do you message the changes to your employees, create training materials, and build processes for ongoing training of new employees in the use of your IoT application(s)? How do you empower employees to create their own workflows?

“The idea that a minority of creators and a slightly larger cohort of curators determine experiences for most users is now old fashioned in consumer tech. Everyone can be a creator. In the enterprise this is manifesting as more employees being more empowered with the means to customize how they define, design and deliver their work”

‍The First Era of SaaS Ends by 451 Alliance

So, Should IT Departments Be Responsible for IoT?

The answer is yes. The answer is also no. If there’s one thing to take away from everything written so far in this article, it’s that IoT is complex and encompasses many parts of an enterprise.

Many of the skills and capabilities required by IoT are adjacent to the skills and capabilities IT departments have developed over the past few decades. The modern IT department at a large enterprise is responsible for managing devices like laptops and smartphones, managing the enterprise’s WiFi network, developing and configuring enterprise applications, integrating disparate applications, and looking across the enterprise to help meet broader business goals and objectives. These responsibilities and skills translate well to many of the needs of IoT applications described above.

IT departments need to be responsible for many of the elements of a successful IoT initiative. However, the IT department can’t be the only department that is responsible. There are other key elements of a successful IoT initiative that lie outside of the domain expertise of the IT department. In particular, the operational elements of an IoT application tend to have greater adjacency to departments such as OT or just Operations more broadly.

“IoT is largely an operational solution. That said, the use of an organization’s network, cloud capabilities and integration with other enterprise applications results in the need to involve the IT department during solution development. However, the IT department’s focus on security, connectivity and management often contributes to a lack of expertise in the operational and business objectives of deploying different systems. This typically results in conflicts between the IT and OT departments.” 

‍Evolution of IT departments to support IoT and digital transformation

The so-called “IT and OT Convergence” is a hot topic of conversation, but in the interest of wrapping up this article, we’ll only touch on it briefly here. The key takeaway from the IT/OT debate is that the division between Information Technology (IT) and Operational Technology (OT) isn’t as clear as it once was. Historically managed by OT, equipment, and machinery are now becoming connected via IoT, enabling new data generation and automation opportunities.

So yes, IT departments will be critical stakeholders in the deployment of IoT applications, but they can’t do it alone. Cross-department collaboration, coordination, education, and enablement are all key requirements for success in IoT. In my next article, I’ll take a deeper dive into what IT departments specifically need to know to succeed in IoT.