Which technologies do you consult on?

All of the major location, identification and IoT technologies: RTLS (UWB, BLE, Wi-Fi), RFID (passive, active and RAIN UHF), industrial IoT and sensors, GPS and GNSS, AGV and AMR robot fleets, and hybrid stacks that combine them. We recommend the right mix for each zone and use case, not a single technology.

Are you really vendor-neutral?

Yes. We do not sell hardware or a software platform of our own, and we take no resale commissions, so our technology and vendor recommendations serve your outcome rather than a product we need to move.

Do you work outside the UK?

We are UK-based and work across Europe and internationally, delivering in English, German and French. Engagements can be remote or on-site depending on the work.

What does a consulting engagement include?

Typically discovery and requirements, vendor-neutral technology selection, vendor evaluation and RFP support, ROI and business case, solution architecture, and an implementation roadmap. We scope each engagement to where you are.

Can you help after the decision is made?

Yes. We work across the full lifecycle - we can also deploy, integrate, and operate the system, so you can keep one independent team from business case through to live operation.

How do we get started?

Usually with a short call or a fixed-fee discovery to scope the problem, followed by a proposal with clear deliverables, timeline and fees. There is no obligation and no platform pitch.

FOR IT & OT

RTLS for IT and OT.

RTLS is operational technology. It rides your network, integrates with systems you already secure, and creates new data that has to be governed. This is the IT and OT lens — the questions that should be answered before any hardware is ordered.

Book a 30-minute scoping call

The network, segmentation and IEC 62443

RTLS deployments fail security review when they are treated as IT projects rather than OT projects.

The right starting point is a Purdue-model-aware architecture: where do the anchors, gateways and middleware sit? Which zone? What conduits? Modern RTLS platforms support IEC 62443-aligned segmentation,

mutual TLS, role-based access and audit logging — but only when designed in from gate 1.

Retro-fitting security after the architecture is signed costs more than redesigning.

Identity and access — who can see what location

Location data is sensitive by design: it can identify staff, expose process knowledge, and create regulatory exposure (GDPR, works-council).

The right control plane segregates raw position telemetry from derived analytics, applies role-based access at the API layer, and logs every query. The default settings on most vendor platforms are wrong for European enterprise contexts — they need explicit tuning.

Integration patterns that actually scale

Three integration patterns work at enterprise scale: streaming (MQTT or Kafka for high-frequency position events into a digital twin or analytics layer),

API-driven (REST or gRPC for the WMS, MES or EMR to pull location on demand), and ESB-mediated (where you already run an enterprise service bus, MuleSoft, Boomi).

The wrong pattern locks you into the vendor's data model. We design for the pattern your stack already uses.

Supplier and supply-chain scrutiny

Modern procurement requires SBOM, SOC 2 or ISO 27001 attestation, and patch-management commitments from RTLS suppliers. Not all vendors meet that bar — and the ones that do are not always the technically-strongest.

We run vendor scrutiny against your specific security posture (often with your CISO directly) and produce a scorecard that survives third-party-risk review.

FAQ

Frequently asked questions

Does RTLS need its own VLAN, or can it ride existing infrastructure?

Depends on the technology and your operational risk tolerance. BLE and Wi-Fi-based RTLS can ride existing infrastructure carefully; UWB anchors typically benefit from a dedicated VLAN. We design segmentation as part of the architecture, not as an afterthought.

How is location data secured in transit and at rest?

Modern platforms support mutual TLS for transit and AES-256 at rest, with role-based access and audit logging. We verify the implementation, not the marketing claim, during gate 1 review and the pilot.

Can we run RTLS in an air-gapped or restricted-network environment?

Yes — common in defence, pharma, and some industrial contexts. We have architected systems that run fully on-premises with no outbound connectivity, including in classified facilities. The vendor shortlist gets shorter; we navigate it.

What's the integration effort with our existing SIEM?

Most RTLS platforms emit syslog, JSON or CEF-formatted events that integrate cleanly with Splunk, Sentinel, Elastic or QRadar. Specific event mapping is scoped in stage 1 with your security team.

Last updated: 26 May 2026