Security & Compliance

  • 7 min read

4 Common SaaS Sources of Shadow IT

Sethu Meenakshisundaram

18th January, 2023

SHARE ON:

Most SaaS-related issues usually stem from a minority of IT spend. Nevertheless, it's one of the issues Shadow IT presents (applications that need to be in the control of IT). With companies adopting more SaaS apps to equip their workforce for productivity, IT is often left scrambling to keep up.

Thus, it's no surprise that Shadow IT is growing rather than shrinking within most companies today. But what can we do about it? This blog covers the four common SaaS sources that exist as Shadow IT. 

What is Shadow IT?

'Shadow IT' refers to the unsanctioned use of software, hardware, or other systems and services within an organization, often without the knowledge of that organization's IT department. Unlike standard IT infrastructure, Shadow IT is not internally managed by an organization.

Shadow IT may enter an organization in different ways but typically occurs through one of two actions:

a. Using an unapproved tool to access, store, or share corporate data: For instance, if an organization has exclusively approved Google Workspace for file sharing, an employee might introduce shadow IT to the company by sharing files via Microsoft 365.

b. Accessing an approved tool unauthorized: For example, if an IT department has approved the use of Google Workspace through corporate-managed accounts, an employee can introduce shadow IT to the company by choosing to access Google Workspace through an unmanaged personal account instead.

Whether the adoption of Shadow IT is intentional or not creates serious security concerns and costs. It increases the risk of data breaches, theft, and other cyber attacks while preventing IT teams from taking crucial steps to minimize the damage they may cause.

4 Major Categories of SaaS Applications That Lead to Shadow IT

SaaS applications make it easier for teams and employees to adopt new tools to enhance productivity. But this can have a downside too. Which applications are the biggest sources of Shadow IT?

Here, we have listed all such applications that lead to Shadow IT: 

1. Project Management Tools

Would you prefer having more than one project management tool for your organization? Hopefully not. Why? Most of them serve the same purpose, and thus, it's no use to have multiple applications of the same functionality. It would only lead to increased SaaS usage and, ultimately, SaaS spend.

To name a few, project management tools are Asana, Trello & ClickUp. All these apps help you orchestrate work across teams at scale—from daily tasks to strategic initiatives.

2. Team Communication Applications

Whether during or after the pandemic, communication has become one of the most crucial elements of an organization. But is it feasible to use 2-3 communication tools in an organization? Certainly not.

Be it Slack or Cliq, both of them will help you communicate with your team members either via text or group calls. So why have multiple applications and increase SaaS usage or shadow IT?

3. Web Conferencing & Video Chat Tools

Are you an employee of such an organization that's still working remotely? If yes, you need a video conferencing tool for your regular meeting. In that case, some prefer using Zoom, while others prefer Microsoft Teams.

Wait for a second! Aren't these similar when it comes to functionality? Sharing screens, video calls, doing presentations, etc. Then why do you need both applications?

4. Storage Apps

We understand the importance of data and that you need an application to help you store data in one place to keep it safe & secure. Dropbox and Google Drive are an example of storage apps. Either of these could serve your purpose. So then, why do some organizations increase their SaaS usage by having multiple storage applications?

Whether it's about using a project management tool or a storage application, the question is the same for all. Why an organization needs multiple applications when one could suffice?

Well, there are specific reasons for that, some of which have been mentioned below:

• Easy accessibility of SaaS applications: It could be one of the reasons. As a result, employees sign up & use new apps regularly without IT (or anyone from the organization) vetting the apps for data security and compliance risks. 

• Relatively low-cost: Such applications aren't on the expensive side. Hence, employees explore various tools and buy the one they feel comfortable working with.

What Can You Do to Manage Shadow IT?

How about optimizing your SaaS stack manually? Well, you can do it if you're a small startup. But, the same becomes quite tricky being a large enterprise. Why?

Hundreds of employees and departments use various applications, of which the IT admin needs to be aware. In that case, what can be an ideal solution? 

A SaaS Management Platform is all you need to gain complete visibility on your SaaS stack and manage your Spend. Zluri is one such SMP that provides insights on all your applications in one platform.

It discovers 100% of apps used in the organization and categorizes them according to their use case. So, if 32 analytics tools are being used inside the company, you can check if all of them are approved and even required.

But is Zluri efficient enough to do so? If yes, how does it track all your SaaS Stack? 

Zluri uses five discovery methods to trace the SaaS apps in an organization's SaaS landscape. These methods help IT admin to stay updated on apps being used or left idle to take relevant actions. Below, we have discussed all these methods in detail:

1: SSO & IDP

Zluri connects with single sign-in and IDP systems, such as Okta and Google Workspace, and gathers different data types, such as directory information.

For instance, you can make your HRMS the primary source for this information. Then, we connect your HRMS with Zluri and select the source for the department, users, and their roles by hovering over the setting option.

The SSOs help Zluri collect lists of authorized apps and login events like sign-in attempts, whether a failed or successful event occurred, and the total number of times the user accessed the app. It also provides insight into data shared (name, email, and other details) with third-party apps.

2: Finance Management Systems

Zluri connects with expense and finance management systems, such as Netsuite, QuickBooks, etc., to gather data. This discovery method helps you get data on the apps missed by the SSO, such as those brought by employees, without informing the IT admin.

Additionally, it helps get an insight into the transaction details, such as the total amount spent on apps and the expense date. Here, the data is gathered by determining the date and amount of a transaction. Zluri then uses the apps to map the transaction to collect data.

3: Direct Integration with apps

An SMP performs better the more direct integrations there are. This is due to the granular SaaS usage statistics that direct integrations offer, which may not be available from other sources. You can make data-informed judgments using the SaaS usage data rather than acting solely on intuition. The finest user data source is through direct integrations because it comes straight from the source.

Zluri outperforms every SMP on the market in this regard. 

Over 750 SaaS apps are directly integrated with it via API, and this number is constantly increasing. Furthermore, with a record turnaround time of 36 hours, Zluri is the only SaaS management platform that offers custom integration on demand.

The access and audit logs are also examined as part of this discovery process to learn about changes made and how the app is used. This approach allows Zluri to gain deeper insights because the information is gathered straight from the source.

4: Desktop Agent

Through desktop agents, Zluri solely gathers non-sensitive data from the system. For example, app installation information, background app activity, and sign-in and sign-out information are all included in this data. In addition, Zluri gets device-level information through desktop agents, like product ID and hardware information. 

The Zluri desktop agent is a small application found in the toolbar of a computer. This application scans SaaS usage and activity logs and transmits them to the Zluri server for further analysis. The Zluri dashboard then displays the results of the analysis.

How does Zluri process the information from desktop agents?

Zluri tracks the fundamental application metadata, such as the application name, the server URL from which the data is retrieved, etc.. In contrast, an application is open on the desktop and recognizes the SaaS application from it.

Each time the application is opened, it is counted as an activity. Once Zluri has the actions attributed to users, it aggregates that, at least at a daily level of the organization, and calculates how frequently the user uses the app. This gives a percentile score for a particular user for an app within the organization.

The Zluri dashboard allows the SaaS operations manager, IT manager, or software asset manager—whoever oversees the company applications—to view how many employees have installed it. The desktop agent is compatible with Linux, Windows, and macOS.

5: Browser Extension

Zluri gathers information on the websites users visit by using browser agents. The browser agent is accessible for Microsoft Edge, Firefox, and Chrome extensions. Additionally, Zluri gathers information on the websites users visit, including the action's URL, tab title, and timestamp.

Browser extensions are optional, and Zluri does not read the cookies stored in the browser, the browser history, or any of the content from the websites visited.

To read the activities on the browser and report them to the Zluri server for analysis, the browser extensions execute locally on the client side. This is how Zluri locates, examines, and presents the SaaS application-related activity on the Zluri dashboard.

How does Zluri process that information?

Every time a user accesses a website whose domain is in Zluri's master list of domains, a SaaS app is recognized. Zluri records the user's visit time and duration on the website. In addition, activity is recorded for each visit.

Zluri gathers user actions assigned to specific users for the company and determines how frequently users utilize the apps that the organization has subscribed to. This provides Zluri with a percentile score for a specific user for a company application.

Zluri takes the weighted average values of the utilization scores collected from all the sources as it gathers activity data from various sources. The final usage score reported in Zluri's application is after normalizing the weighted average score. 

Address the common sources of Shadow IT

You can only solve a problem once you know where the biggest issues lie.

SaaS discovery is the first step towards "solving" shadow IT. Whether the SaaS applications are sourced by IT, business units, or individual employees, this entails identifying how, where, and how much you spend throughout the entire organization.

Use a SaaS management platform (like Zluri) to assist your company in identifying Shadow IT and optimizing apps by:

• Establishing central visibility

• Reducing redundant applications

• Right-sizing licenses

• Introducing proactive renewal planning

It is impossible to eradicate Shadow IT completely. But, having control over your SaaS licenses (and expenditures) will enable more strategic spending and a more secure employee stack.

Ready to start addressing your Shadow IT? Request a demo of Zluri today.

About the author

Sethu Meenakshisundaram

Sethu is the Co-founder of Zluri. He believes SaaS and APIs will help everyone become a builder. He frequently writes on SaaS management and workplace automation. Before Zluri, he was part of the founding team at KNOLSKAPE, one of the leading corporate learning gamification startups that he helped scale across 30 countries. Other than technology, Sethu is passionate about quizzing, board games, and photography. His retirement plan is to operate a board game bistro in one of the touristy spots of Southeast Asia.