Weeding Out Cloud Risks: Finding the Needle in the Haystack

Modern businesses use cloud technology for functions throughout their companies — from HR to marketing to sales. The average organization’s SaaS portfolio includes 269 applications, translating to a nearly $45M in spend, according to Zylo’s SaaS Management Index. And while SaaS creates efficiencies, especially among remote workers, it comes with cloud risks, such as compliance violations, data loss, confidentiality and data breaches, and wasted IT spend. 

With new SaaS consistently entering and exiting corporate environments, weeding out cloud risks can feel like finding a needle in a haystack for CIOs. Learn how Zylo helps today’s CIOs manage SaaS to maximize budget and employee productivity while preventing risks to the organization.

Cloud Risks of Today’s Digital Environment

The rise of SaaS makes it quick and easy for employees with corporate credit cards to purchase apps outside of IT’s purview, which poses the following threats.

Confidentiality and data breaches: When apps go unvetted by IT and bypass integration into user-based security processes, they put companies at risk for confidentiality and data breaches. According to IBM’s Cost of a Data Breach Report, data breaches cost companies an average of $4.45M in 2023.

Compliance violations: Businesses using unvetted SaaS face serious risk of costly Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR) violations. Due to a significant (and the largest-ever) HIPAA breach in 2018, Anthem Inc. faced more than $16 million in penalties — as well as a $115 million class-action lawsuit.

Data loss: Storing intellectual property (IP), such as source code or trade secrets, in unsecure SaaS apps poses the significant threat of data loss.

Wasted IT spend: Zylo research shows 51% of licenses go unused or underutilized in a given month. Duplicate SaaS purchases and mischaracterized software leads to wasted spend. Additionally, companies can’t prepare for auto-renewal fees when software flies under the radar.

SaaS Management platforms help discover, catalog, and track SaaS application inventory to mitigate risks. 

Finding the (SaaS) Needle in a Haystack

When looking for opportunities to save money and reduce cloud risks, SaaS Management helps find those needles in the haystack with the following features and benefits.

SaaS Discovery

Finding opportunities begins with visibility. Rather than manually tracking down and collecting contract, spend, and user information for nearly 300 apps, SaaS discovery automates the process to provide insight  into your full SaaS portfolio. With discovery, CIOs can spot risks and find overspend or opportunities to negotiate better license terms. 

Application Rationalization

With SaaS visibility, CIOs may discover functional overlaps between apps, outdated software, or underutilized SaaS. Significant cost savings may be realized through application rationalization — the process of determining which applications should remain in use, and which require replacement, retirement, or consolidation.

Freedom within a Framework

To strike a balance between minimizing risk and empowering employees to choose their SaaS tools, CIOs may adopt a freedom within a framework governance model. This governance structure allows employees to select their preferred SaaS with guardrails in place. To implement, CIOs should curate an app catalog of best-in-class software for their team to choose from, and create a review process for any software outside the catalog. 

User Case Study

Former Tenable CIO and tech innovator Brad Pollard recently discussed his needle in a haystack moment in an episode of SaaSMe Unfiltered, Zylo’s SaaS Management podcast. 

When COVID hit, Tenable had just finished construction on a brand new facility. Pollard visited the office to finish setup and something struck him.

“I was walking about the building with my mask on, and I’m looking at all these phones on desks. I started thinking, ‘Nobody’s using these phones anymore. Everybody’s on Zoom all day, so not calling each other. Engineers live on Slack, period,’” he says. 

He analyzed the organization’s phone data in Zylo and found the only employees who used it were those within the customer support team for inbound customer support calls. 

“So we looked at what it would be to move the voiceover IP to Zoom phone, and it ended up being a fraction of the cost,” he says. “We ended up saving a ton of money.”

Pollard notes by finding the needle in the haystack, the savings allowed Tenable to innovate in other areas, thanks to SaaS discovery and real-time user metrics.

“Having quantifiable data saves so much time.”

To hear more from Pollard on how SaaS is impacting organizations for the better and ways progressive CIOs can help their companies enable employees without hindering innovation, tune in to SaaSMe Unfiltered’s first episode.