8th September, 2022
TABLE OF CONTENTS
Recently, we got a few customers. When we first met them, their initial question was whether our data was accurate. When we tried to understand the context behind the question, we found they were already using an SMP.
Since the data was not accurate in their existing SMP, they faced many issues, like a lost opportunity for cost optimization and security challenges due to shadow IT. After the POC, they happily moved ahead with us.
After that discussion, we continuously explored this angle for a few months. In this blog post, we will explain why Zluri is the most accurate SMP.
Nowadays, most decisions are taken based on data, so it's imperative to have a reliable data source. Otherwise, you won’t be able to make precise decisions.
Before we discuss why Zluri is the most accurate SMP, let's see what key data-related challenges are faced by customers of most of the SMPs available in the market.
Missing data: Not able to discover all the apps' and users'-related information.
Outdated data: Since most SMPs update the data only weekly or at a higher gap, it leads to outdated data that doesn't reflect the current state of the organizational SaaS ecosystem.
Lack of transparency: In mostSMPs, you don't know the source of the info. Hence, you cannot verify it. Until you find something is incorrect by coincidence or when you get into problems, you don't bother to check the accuracy in detail.
Zluri is the most accurate SaaS management platform. Let's see how.
Any SMP is as good as its discovery engine. This is because only depending on the discovery of the SaaS in an organization will the SMP be able to manage, optimize and secure the applications.
Zluri has a robust discovery engine that is capable of discovering any problem and providing solutions. With over 225,000 apps, it has the largest app library in the world. This, combined with various discovery methods, helps Zluri to provide 100% SaaS discoverability.
Zluri uses five powerful discovery methods to trace the SaaS apps present in an organization's SaaS landscape. It offers a granular view, and IT admins can stay up to date on apps that are being used or left idle to take relevant actions.
It uses its multiple discovery methods to uncover all the apps used in your organization: SSO or IDP, finance systems, direct integrations, browser extensions, and desktop agents.
You can read about the working of Zluri's discovery engine in this article. Here we have given a summary of all the discovery methods.
1.1 SSO and IDP: Zluri connects with single sign-on and identity provider systems such as Okta and Google Workspace and collects different types of data.
From the SSOs, Zluri also collects lists of authorized apps and login events like sign-in attempts, the number of times the user has accessed the app, and if it was a successful or failed attempt.
This discovery method also provides data shared with third-party apps. Example name, email, and other details.
1.2 Finance and expense management systems: We connect with your expense and finance management systems, such as Xero and Netsuite, to collect the following data:
The apps missed by the SSO, such as those bought by employees - either on their corporate cards or on their personal cards.
Transaction details, such as the amount spent on apps and the date of the expense. This data is obtained by finding when a transaction happened and what was the value of the transaction, and then Zluri automatically maps this transaction against apps.
1.3 API integration & SaaS library
We connect directly with 750+SaaS apps. This is our primary differentiation from SSOs and other SMPs.
Access Level - We understand which users have access to a SaaS app and what level of permission they have: user or admin.
License Tiers - We collect license details for each user—plan, pricing, and features available in the tier
Access and audit logs - What changes have been made to understand the app usage? We get deeper insights via this method as the data is collected directly from the source.
1.4 Desktop Agents: (optional): Using desktop agents, you can track the basic insights of device information, apps installed, and time spent on each app. You can analyze if an employee purchased any app or installed any app without the knowledge of the IT department.
Zluri collects only non-sensitive information from the system through desktop agents. This data includes apps installed on a device, apps running in the background, and app sign-in and sign-out details.
SaaS operations manager (or IT or software asset manager, whoever is in charge of managing the business applications) can see how many employees have installed it directly from the Zluri dashboard.
The desktop agent is available for macOS, Windows, and Linux operating systems.
1.5 Browser extension: Data about websites users visit in a browser. You can find the extensions for Chrome, Firefox & Microsoft Edge. We collect data on the websites visited by users: the URL, title, and timestamp of opening/closing the tab.
Note: Browser Extensions are optional too. Kindly note that we do not read the cookies saved in the browser, browser history, or any content from the websites visited.
Further, you can check how many users have installed it.
One of the reasons why many SaaS management platforms struggle with data accuracy is because of not updating their data frequently. Zluri, on the other hand, updates the data most frequently.
Most SMPs take several days to sync data, while Zluri updates information like license usage, number of applications, and all other critical data in real time. This helps you to make more informed and precise decisions.
The reason why our customers trust the data in Zluri is that all the data can be traced back to the original source of truth. Because of this transparency, you can always verify any data.
Be it discovery or SaaS usage data; you get to know where the data is coming from.
SaaS Discovery - Source Data
Zluri has the largest direct integration number, over 750 applications, and keeps growing every month. Since we are directly connected to the source of truth, our SaaS usage data is accurate, updated, and covers all the commonly used apps.
With direct integration, you get more granular-level insights. Further, we provide custom integrations options if the app that you want is not present in the integrations library.
This is not limited to just SaaS data. All the data points can be traced.
Source - Users' Data
Further, Zluri gives your flexibility to choose the primary data source. For example, in the setting options, you can select the primary source for users' data.
Another example is for finding hidden charges.
In the cost column, the amount is sourced from the contract, while the actual amount you paid is in the spending column (sourced from financial management systems). The bigger the difference is, the higher you are charged than what is mentioned in the contract.
Zluri is the highest-rated SaaS management platform on G2. It has also been recognized as the best tool in SaaS operations management, and SaaS spend management categories.
Due to the high data accuracy, our customers love us and have rated us the highest SaaS management platform on reviews sites like G2 and Capterra.
Furthermore, we have received many awards for our good performance.
In the context of SaaS management, with accurate data, you will be able to reduce your SaaS wastage, eliminate shadow IT, and control SaaS Sprawl.
An SMP is supposed to be a system of record for your SaaS governance efforts. When the SMP is itself not correct, then you will face the following issues:
SaaS spend management is the core use case of an SMP. When SaaS spending is not managed properly, it leads to the wastage of a lot of IT budget.
If an SMP doesn't provide accurate information about an organization's SaaS applications, it gives rise to unnecessary SaaS spending.
Let’s see this with three examples:
Spend wastage due to employee-purchased apps: When employees buy any app they want with a corporate credit card, without the IT department's knowledge and the SMP fails to discover it, then there are chances of SaaS wastage. Maybe the required app is already available in the organization, but the employees are not aware of it.
Zluri provides accurate data to discover all the apps in your organization using Customize discovery engine and financial statements.
Fail to detect hidden charges or true-up costs: When the actual spending is higher than what is mentioned in the SaaS agreements for whatever reasons, the SMP should be able to detect it and alert you about it.
You can enquire more about it with the SaaS vendor, improve your understanding of the licensing costs, or negotiate a waive-off of the true-ups. It will also help you understand the reasons behind the higher charges, so you can negotiate better during the next renewal.
Missing all details or an app due to it being unknown to the IT team: Another problem you will face if your SMP is not able to discover 100% of your apps is no accountability of those apps. For example, it may get auto-renewed even if it is no longer used or required. It can affect your budget and inflate the SaaS spending in your organization.
This can create shadow IT in your organization: If you don’t have an accurate and updated inventory of all the SaaS apps being used in your organization, then it can pose a lot of security issues.
You can read about the risks of shadow IT here.
This problem is present mainly due to employees purchasing apps.
Since the IT team does not vet these SaaS apps for data security, these apps make your organization vulnerable to hackers. Even a single vulnerability in any of these apps provides these hackers an entry point to your entire organizational data.
2.2. Ex-employees may access data: If the de-provisioning is not done properly, then the ex-employees may access the apps even after they leave the company. This can be a serious security risk for the organization as ex-employee may misuse the data.
Suppose one employee was using 50 apps in your organization. But, you have discovered 40 apps and revoked the access. Failing to detect and revoke the remaining ten apps will create a risk of a data breach in the organization by which the employee or hacker can damage your system.
Imagine one of your employees joining competitors, and they can access your customer relationship management tool.
Read why Zluri is the best solution for deprovisioning in the market.
You fail to do an accurate risk assessment on SaaS apps: Since the primary job of an SMP is to give insights on how SaaS apps are being used, an SMP fails with inaccurate data and fails to provide risks due to SaaS apps.
These risks arise because a lot of your company data lies in these SaaS apps. These may be confidential data of your customers, employees, or other sensitive data like intellectual property, business strategies, etc.
I'm not saying that all of these unsupported SaaS applications are a threat, but those that encourage sharing sensitive data are what you need to watch out for. File sharing and collaboration apps like Dropbox and OneDrive can lead to data leaks.
Makes you non-compliant with privacy and security frameworks and regulatory standards. To comply with the regulations, companies internally have IT governance guidelines.
SaaS governance guides businesses in the procurement of software, but with shadow IT, there is no scope for proper documentation and approval of such apps.
Shadow IT brings the possibility of violating regulations like HIPAA, GDPR, PCI DSS, ISO 27001, or SOC 2 because most of these regulations are based on data flows and storage.
So when an employee signs up for a shadow IT application, they store data in an unknown and unauthorized location. This lack of security can lead to compliance violations, data breaches, and, ultimately, fines.
During audits by regulators, it could lead to hefty fines, lawsuits, or in a worst-case scenario, even jail. This damages your company's brand reputation in the market.
When license management is not done properly, it leads to SaaS waste either unused licenses or unsuitable license tiers.
Licenses remain unoptimized mainly due to two reasons: all licenses being not used or unsuitable license tiers. Let's see them one by one.
All licenses are not used: This happens when all the licenses are not assigned to employees. This leads to purchased licenses lying unused.
Generally, companies purchase licenses in bulk packages considering the future requirements as well, but many times those are not assigned to anyone. And these licenses get auto-renewed in the future, causing a lot of loss.
The reason why this happens is that IT and procurement teams don't have accurate data on license usage. Without an accurate SMP, you won’t be able to rightsize your licenses.
Unsuitable license tiers have been purchased: SaaS companies offer features depending on your chosen pricing tier. People tend to overestimate their needs and buy top-tier plans. While using the app, they realize they don't need many of the features for which they paid.
For example, you purchase the Ahrefs Advanced plan ($399/month), which is helpful for websites with up to 15,000 pages. Later on, you realize you have only 4000 pages on your website, for which the Standard plan ($179/month) is more suitable.
Sometimes, though the tiers were suitable for immediate needs, you realize you don’t need most of the features with time. So, you can degrade the license, and if you need more features, you can upgrade your license.
If you don’t have accurate data on your application usage, then you might fail to negotiate a better agreement during renewals.
Suppose you bought 500 licenses of Grammarly, but only 350 are currently being used. Ideally, you should renew only 350 licenses, but in the absence of usage data, you would most probably renew the entire 500. In the worst case, you may buy additional licenses for new employees without knowing the existing ones are not being used properly.
Though SaaS vendors have this data, they don't share it with costumes. Hence, the negotiation is always in favor of vendors. An SMP with accurate data balance this information asymmetry and makes it fair play for both parties.
Zluri APIs can be called from internal and external applications to create a bridge that helps assign licenses, manage contracts, and a lot more!
In this post, we've discussed 7 symptoms of an unoptimized SaaS stack and solutions to optimize the same.
In this post, you'll learn about shadow IT due to SaaS apps. You'll also learn the most common types of shadow apps categories, shadow IT risks, and shadow IT benefits.
An obese SaaS stack leads to SaaS wastage. It's a disease! It not only causes financial issues but also gives you security and compliance problems. That's why you must keep tight control on your SaaS stack. And it begins with managing your SaaS vendors.
When an organization has a large number of SaaS applications in its SaaS stack, it gives rise to SaaS Sprawl.
Keeping an inventory of all the hardware, software, and services within an organization is essential for ensuring the optimal use of these resources. But, discovering these IT assets is complex, especially for SaaS applications.
InvGate offers a robust IT service management module, allowing IT teams to streamline service delivery processes and improve service levels. This module includes incident, problem, change, and service level management.