For machine builders, providing remote service in a practical and efficient way has become a major challenge. In my role as Product Manager at IXON, I’m right in the middle of it. I hear what machine builders want, but I also see the factory’s perspective.
It has become a complex relationship. Machine builders often look for the “silver bullet”, that one technical solution that will solve everything. But the reality is that it doesn’t exist. The solution lies not just in technology, but also in the process.
I fully understand the position of machine builders. You have one clear goal: keeping the machine running. You feel responsible for that. When there’s a problem, you want to jump in immediately, see what’s happening, and fix it.
It’s incredibly frustrating when procedures slow you down while a machine is idle, or when you’re simply not given access to monitor the process. On top of that, it becomes unmanageable when every customer requires a different remote access tool. If you have 50 customers, you can’t realistically work with 50 different systems. That makes your service department inefficient and slow.
The factory’s IT department has a completely different set of priorities than the machine builder. Their focus is on security and risk management.
As a result, IT departments have to be strict. They can’t open ports without tight control. They’re frustrated by the growing number of remote access solutions entering the factory, sometimes even without their knowledge via 4G connections. For them, this has become an unmanageable risk, especially since suppliers can often decide when to access the system.
So where do things typically break down? Many machine builders coordinate projects with a project manager or operations manager, while the IT department is left out initially. The thinking is: “We’ll deal with that later.”
The result? Installation day arrives. The technician asks IT for an IP address and permission for an outbound connection… and gets a “no.” The IT department wasn’t involved, sees a risk, and blocks access. The outcome: delays and no remote service.
To solve this, the process needs to change.
Involve IT from the very beginning, when defining requirements and specifications, right after the machine is sold. Even if your contact at the factory says it’s not necessary yet, push for that conversation. Experience shows this prevents problems later on.
This shouldn’t be a one-way conversation where you just explain your needs. Turn it around. Ask the IT department: “What do you need to make this work for both of us? What are your security policies, and how can we make sure our solution complies?” This shows you take their responsibilities seriously and can help prevent them from forcing you to use their preferred tool.
For factories, control is the key requirement. They don’t want a permanent connection they can’t monitor. The solution is a system where the factory must approve access before a connection is established. It also needs to be practical: depending on who is on duty, different people should be able to grant access.
At IXON, we address this with an “approval flow.” You request access, the customer approves it (for a specific time window), and only then is the connection established. This gives IT managers the control and confidence they need.
Sometimes VPN access simply isn’t an option, for example, under a strict “Zero Trust” policy. In these cases, the IT department won’t allow your laptop (as a third-party device) to connect directly to their network. The alternative is often a local “engineering station” in the factory with the required software installed.
While this is less user-friendly (and more expensive) for service engineers, it can still be facilitated through IXON. My advice is to explore this option proactively when VPN is off the table. Otherwise, you may end up dealing with both a third-party tool required by the customer and a cumbersome local engineering station. By keeping everything within your own platform, you at least maintain visibility and control.
There is no magic solution that opens every door. Successful remote service ultimately depends on stakeholder management. Treat the IT manager as a key stakeholder who can help ensure compliance with their policies. By combining this approach with technology that gives them control, you can prevent a proliferation of tools and create a secure, practical connection that works for both sides.