Purpose: The paper examines the conditions under which the adoption of the Internet of Things (IoT) innovation is justified by business purposes. The purpose of this paper is to propose a methodology capable of guiding prudent and successful investment in the IoT. The paper identifies enabling conditions to maximize the success of IoT security innovation adoption projects in Italian banks. Design/methodology/approach: The methodology proposed is constructed from two key sources: first a literature review and second through impressions gleaned from an informal survey and in-depth interviews with a sample of convenience of six managers of Italian bank security systems. A key purpose of the literature review is to identify enabling conditions for a successful IT innovation adoption project which is then synthesized into an “innovation adoption model” capable of illustrating an IoT adoption decision. Second, the authors identify business process reengineering (BPR) steps required to establishing an appropriate organizational and technical framework to successfully undertake the adoption of the IoT for bank physical security purposes. The resulting methodology refers to a typical BPR project approached from an information system development perspective capable of fusing IoT services with human-based services at best performance values. Findings: The literature review and proposed BPR framework give indications of possible support for the conclusion that the banking sector is ready for the IoT innovations and transformation of traditional bank branch worksites into smart environments. The tentative nature of these findings give sufficient justification for trialing the IoT for banking physical security by introducing an Intelligent Protection System to manage security management processes. Although the authors do not generalize the findings from examining the Italian banking security system, the literature review and the paucity of studies available encourages us to investigate the use of the IoT for bank physical security more broadly. Originality/value: Adoption of the IoT represents the third wave of IT-driven competition and introduces a methodology applicable to the security domain which represents, globally, an area that is becoming a domain of major economic and social concern. The IoT adoption model proposed reflects the current state of knowledge in the field and could be extended to other organizational at-risk areas requiring continuity of highly effective protection. The authors are encouraged by the results that indicate a high likelihood of success to trial an IoT introduction to banking security.