Platforms for managing distributed sites
One central console for all your plants, sites, or end customers — secure browser access, granular permissions, audit-grade logs. We build the platform you use to operate your distributed industrial and critical-infrastructure fleet.
Leading companies worldwide trust WZ-IT
TeamViewer and VPN providers don't really solve this
Classical tools are designed for individual sessions: a technician connects to a plant, done. As soon as you need to manage hundreds of sites with different end customers, granular permissions, and audit-grade access, those tools start working against you.
A custom platform gives you control over the permission model, the audit format, the branding, and most importantly over data residency — no US SaaS vendor in the tunnel to your critical-infrastructure plant.
What we typically encounter
- ×Spreadsheet of plant IP addresses
- ×Shared VPN configs no one can revoke anymore
- ×TeamViewer per technician, no central audit
- ×Shared admin account on the HMI for all end customers
- ×No way to give an end customer access without buying licenses
Six building blocks every remote management platform needs
These capabilities are already shipping in production industrial platforms we built — we adapt them to your use case instead of starting from zero each time.
Secure site connectivity
Every site connects to your platform through an encrypted, dedicated VPN tunnel. Connectivity is automated, new sites are provisioned in minutes — without on-site configuration.
Browser-based access
Technicians and end customers open a tab and they are connected. No client plugin, no VPN software on the device. Works for classical VNC HMIs and modern web HMIs alike.
Granular permissions
Per tenant, per site, optionally per device — you decide who sees and does what. End customers get a read-only view of their site, technicians get full control, platform operators see everything.
Audit-grade access
Every access is logged — who, when, which site, from which IP. During support cases the log shows that an admin acted on behalf of an end customer without losing the original identity. Holds up to NIS2, ISO 27001, and critical-infrastructure audits.
Multi-region & multi-tenant scaling
Sites in multiple regions, tenants with their own customers, OEMs with their own sub-operators — all in one platform. Growth does not need architectural renovation, just an additional region or a new tenant.
Per-site document management
Plans, schematics, maintenance reports, manuals — stored per site, available in the browser, with clear permissions. Whoever has site access has the documents to hand.
Who benefits
Anywhere hardware sits distributed, must be serviced, and multiple stakeholders need access, a custom platform pays off.
Industrial plant remote service
Machine fleets, process plants, water utilities — distributed sites with classical HMIs (Siemens, B&R, Beckhoff, AVEVA). Operator and end customer access via the same portal, with different permissions and a full audit trail.
Critical infrastructure & utility sites
Energy, water, telecommunications. NIS2 / critical-infrastructure relevant: documented access, complete audit trail, EU data residency. We deploy on European hosting providers using open-source components.
OEMs with service contracts
OEMs selling plants plus ongoing service to end customers. One portal for hundreds of end customers, each with one or more plants — OEM keeps oversight, end customer sees only theirs.
Branch networks & outdoor hardware
Retail outlets, train stations, ad displays, outdoor terminals — anywhere hardware lives in a foreign environment and must be serviced without on-site visits each time.
We have shipped this pattern for an Australian industrial customer
ABCO Water operates water treatment plants at distributed remote sites. We designed the network architecture and built a platform for centrally managing the sites — with granular customer access and the scalability the growth model requires.
Read the architecture case studyFrom workshop to live operated portal
Architecture workshop
We map your site fleet, your plant landscape, and your compliance duties. Output: an architecture document with permission matrix, scaling assumptions, and migration path.
Platform build
Implementation in iterative releases — the first real site is typically live after eight to ten weeks. We deliver with documented handover tests and runbooks so your team stays in control at all times.
Operations & extension
Optional managed-operations contract: 24/7 monitoring, patch management, new region rollouts. Or handover to your team with detailed documentation.
We start with an architecture workshop (€2,500–€8,000 depending on tenant and plant variety). Platform implementation typically lands between €60,000 and €250,000 as a fixed price, depending on tenant model, plant types, and compliance needs. We give a binding quote after the workshop.
MVP with one or two site types, permission model and audit: 8 to 12 weeks. Full build with multi-region and multiple plant types: 4 to 8 months. We deliver in iterative releases — the first real site is typically live after 8 to 10 weeks.
Yes. Existing site connections can be adopted and integrated rather than reconfigured from scratch. We migrate in phases — you can run old and new platforms in parallel until the handover is complete.
By default in European data centers (Hetzner, IONOS, OVHcloud, STACKIT) — GDPR compliant, NIS2 ready. On request we also operate the platform on your own infrastructure (Proxmox, bare metal) or in a hyperscaler of your choice.
Audit trails are standard — filterable in the UI, exportable for your SIEM or audit reporting. On request we add a reporting module that lets you pull quarterly and annual reports directly from the platform.
Not necessarily. We offer managed operations as a follow-on service: 24/7 monitoring, patch management, new region rollouts, CVE response. So your team stays on core business.
Industry-leading companies rely on us
What do our customers say?
Let's Talk About Your Idea
Whether a specific IT challenge or just an idea – we look forward to the exchange. In a brief conversation, we'll evaluate together if and how your project fits with WZ-IT.
Leading companies trust WZ-IT
Timo Wevelsiep & Robin Zins
Managing Directors of WZ-IT