Software as a Service is one of the fastest growing segments of IT in terms of complexity, cost, and value creation. When employees seek high-value technology investments, they start by looking at the tens of thousands of SaaS applications available in the market. This breadth of options provides companies with an unprecedented capacity for technology-based growth, but must be managed to provide effective governance, user support, and efficiencies.
It is not uncommon to start a SaaS governance practice by implementing a single sign-on solution such as Okta, which allows companies to track and manage employee access across the enterprise SaaS portfolio across devices and locations as well as to gain some visibility to the SaaS applications currently in use. Amalgam Insights suggests that to improve business visibility and governance, companies should build on this initial SSO approach and use a DISRUPT framework to improve SaaS management in their organizations:
- Discovery of New Apps
- Inventory of all licenses
- Spend and Usage Visibility
- Recycle Licenses
- Unite SaaS Categories
- Prune Unused Services
- Training and Enablement
Discovery of New Apps
The first step of gaining control is to know what apps are being used in the enterprise. Although SSO provides a technical basis for finding these apps, employees can still get around SSO and use apps on their personal or unmanaged devices. To gain greater visibility, Amalgam recommends also using expense reports, corporate cards, and Accounts Payable information to discover additional apps that may be used within each department, but are outside the visibility of traditional IT. Symantec showed in its 2017 Internet Security Threat Report that that the average enterprise was using 928 apps as of the end of 2016, but CIOs estimated that their companies used less than 40. This delta provides significant vulnerability for unwary companies.
Inventory of All Licenses
Once all relevant vendors have been identified, companies must figure out a full inventory of licenses and services that are being used. Again, this is easier said than done. Although each individual vendor may have an administrative portal that shows all accounts, it is not uncommon for licenses to be spread across multiple accounts. More importantly, the real challenge is in managing all of these licenses across different vendors, but this cross-vendor visibility becomes important for subsequent stages of governance.
Spend and Usage Visibility
Once vendors and licenses are identified, companies can bring vendor, employee, and usage data together to optimize spend and app utilization by identifying opportunities to better utilize existing resources as well as remove unnecessary licenses or services. This management capability can be broken up into the tasks of Recycle, Unite, and Prune.
In fast-growing organizations, it can be a struggle to keep up with employee growth and manage the cost of technology overhead. By identifying licenses that are no longer being used, companies can reallocate existing licenses and services to new employees rather than having to purchase new services. This capability is especially useful for companies that are trying to postpone reaching a ceiling such as 100 or 500 licenses that would force moving to an enterprise or higher-class of service.
Unite Spend Categories
In early-stage or fast-growing companies, it is not uncommon to find that a company may be using several different apps that serve the same purpose, such as multiple project management, customer management, or service management tools. By bringing all SaaS accounts into a single view, companies can start rationalizing these solutions based on the needs of the business and the opportunities for improved cost optimization and governance.
Prune Unused Services
Without review, it is easy to maintain both vendors and licenses that are either unneeded or obsolete. For instance, sales people who leave an organization may have expensed a particular app for their own needs that is falling under the radar as a $10 per month expense. By aggregating SaaS spend and providing this visibility to departmental managers, companies can prune and optimize their SaaS environments to both reduce costs and identify-based vulnerabilities.
Training and Enablement
By gaining visibility to the full SaaS ecosystem and usage habits, companies can see which SaaS apps are underused. If employees are not fully utilizing a core application suite such as Salesforce or Adobe, companies can proactively train employees on why these applications should be used, how they are superior to other alternatives from a functional or governance perspective, and how to use these apps if there are specific functional or business capabilities that employees are struggling to adopt.
By using this DISRUPT framework, companies with large SaaS portfolios can gain greater operational, financial, and technological governance of their existing technology footprint and build on top of their existing security and identity investments.