15th March, 2021
2020 was the year of transitioning to remote work models at blazing speed. With the global workforce under pressure to achieve higher productivity and deliver better outcomes, SaaS is here to stay.
In 2021, it will stay on course to be a driving force of digital transformation strategies. But danger lurks if you think that the solution starts and stops with its adoption.
Since the lockdown, you must have seen an increase in the usage of collaboration and communication tools at your company.
The pandemic has accelerated on-premises to SaaS transition in many industries. The IT industry, which was using softwares already, has accelerated the SaaS adoption for a remote workforce.
Most of these applications are not procured by a central IT department but by an end-user, a team, a department, or a business unit.
Your product team is working on a new project. Though your organization uses Microsoft Teams for collaboration, these guys thought:
"Slack is cool. Let's use Slack for this project. It'll make us more productive, and who is going to know outside our team."
This thinking makes every group of users small islands, each using a different SaaS app for the same task. It leads to SaaS growth at a high rate.
According to this report, ten new SaaS apps get into your company every 30 days.
With this explosion of SaaS at companies, there is a risk of these apps getting out of your control as they bring three critical challenges with them.
With SaaS applications multiplying rapidly, it becomes difficult to account for how much you are paying for these apps. Most of the CIOs (or IT leaders) we talk with don't have exact & updated figures on how much they pay for the apps.
According to Gartner's research, more than 30% of the SaaS is wasted every year.
Usually, an IT person keeps a record of spent data in a spreadsheet or excel and updates it monthly.
We've made a template at Zluri for tracking SaaS applications' cost. You can download it here to manage your SaaS apps.
Most SaaS solutions charge on a per-user basis, and you can start using an app by just paying a small monthly price. This leads to employees not being cautious as they think this app costs just $10/month.
Here are the pricing of some commonly used tools:
But this way of looking at it can be a problem. Though these costs look tiny on their own, the sum for all the end-users, teams, departments, and business units becomes a huge cost.
Since any employee or team can procure a SaaS app, it can be a company's best-kept secret. You won't find these apps on the surface; you need to dig to find them. It leads to application duplication & overlap in their functionality.
These redundancies cause un-used and under-utilized apps. You don't get a return on each of your SaaS apps. If you don't ensure that your subscription plans are continuously discovered and managed, you're turning SaaS into an investment guzzler.
Zluri helps you optimize your SaaS ecosystem by surfacing duplicate apps and apps with the same functionality. You can create an alert to notify you whenever duplicate apps and apps with overlapping functions are found.
An employee and the IT department procure apps in different ways. When an employee purchases a SaaS application, the primary consideration factors are convenience and usefulness, not security and compliance.
Many companies don't require apps provisioning by the IT department since it causes delays. Often, an employee buys a SaaS app that compromises your data. It would have been marked down if the IT department was making this procurement.
Currently, there is no way for you as an IT head to discover your current SaaS landscape. You can try finding the apps by asking your employees and using a spreadsheet to note the same, but such a record will always be doubted in the absence of a way to verify it.
Furthermore, consider the time it would take in such a non-productive task. And if you have hundreds of employees at different locations, such a daunting task will not be possible.
A SaaS management platform, such as Zluri, can discover all the SaaS software, including shadow IT used in your company. Zluri app discovery engine takes inputs from your single sign-on (SSO) provider, spends management app and browser agent, and surfaces your SaaS landscape within 5 minutes with more than 99% accuracy.
These large numbers of apps increase your attack surface and give hackers more choice to attack your organization.
Since the IT team does not vet these SaaS apps for data security, these apps make your organization vulnerable to hackers. Even a single vulnerability in any of these apps provides these hackers an entry point to your entire organizational data.
These things don't come to light until a data breach has taken place.
We strongly advise companies to take a proactive approach to security issues. Only the switch from reactive to proactive security monitoring can turn your ecosystem into a safe zone for data-rich applications.
CIOs shouldn't leave security risks unaddressed. It doesn't just create immediate legal and business issues; it also hinders long-term growth. One of the first solutions in this direction can be to use an identity and access management solution for user management.
The threat of compliance from a third-party vendor (a SaaS app used at your company) is very real—from unauthorized usage and weak audit trails to archaic information security protocols. Given the rise of data sharing among SaaS apps, you need to increase your awareness levels to take a zero-compromise stance on ensuring compliance.
Two of the largest attacks in the last decade had taken place through third-party vendors:
A vendor breach costed Equifax (a credit monitoring company) $1.38 billion in 2017.
The hackers exploited a vulnerability in Apache Struts—an open-source tool for building web applications. The result was a sensitive data leakage (name, SSN, DOB, address, driving license & credit card numbers) of approx. 147 million consumers.
A vendor breach in 2013 costed Target $236 million in total expenses, and 140 lawsuits were filed against the company. “The cyber attacker managed to access Target’s computer gateway,” according to state investigation “by stealing credentials from a third-party HVAC vendor.” These credentials helped the hackers exploit weaknesses in the company’s system, enter the customer service database, and install malware. The attackers accessed sensitive data such as full names, emails, credit card numbers, verification codes, etc.
Another issue apart from third-party vendors is abandoned apps. An abandoned (or orphaned) app is an app without any owner. An employee bought an app for a specific requirement and afterward the app was not terminated properly or the employee left.
Do you know what happens to the SaaS application access of a terminated employee? Whether on-boarding or off-boarding employees across multiple locations, the need of the hour is a real-time compliance tracker to keep up with the SaaS evolution.
Managing SaaS can be an issue if you don't have solutions to administer SaaS applications. Most of the traditional IT asset management solutions cannot manage SaaS.
It leads to problems such as selecting the wrong set of applications. Choosing the wrong SaaS stack can jeopardize your long-term SaaS adoption. It is generally caused by focusing on short-term, disparate priorities of multiple departments.
One of the main reasons SaaS adoption can be a costly, complex, and surprisingly ineffective digital transformation strategy, is the lack of an understanding of your SaaS landscape.
Do you know the apps used at your company and their relationship with employees, i.e., which apps each employee uses?
Multiple factors can cause low application usage. Maybe the product is too complex, redundant, or just plain inefficient. In any scenario, the right approach is to listen to the end-users.
They could provide insights into the next step in the application's journey—decrease the number of licenses, move to a lower tier, or terminate the app.
Zluri has direct integrations with over 300+ common SaaS apps, giving you granular data such as feature usage. With these insights, you can make data-informed decisions on apps.
Vendor lock-ins cause dreaded dependencies in the world of SaaS. You lose the freedom to switch applications based on changing internal demands. Hence, you must avoid the traps in the renewal process.
You can do that by negotiating performance-based dynamic contracting that allows renewal flexibility. Zluri helps you with vendor management by alerting you on renewals and assisting you to get a fair price based on usage data.
Data should be at the front and center of your decision-making process on application upgrades. And in the age of auto-renewals, you may be flying blind over a SaaS-filled landmine.
It would help if you had rich data insights to assess licensing costs against utilization rates. You must have user insights to negotiate, downgrade, upgrade, or terminate plans.
The current crisis might have led you to use more SaaS to continue operating. It'd be better that you take no chances when it comes to matching adoption with your operational efficiency.
Right now, the best way to kick-start this journey to SaaS optimization would be to understand all the major roadblocks that might slow you down this year.
The saying, too much of anything is bad, holds for SaaS as well. If not managed, SaaS may rapidly turn into a cloud-powered barrier to your growth.