• Share this on:

Entering the European market for (Industrial) Internet of Things services

Last updated:
Takes 33 minutes to read

On the European market you need to comply with mandatory (legal) requirements, such as copyright law and the General Data Protection Regulation. Buyers may also have requirements regarding quality management and corporate social responsibility, as well as industry-specific standards, technologies, and frameworks. European service providers and intermediaries are your most realistic market entry channels.

1. What requirements must (I)IoT services comply with to be allowed on the European market?

Requirements vary per industry, per segment and even per country. New legislation is always in the making. This makes it impossible to list (or to know) all possible requirements. Therefore we explain the most general requirements and specify the most popular and/or promising product/market combinations. We advise you to research your own (target) market. You can regularly check websites of companies or authorities that post the latest legislation, for example the NABTO website, or The Record

What are mandatory requirements?

Mandatory requirements are rules you have to follow, even if you are located outside of the European Union. For (I)IoT service providers this includes rules concerning copyright, the General Data Protection Regulation (GDPR), personal data protection, cyber security and the radio equipment directive.

Rules concerning copyright

The European Union (EU) has established specific legislation to protect computer programs by means of copyright. According to the Directive on the legal protection of computer programs, you have to make sure not to breach any copyright when placing your computer program (software) on the market.


  • Read more about the legal protection of computer programs on the European Commission’s website.
  • Check the exact regulations in your target market. All EU Member States have implemented the directive into national legislation. Although they are generally the same, there could be minor differences.
  • Pay attention to copyright and infringement (the act of breaking or disobeying the contract) clauses in the contracts you sign with European buyers.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. It was designed to protect individuals in Europe from privacy and data breaches. It has since been incorporated into the European Economic Area (EEA) Agreement, which brings three of the European Free Trade Association (EFTA) states into the European single market. This means the new GDPR is also enforced in Iceland, Liechtenstein and Norway. And because the United Kingdom (UK) was still a part of the European Union when the GDPR was enforced, the regulation will be absorbed into UK law.

These new rules were introduced to give people more control over their personal data and let businesses benefit from a level playing field, where the laws and regulations are the same in every country. The GDPR applies to all companies processing the personal data of individuals in Europe, regardless of the company’s location. This means it also applies to you directly.

The General Data Protection Regulation is very important in the (I)IoT industry, as (I)IoT use cases are always about data. You must appoint a Data Protection Officer, if your company’s “core activities involve processing of sensitive data on a large scale or involve large-scale, regular and systematic monitoring of individuals”. The main tasks of a Data Protection Officer include informing their company of its obligations under data protection legislation and monitoring compliance.

You can use IDC’s GDPR Readiness Assessment to determine how compliant you are and what you may need to improve. Audit your current data to determine whether they are GDPR compliant. What data do you have, where and why? Did you or your client obtain explicit consent to use the data for this specific purpose?


  • Be aware of what data you store and where, so you can comply with potential consumer requests.
  • Use IDC’s GDPR Readiness Assessment to determine how compliant you are and what you may need to improve. Audit your current data to determine if they are GDPR compliant. What data do you have, where and why? Did you or your client obtain explicit consent to use the data for this specific purpose?
  • Set up clear consent request forms and privacy policies that inform customers how you process their personal data. For more information, see the GDPR consent guidance and Econsultancy’s GDPR: How to create best practice privacy notices.
  • Keep records of your obtained consent, see ICO’s advice on how to record consent.
  • Also keep an eye on the European code of conduct that was submitted by the Cloud Infrastructure Service Providers (CISPE).

Personal data protection

Personal data protection legislation is becoming increasingly important as the personal data aspect in (I)IoT is expected to grow very fast in the upcoming years.

The ePrivacy Directive (2002/58/EC), commonly known as the ”cookie law”, contains specific regulations for data protection in the electric communications sector. For example, the directive prohibits unsolicited commercial electronic messages (“spam”). It contains strict rules on the use of cookies, and contact details may only be published with the subject’s consent.

A new ePrivacy Regulation was originally scheduled to enter into force along with the GDPR, but its implementation has since been delayed. The new regulation is intended to safeguard the confidentiality of electronic communications through stronger privacy rules. Unlike the current directive, it includes Internet-based voice and messaging technologies such as Skype, WhatsApp and Facebook Messenger. The latest draft was released in January 2021, but the regulation is not expected to enter into force before 2023.

Cyber security standard for Consumer Internet of Things

In 2020, the EU introduced the new Cyber Security Standard for Consumer Internet of Things; ETSI EN 303 645. This is an important standard for consumer security in the Internet of Things. A number of organisations have developed security guidelines for the IoT. It is important to keep an eye out for other standards that are being developed and might increase in importance in the upcoming years, for example ISO 27403 and ISO 30162:2022. Examples of organisations that developed security guidelines for IoT can be found on the Entrust website, METI and the Coderus website.

Radio Equipment Directive (RED)

The European commission is currently updating the RED. This is a piece of 2014 legislation that is the regulatory framework that equipment vendors must follow to sell electronic equipment on the EU market. The proposed new standard is scheduled to enter into effect in 2024. It lists three new security measures that device makers must incorporate in the design of their products.


  • Regularly check the latest information on IoT security standards. This website gives an overview of such standards, and also mentions best practices. The website of NIST is also a good source. Check your target market legislation for country specific IoT requirements. Finland and Germany have implemented a cybersecurity label for IoT. Germany is working on a similar label, as are other European countries.
  • For an overview of IoT cyber security regulations across the world, you can also look at the CETOME website, which has an overview per country.
  • Read more about online privacy and safety on the website of the European Commission.

What additional requirements do buyers often have?

Additional requirements mostly concern security, quality, corporate social responsibility (CSR) and up-to-date knowledge and skills.


Data security is one of the main challenges for (I)IoT outsourcing service providers. This includes both data protection and recovery systems. Many European buyers expect you to implement an information security and management system, especially in industries in which security is essential, such as finance and banking, healthcare, or mobile applications. Although there is no specific legislation on this, the ISO 27000-series contains common standards and guidelines for information security.

ISO 27001 is an internationally recognised standard that provides requirements for an information security management system. Companies can become ISO 27001 certified if they comply with the standard. ISO 27002 is a supporting document to ISO 27001 that gives guidance and advice on the implementation of information security controls. Other supporting guideline documents in the ISO 27000-family are ISO 27003 and ISO 27004. ISO/IEC 27701:2019 is a certifiable privacy extension of ISO 27001, supporting the GDPR.

Other standards that are gaining importance in the IoT sector are standards by the Standards Association – a globally recognised standards-setting body. We recommend you to keep an eye on their standards that are applicable to IoT.


  • Make sure you have effective security processes and systems in place, from business continuity and disaster recovery to virus protection. Consider obtaining the ISO/IEC 27701:2019 certification. To do so, you will need to either have an existing ISO 27001 certification or implement ISO 27001 and ISO 27701 together as a single implementation audit.
  • Ask your buyer to what extent they require you to implement a security management system like the ISO 27001 standard.

Quality management

Some European buyers only do business with companies that have a quality management system in place. Such a system shows that you are well organised and able to deliver the required service quality. They include, for example, backup and recovery schemes, network and infrastructure security, communication plans and relocation options.

Obtaining ISO certification will help you do business in Europe. It shows your commitment to quality. If European companies can choose between ten different (I)IoT providers of which one has an ISO certification, they will prefer the ISO certified company. Unless that company is twice as expensive, for example.

Acknowledged and common systems are ISO 9001:2015 and the Capability Maturity Model Integration. Other ISO standards that apply to retail tech services are ISO/IEC 9126ISO/IEC 9241-11ISO/IEC 25000:2005 and ISO/IEC 12119.


  • Show you are a professional company. Have good references, obtain relevant industry certification, respond quickly, communicate regularly, offer constant quality, comply with contractual agreements and have a good and stable management team to lead the outsourcing project.
  • If you (aim to) specialise in particular sectors, find out which certifications are relevant. When considering a particular quality certification, ask yourself three questions before working out the details: is it good for my company? Is it good for my clients? Does it have marketing value?

Corporate Social Responsibility

Corporate Social Responsibility (CSR) refers to companies taking responsibility for their impact on the world. Not only in the products or services they offer, but also when it comes to:

  • consumer rights
  • education and training of staff
  • human rights
  • health
  • innovation
  • the environment
  • working conditions

Documented CSR policy

CSR is becoming particularly important to large companies and governments in Northern and Western Europe. Many European companies involve their suppliers in their CSR policies. The importance of CSR in the (I)IoT market is debated, as the impact of small companies in this industry is often marginal.

Having a well-documented CSR policy may give you a competitive advantage over companies without one. The ISO 26000 standard provides guidance on CSR. For small software companies, the most relevant and practical aspects of this standard are labour practices, fair operating practices and community involvement.

Become an impact sourcing destination

You can also match the CSR policy of your potential buyer by becoming an impact sourcing destination. This is a relatively new term; it refers to a sourcing model that aims to improve the lives of people, families and communities through meaningful employment in ITO and BPO. This can be achieved either through outsourcing or by setting up remote or virtual teams using digital technology. Impact sourcing has good potential for companies that wish to make their business more socially responsible (buyers and sellers of (I)IoT services solutions). And it can be a unique selling point (USP) for your business.

Develop fair trade software

Another example of how CSR initiatives extend to small IT businesses is fair trade software. This means software that is developed for better prices, under decent working conditions, supporting local sustainability and with fair terms of trade. In essence, developing fair trade software is a way of impact sourcing. Impact sourcing has a wider reach than fair trade software.


  • Show that you care about your impact on society by implementing your own CSR policy. Clearly communicate this commitment in your marketing activities. It can be a unique selling point (USP).
  • Look at examples of small software companies engaging in CSR. For example, Telit has a Modern Slavery Statement at the bottom of their website, which means that you can see it on every page. Read more about CSR in practice on the website of the European Commission.
  • For more information about fair-trade software, see the Fair Trade Software Foundation and Web Essentials’ video on what fair-trade software development means.
  • Consult the ITC Sustainability Map for a full overview of certification schemes addressing sustainability in the IT outsourcing sector.

Up to date knowledge and skills

As an (I)IoT service provider, you must stay on top of the developments in the market. European buyers expect you to be able to offer them the possibility to work with the latest technology. It is therefore very important to stay informed about specific IoT technologies, platforms, frameworks and innovation, and keep your skills up to date.

European buyers of (I)IoT services also look for your motivation on why you choose to work with certain coding programs and technology. Your motivation should be clearly visible on your website.


  • If you specialise or aim to specialise in offering (I)IoT services for particular sectors, find out which certifications are relevant. When you are considering a particular quality certification, ask yourself three questions before working out the details: is it good for my company? Is it good for my clients? Does it have marketing value?
  • Check if resources are available that might provide your company with financial support to achieve quality certification. Contact your national IT association (for example, TAG Georgia or BPESA from South Africa) or one of the business support organisations in your country responsible for (IT) export promotion. If you are an African (I)IoT service provider, take a look at the #FastTrackTech Africa Initiative by Intracen.
  • (I)IoT standards are evolving. Keep up with the latest developments by following the Industrial Internet Consortium, the Object Management Group, the Internet of Things Global Standards Initiative and the oneM2M websites.

What are the requirements for niche markets?

European buyers often require you to comply with a sector-specific and/or industry-specific standard or code of practice (if available). There are also many technologies, technical standards, protocols and frameworks related to (I)IoT. They are developed and maintained by a large number of organisations, and they can differ significantly between niche markets. Please note that most requirements on this list are not specifically for IoT.

In healthcare, for instance, Health Level 7 (HL7) and the Health Insurance Portability and Accountability Act (HIPAA) are important. In the automotive industry, MISRA and AUTOSAR are the two main coding standards used, but ISO 26262 and ISO 15504 are also applicable.

Below, we list some of the most important niche market requirements and requirements that affect the largest end markets for (I)IoT-related services.

Basel Committee Standards

The Basel Accords are a set of recommendations for regulations in the banking industry, developed by the Basel Committee on Banking Supervision. Basel I is the minimum requirement, often not accepted by European clients. Aim to get the Basel II and/or Basel III standard.

Other main European industries (in addition to financial services) to which sector-specific buyer requirements apply in relation to IT outsourcing are subject to sector-specific regulations that may include requirements related to outsourcing. Check the relevant country and industry-specific regulator for applicable regulations. Examples of sector/service-specific buyer requirements include COPC certification or ISO 18295-1:2017 for Contact centres and HL7 and HIPAA for Health and social care.

Keep in mind that these are only examples. Requirements for niche markets vary greatly because the (I)IoT market is very diverse. There is an immense amount of technology, and companies often focus on horizontal and/or vertical markets, so you have to research your own specific situation, market and requirements.


  • Check the list by Postscapes to familiarise yourself with the required IoT standards and protocols involved in Internet of Things devices and applications. Other sources that might be helpful in your research are PCI Security Standards, the ISO website, the SAP website and the website of the European Commission.
  • Look at our Buyer Requirements study for more information on the IT outsourcing sector in general.
  • We advise you to check the exact rules that apply in your European target market. On the ePing website you can find an overview of country-specific measures that affect trade and which differ from the international standards.

2. Through what channels can you get (I)IoT Services on the European market?

How is the end market segmented?

The (I)IoT market is best segmented by the applications in the personal domain (Connected Home & Car and Consumer Goods & Health) and applications in the public and enterprise domain (Smart Cities and Industrial, or IIoT). See also figure 1.

Figure 1: IoT market segmentation

IoT market segmentation

In the vertical market, the retail industry has witnessed a particularly significant growth over the last two years (2020 and 2021), this is mostly due to the massive expansion of the e-commerce industry.

On the service provider side, there are generalists and specialists. Generalists are (I)IoT service providers without any specific and considerable focus on or experience in a particular vertical or horizontal market segment. Specialists in the (I)IoT services market do have a focus on or a lot of experience in a particular vertical or horizontal market.

For smaller (I)IoT providers, experts predict that the best chances on the Internet of Things market lie within smart manufacturing, connected health and wearables, retail and smart homes. However, there are also good opportunities in smart agriculture. This market segmentation applies to all countries in the European Union, although there are significant differences between the countries. For more information about these countries, please also read our Market Analysis study.


  • Monitor developments within the European (I)IoT market that are relevant for your company by conducting Google searches that combine your product or service with a particular niche market.
  • Research the end-market segment that you want to focus on. This allows you to effectively market your company.
  • If your (I)IoT service is a relative commodity, you should focus on a niche market. Especially if you can find a niche market that is underserved with software or has the room/need for digital innovation/transformation.

Through what channels do (I)IoT services end up on the end market?

As a service provider in a developing country, you can use several trade channels to enter the European market. Figure 1 provides an overview of the trade structure for outsourcing. This structure is more or less the same in every European country.

Figure 2: Trade structure for outsourcing (I)IoT services in the European market

Trade structure for outsourcing (I)IoT services in the European market

What is the most interesting channel for you?

Your most common and most promising market entry channels are European service providers and consultants/matchmakers. Another option is to work with a local sales office or direct sales (possibly through online platforms).

Selecting a channel depends on your type of company, the nature of your product or service, your target market and the available resources for market entry. You must understand that, regardless of the channel you choose, your own marketing and promotion is a vital part of your market entry strategy, for which you are responsible.

European service providers

(I)IoT service providers from developing countries find a European service provider (ESP) to partner up with either directly or by working together with a matchmaker and/or a sales representative. Because many European companies prefer to deal with a local contact person, an intermediary is a good option. A European service provider that is similar to your IT company would be your most suitable subcontractor. Ideally, this IT company should design, develop, market, sell and maintain (I)IoT solutions that are similar to yours.

The relationship between an ESP and a subcontracted supplier is generally characterised by:

  • trust
  • interdependence
  • a structured relationship (functions, tasks, communication and procedures)
  • potentially limited marketing visibility and market access opportunities for the subcontracted supplier
  • no intellectual property (IP) rights, or a loss of IP rights for the subcontracted supplier
  • work orders on an if/when necessary basis



A consultant/matchmaker is a person or a company with a large number of relevant contacts in a specific market segment or industry. As an intermediary they are a door opener, not an agent to make cold calls or send cold emails. Always properly inform your consultant/matchmaker about your company. They speak with many potential customers and often involve in creating long lists of potential outsourcing providers. The more information they have on your company and the better they understand your capabilities, the more they can spread the word about you.

If you work with a consultant/matchmaker:

  • the consultant/matchmaker makes appointments with prospects for you;
  • the presentation and sales process remains in your own hands;
  • you pay a retainer + success fee (which can be expensive);
  • the consultant/matchmaker usually has multiple clients;
  • you need to set clear expectations and objectives to measure their performance.

A retainer + success fee construction can be expensive. While the success fee depends on what the intermediary has delivered, you have to pay the retainer (usually a fixed monthly payment) regardless of their performance. Together, they should provide a strong motivation for the intermediary to deliver: the retainer should be high enough to cover some of the costs, but low enough to encourage delivery. A properly drafted contract, by a lawyer, is a must.

Matchmakers make appointments with prospects for you. However, the presentation and sales process remains in your own hands. This means that a consultant or matchmaker is a good option for you if you feel comfortable taking care of the presentation and sales process yourself.

You also need to determine an exit strategy in the contract. It is in the absolute interest of the service providers to clearly define a (shorter) period after which the contract can be terminated without any further consequences. This period is usually not longer than three or four months (after which the contract will be evaluated and can be terminated – for non-delivery for instance – or prolonged for another period). For this period, there should be clearly defined delivery expectations and targets for the consultant or matchmaker, such as the number of relevant contacts, meetings and leads). You could also negotiate a trial period.


  • When contracting a consultant/matchmaker involve a good lawyer who knows the applicable law of the country where the intermediary resides and has previous experience with this type of contracting. Pay special attention to exit clauses, success criteria, deliverables and payments.
  • Try to avoid limitations to your marketing coverage and activities in your contracts.
  • Think about who would be a good sales representative for your company. Although convenient, your uncle who lives in Germany might not be the best choice.
  • Pre-COVID-19, various organisations have organised matchmaking sessions or missions where companies from developing countries could participate. Find out if there are any organisations in your country that offer matchmaking sessions (on- or offline).

Direct sales and online marketplaces

You can also try to sell your (I)IoT services directly to European end users. Many European companies are looking for cost reduction and delivery capacity, which developing countries can often provide. This is one of your unique selling points. However, you should be aware that these end users might not have qualified IT staff to work with.

Developing IoT products also offers opportunities for global market expansion. For example, via innovation and development of disruptive technologies, attracting investments possibly via crowdfunding and establishing start-up companies as spin-offs of your company, often in collaboration with the producer of the physical machinery or sensors in question.

Crowdfunding is defined by Fundable as a method of raising capital through the collective effort of friends, family, customers and individual investors via online channels, such as via social media and crowd funding platforms. By making use of different European crowdfunding platforms, you can find potential investment partners based in Europe and raise capital to help further develop business ideas.

Electronic marketplaces are a cheap marketing tool that may make direct sales easier. They are expected to lead to lower transaction costs for searching, evaluating, integrating and monitoring (I)IoT services. Although they mainly contain smaller projects for freelancers, they could lead to pilot projects for companies. However, you would need excellent end-market knowledge.

For most suppliers from developing countries, it is very challenging to sell (I)IoT services directly. Sometimes, suppliers from developing countries team up with other service providers to make an offer for direct sales to European customers. Having one or more customers in Europe will help you find another suitable European customer, as references are a must when you want to enter this market through direct sales.

The main characteristics of direct sales to end users are as follows:

  • There must be a direct relationship between the service provider and the end customer.
  • You must have a lot of exporting experience.

Direct sales to end users can be interesting if you:

  • have experience in the European market;
  • are a large company;
  • want to target large European end users;
  • focus on a small, underserviced niche market.


  • Look for potential leads in the field of (I)IoT services on online outsourcing marketplaces. For example, UpWork, Fiverr and Freelancer can be interesting for freelancers or very small companies.
  • Have a professional, high-quality company website, where you can present full, accurate and up-to-date details of your product/service offering at low cost. Make it compatible with mobile devices such as smartphones and tablets, as these are increasingly popular in Europe. Also, invest in Search Engine Marketing and Search Engine Optimisation, so potential customers can easily find you online.
  • The LinkedIn platform can be particularly useful for making initial contacts and for conducting market research. It is also a very important platform to display your skills. Having a good LinkedIn profile is second-most important, after having a good professional website.
  • The Github marketplace can also be an interesting place to find potential customers and to show off some of your knowledge and skills.
  • Combine offline and online promotion channels to develop as many contacts as possible. This maximises your chances of finding suitable partners/customers. You can use social media as a marketing tool to reach potential customers, especially professional platforms like LinkedIn.
  • Take a look at sites such as Crowdsourcing Week and Silicon Canals to learn more about crowdfunding and to find the best European platforms. Different platforms are used in different countries.
  • For more information on finding business through online marketplaces, please read our study about finding buyers on the European outsourcing market.

3. What competition do you face on the European (I)IoT services outsourcing market?

Which countries are you competing with?

India, Poland, Egypt, Bulgaria, Romania and Czechia can be considered your strongest competition.

In general, European companies prefer to outsource services to providers within the same country (also known as homesourcing, or simply outsourcing). When they do outsource to companies abroad, they generally prefer nearshore locations, because of proximity, language, cultural similarities and the minimal time difference. For more information on nearshoring versus offshoring, see our study on the European market potential for software development services.

The Global Services Location Index (GSLI) ranks the competitiveness of ITO/BPO destinations based on 4 categories: financial attractiveness, people skills and availability, business environment and digital resonance. In this chapter, we connected the country scores in the GSLI with the most competitive countries for (I)IoT service providers.

Table 1: Global Services Location Index

Financial attractiveness (35%)People skills and availability (25%)Business environment (25%)Digital resonance (15%)
Compensation costsITO/BPO experience and skillsCountry environmentDigital skills
Infrastructure costsLabour force availabilityCountry infrastructureLegal and cybersecurity
Tax and regulatory costsEducational skillsCultural adaptabilityCorporate activity
 Language skillsSecurity of IPOutputs

Source: Kearney analysis

India continues to lead the Global Services Location Index. This leading position is mainly due to the country’s unique combination of low-cost services and English language skills. This attractive profile makes India a particularly strong contender on the IT outsourcing market. To stay ahead, the country needs to prepare for the shift from lower-skilled jobs that may be replaced by robots to more creative and highly-skilled work. This applies to other low-cost countries as well.

However, India is increasingly known to be a ‘bulk’ destination and not a place where you go to if you are looking for very good quality work. And besides that, their language advantage is getting smaller. Many other countries are catching up, while India’s overall language skills have not improved.

European buyers often associate extremely low developer rates in Asian countries with poorer project quality. They think that cheap service providers must compromise on the skills and experience of the (I)IoT service developers, or even their working circumstances.

This illustrates that although offering competitive rates is important, you should not compete only on price. As relatively simple (and therefore cheap) tasks can be automated, your focus should be on excellent skills, knowledge, and creativity, which have a higher value. Demonstrating your commitment to quality through references and quality management systems is key to building trust among potential European clients.

Poland used to be the highest-ranking Central and Eastern European country. It has since been surpassed by Estonia (12th) and has moved down to the 14th place. But Poland is still a very strong competitor, mainly because its financial attractiveness and start-up activities. Both Warsaw and Krakow are emerging as regional start-up centres.

Egypt ranks 15th in the Index. It is a strongly emerging African destination for IT outsourcing. Its time zone (GMT+2) partly overlaps with Western and Northern Europe, eliminating the time differences generally associated with offshoring. Its considerable investments in infrastructure and cybersecurity are boosting the country’s business environment performance. The new administrative capital (New Cairo) is designed as a Smart City using the Internet of Things and big data analytics, and is meant to create an Egyptian Silicon Valley.

Wages in Egypt are still low, while its workforce is increasingly well-educated. However, the Egyptian government is encouraging tech graduates to become freelancers, which makes it challenging for companies to create a solid team.

Bulgaria now holds the 17th position for the 2nd time (coming from 15th in 2017). It is a stable factor in the top 25. Bulgaria has relatively low compensation costs (all labour costs, including wages, insurance, benefits and taxes) and good ITO/BPO experience and skills.

Romania is another Eastern European country that benefits from its location close to the main Northern and Western European markets and a relatively large talent pool and low wages. Romania ranks 32nd on the GSLI index. Investment in digital resonance would particularly benefit this country.

Romania can be seen as both competition and an interesting market to focus on. This is because its talent pool is drying up and it is increasingly looking for ways to expand its work force.

Czechia is currently in the 34th position, coming from the 33rd in 2019, but ranked 16th in 2017. Czechia is in a similar position as Romania regarding the work force. In 2021, 62% of Czech employers report a long-term lack of suitable candidates for open vacancies.


  • Compete on the quality of your services, rather than just on costs.
  • Specialise in specific horizontal/vertical markets, emerging technologies and/or niche market segments to avoid competition.
  • Visit leading European trade fairs regularly to meet competitors and potential customers. Do your homework and select the events very carefully. Only attend events that fit your profile well. Many trade events directories are available online, such as 10Times, and UK Exhibitions. Create a list of relevant events and update this list regularly.

Which companies are you competing with?

Examples of (I)IoT service providers are:

Rinf.tech – A Romania-based company that also has delivery centres in Bulgaria and Ukraine. They have representation offices in Germany, France, Spain and the USA. Their website is very clear about their offering. They give examples of how their solutions have worked for different industries (success stories), they talk about their delivery models, their methodologies and their certificates.

Memos Software – A Czech-based company that develops its own IoT solutions, but also builds custom software. They included a call-to-action on their landing page. They invite visitors: are you interested in improving business results? Request a free IT analysis. Visitors can then click the button for a free IT analysis.

E.Vision – Has its headquarters in Egypt, but also has offices in Canada, the United Arab Emirates and Saudi Arabia. They are very clear about what they can offer potential customers; concrete business solutions that are also “uniquely attractively designed”. Their website provides examples of (IoT) solutions they have developed. They are clear about their vision and the products and services they offer.


  • Search company databases to find more competing companies. These databases can be free, like company.info, or paid, via chambers of commerce (such as the Dutch Kamer van Koophandel in the Netherlands) or commercial databases like Bold Data. Identify which databases will benefit your search and use them to create a list of potential customers to target.
  • Find out how your country gets ranked on the various lists of (I)IoT service providers that are present on the Internet. There are many sources on the Internet that make lists like that. An example from March 2022 is this list by The Manifest: top 100 Internet of Things companies.

Which products are you competing with?

In the (I)IoT sector, the product is the service. This means that the real question here is: what makes one service provider different from another? The answer is: technical knowledge, available capacity, references, domain knowledge, flexibility, reliability, communication and language capabilities, quality management, security infrastructure, vertical and/or horizontal market focus and niche market orientation, among other things.

There is space in the market for innovation and developing your own products. More space than in generic software development for IoT. It is a challenging market, but it holds a lot of opportunities for companies that want to develop and sell their own innovative product.


  • Invest in country branding. For more information on this topic, see our tips on doing business with European buyers.
  • Find out how you can get a competitive advantage, based on factors such as cost, quality, technology or product characteristics. Look at this website by HackerRank, which presents their Developer Skills Report every year. You can find, among other things, the most popular programming languages, the most popular frameworks, the kind of frameworks hiring managers want versus the framework developers know (so you can see where there is more demand than supply) and much more.
  • Keep an eye on the innovation initiatives for the Internet of Things. One particularly good source is the Alliance of Internet of Things Innovations.

4. What are the prices for (I)IoT services outsourcing?

When trying to make a sale in Europe, it is very important to offer the right price. For (I)IoT services outsourcing, price is often not the most important selection criterion, but the price has to be right and competitive. The price of (I)IoT-related services is influenced by factors such as technology requirements, skill levels, complexity of the projects, length of the contract and other SLA requirements.

Unfortunately, it is not possible to make an exact price breakdown. First of all, (I)IoT projects are so diverse that it is impossible to make one price breakdown that suits all (or even most) projects. Secondly, it requires so much estimating and unforeseen elements that even the process itself is an estimation, and definitely not an exact, scientific process. Also, if the project makes use of Agile methodologies, there is no pre-determined specification, which makes estimation a big challenge.

So how do you determine the price of a project in (I)IoT outsourcing services?

Determining the price of an (I)IoT project starts with determining the work that has to be done, the time it will probably take, the skills needed, the people who will do the work and their salaries. With this information, you can make a planned, detailed schedule (including milestones and a delivery schedule), so you know how many people will spend how many hours on the project. You can calculate the salary of the people working on the project by working with the links in the tips section. Do not forget the costs of overhead, unforeseen costs and other costs, and of course your profit expectations. These are all estimations.

Based on this process, you can calculate the total price, the hourly price as well as the average price for the project. This hourly price is the one you communicate to your prospects. In any case, talking with your prospects is the best way to make sure that your prices are competitive. And if they are not, what is the justification (one that the prospects will accept!) for that?

You must choose a price model for your product or service. For (I)IoT, it is most common to work with all-inclusive offers, also known as a fixed-price contract. Other (I)IoT outsourcing models are Time and Material Model, Dedicated Team Model or an offshore development centre.

When you make your prospect an offer, include the price. Be transparent about the number of hours you expect to work on the project and the hourly tariffs. Break down your tariffs by stating the price for each person working on the project (for example: junior developer, senior developer, designer or tester). For more information on pricing models in outsourcing, please read this document. Also, go beyond setting the right price. You should work out your pricing strategy, including your and your clients’ preferred pricing model, payment terms/expectations, how and when you provide discounts and so on.


  • Study average prices in reports such as those by Cleveroad, IT Jobs Watch or Pricing Solutions. You can also research the average salaries for various roles in the software development process via platforms like Payscale. Then analyse your costs and profit (margin) expectations to calculate your price and find the right price for your service.
  • Create the “ideal” client person to help you tailor your offer. For example: “a technology provider with fewer than 200 staff in the Rhineland area, specialised in Internet of Things and big data services”.

This study was carried out on behalf of CBI by Globally Cool B.V. in collaboration with Laszlo Klucs.

Please review our market information disclaimer.

  • Share this on:


Enter search terms to find market research

Do you have questions about this research?

Ask your question

If a company offers software development, it’s important to clearly show where the focus is and why. Is it Java, Microsoft or a low code platform? Or a combination? Making clear what customers can expect is crucial to gain credibility from buyers in the EU.

Ad Hesseling

Ad Hesseling, CBI outsourcing expert and senior IT recruiter



Exporting Internet of Things services to Europe