Who’s best prepared to deal with the challenges of managing software-as-a-service (SaaS) within the enterprise in the end-user era? Problems such as shadow IT, unmanaged software acquisition, and ever-increasing functional specialization in digital tools. What type of professional is best suited for managing and planning software licensing strategy in the age of subscription-based software?
For many organizations, the best practices established by software asset management (SAM) teams represent a foundation upon which new processes and controls can be built to accommodate the challenges unique to SaaS.
To gain a better understanding of how companies with SAM professionals in their organizations can meet the challenges of SaaS head-on, we asked leading independent voices and practitioners in software asset management to share their views.
- Why is SAM needed?
- How has SaaS impacted SAM best practices?
- How can SAM pros effectively manage SaaS?
Watch the webinar: Zylo co-founder Ben Pippenger hosted independent SAM experts to discuss the evolving role of software asset management in organizations experiencing significant growth in the use of SaaS and other subscription software
Why is Software Asset Management Needed?
“Software asset management is the people, processes, and technology that makes up the acquisition of your software assets, the management of deployment, all the way through the retirement of those assets, as well as just the ongoing validation of the assets that you have across your enterprise,” says Rich Reyes. He leads software advisory solutions as an executive vice president at Connor Consulting in San Francisco.
David Foxen, principal of SAM Beast Consulting, a UK-based software asset management advisor, agrees with this definition while adding software consumption and utilization are essential elements to defining the practice. “Software asset management is the overall management of software throughout their lifecycle,” Foxen says. “This goes from the concept of an idea or even a request, through procurement, the deployment, the onboarding, consumption, usage, support, and maintenance through to the end of life and subsequent retirement of a software asset within your organization.”
The primary goals of this confluence of people, processes, and technology are three-fold: Cost optimization, risk management, and license compliance.
SAM cost optimization efforts can run the gamut, from helping sourcing teams select the most cost-effective and useful software to continuously right-sizing licenses and entitlements, to ensure an organization doesn’t overspend on unnecessary licenses that may be underutilized.
As an example, right-sizing for cost optimization can be especially critical when examining license deployment through the lens of an employee’s life cycle within an organization.
“Companies tend to be very good typically at standing up software licensing and when you join [as a new employee],” says Rory Canavan, owner of SAM Charter, a UK-based SAM consultancy. “But where they tend to fall down is when somebody moves, or a software profile changes, or then when they leave the organization.”
If the software assigned to a user doesn’t change with modifications to the user’s status – be it a transfer, promotion, or departure from the company – wasted costs in the form of unused or underused licenses frequently result.
Risk management falls into two main buckets with SAM, license compliance (also known as audit defense), which will be covered later in this post, and risk identification and mitigation. Software-based risks can be a significant and costly problem in the information age.
For example, a joint study by IBM and the Ponemon Institute found that the average cost of a data breach in the United States is more than $8 million. A SAM team that vets software before its deployment can prevent risks like data breaches – and their costs – by identifying or mitigating potential security gaps.
Another way SAM practices can prevent risks is by ensuring employee access to licenses and data is terminated when they leave the company. “If you’re not closing down services that you’ve stood up for people when they joined on day one, you’re still potentially granting them access to data once they’ve departed,” Canavan says.
The last core tenet of a SAM practice is defending an organization from the risks and costs associated with a license audit. When on-premise deployments (software hosted directly on servers and hardware, not in the cloud) were practical and accessible, software companies essentially granted businesses a preset number of licenses for the length of their contract term.
However, it remains the company’s responsibility – and that of the SAM team – to ensure that the number of licenses provisioned didn’t exceed the agreed-upon maximum number. When a vendor performs an audit of the company’s license deployment, an organization that exceeded its license limit could be on the hook for potentially millions of dollars in unexpected additional costs.
A recent prime example occurred when SAP pursued and won the equivalent of more than $65 million in additional license fees from London-based beverage maker Diageo. The software maker successfully argued that because Diageo indirectly deployed SAP licenses when connecting to a CRM, the contract language stipulated that each instance, even if indirect, counted as a fully deployed license.
SAP similarly pursued more than $600 million in additional license fees with customer Belgium-based AB InBev and later settled out of court for an undisclosed amount.
Audit defense, the ability to understand what licenses are deployed, how they’re deployed, and whether or not those licenses are deployed in compliance with contracts, is a core component of the value a SAM professional brings to an organization.
While many IT departments will never deploy software on the scale of Diageo or AB InBev, every company can potentially save on costs, prevent risks, and ensure compliance by using SAM best practices, says Steven Russman, executive director of the International Business Software Managers Association (IBSMA), a nonprofit focused on education and events for SAM professionals.
“We see that larger companies–those that have more than 30,000 users–have the most software in their organizations and manage a higher percentage of the software they have,” Russman says. “There’s more to manage, and there are more savings to be gained, and it’s much more visible in the organization.”
But, Russman notes, the need to drive more value from software investments is universal. “Every organization could benefit from looking at spending and seeing where they can recover savings,” he says.
Canavan explains it in simpler terms: “The effort you make around SAM is proportional to the size of the estate [IT environment] because it’s a risk-based discipline.”
RELATED: ▶️Watch Now: ITAM Review’s AJ Witt – Why SAM Needs SaaS
How has the Booming Growth of SaaS Transformed Software Management?
SaaS changed the way businesses deploy and use software. In just over two decades, cloud-based deployments and subscription-based billing have come to dominate the software marketplace. According to Gartner, the overall SaaS market is worth more than $116 billion and shows no signs of slowing its steady growth. With limited commitments, low pricing, and quick implementation, software-as-a-service tools hold many advantages over on-premise software.
SaaS owes its success to many factors. First, the evolution of enterprise software towards increasingly specialized applications and functions has changed the primary decision-maker from a central IT department to business unit leaders. Business leaders in departments such as Marketing, Human Resources, or Finance now can acquire tools built specifically for their teams.
Software purchases have moved from IT-led decisions to end-user decisions in the era of product-led growth.
Another factor in the continued growth of the category is the relatively recent focus on end-user acquisition and product-led growth as a strategy. In the end-user era, as Openview Partners coined the phrase, the end-user (aka employees) now plays the role of the primary decision maker for software acquisition. Publishers who pursue a product-led growth strategy design software with a focus on the end-user, frequently providing tools for low or no cost.
If successful, the end-user becomes a promoter of the tool, and it spreads organically within teams and entire organizations. Key examples of success using this strategy include collaboration tools such as Airtable, Slack and Trello, file share applications like Dropbox and Box, and web conferencing tools such as Zoom. What may have started as a single user can quickly become an application that’s deployed across an entire company and carries with it a corresponding, scaled cost.
Lastly, many major software publishers have moved their product offerings to primarily cloud-based subscriptions. Microsoft, Adobe, SAP, Oracle, and many others have adopted cloud-based subscriptions, moving what was previously on-premise revenue and deployments into SaaS subscriptions and environments.
As notable on-premises software publishers have transformed their products to cloud-based SaaS, the SaaS market has grown exponentially. Credit: Bessemer Venture Partners
With these trends, Techcrunch reported that SaaS crossed a $100 billion run rate in 2019, a significant milestone for any market. And its growing market share will continue to transform how businesses operate. In its most recent State of the Cloud report, Bessemer Venture Partners projected that cloud-based tools will overtake the majority of the enterprise software market in less than five years.
Why SaaS Challenges SAM Best Practices
Despite its explosive revenue growth and increasingly widespread adoption, managing SaaS presents a unique challenge. However, it’s a challenge many SAM professionals are beginning to rise to meet.
Russman highlights that the desire to manage SaaS has become a noteworthy trend in IBSMA’s annual member surveys. “What we see in our research is that the scope of their license management efforts is expanding to include SaaS, cloud, and other subscription services,” he says.
But as SAM pros begin to increase their scope, it’s essential to identify the contrasts that impact effective management, cost optimization, risk management, and license compliance.
RELATED: ▶️Watch Now: How Nike and Atlassian Manage SaaS
Shadow IT from unmanaged SaaS acquisition
As noted earlier, one of the most important distinctions between the on-premise software traditionally managed by SAM teams is the tendency for SaaS tools to be acquired by the end-user.
The end-user acquisition model may benefit SaaS publishers who focus on product-led growth. Still, these applications frequently exist outside of IT’s awareness – and you can’t manage or optimize what you can’t see.
The low cost and high value of these tools make them appealing purchases via company credit card or expense reimbursement. And that easy access to new tools challenges responsibilities for service to end-users, such as asset deployment, that SAM teams manage.
“Nowadays, people can get an Adobe Creative Cloud subscription, Office 365, Zoom–whatever–you put in your credit card details and your information, and you’ve got the software in minutes,” Foxen of SAM Beast says. “They [internal customers] say, why am I waiting days and days or weeks for you [the SAM team] to install a desktop application when I can just go on and have it within minutes?”
The threat of shadow IT created by SaaS encompasses more than service level agreements and the IT service desk performance. “By their very nature, software-as-a-service products can be more challenging to manage than on-premise software,” ITAM Partners CEO John Tomeny recently wrote in a post. “When SaaS turns to shadow IT,” he says, “It can change from a corporate asset to a business continuity threat.”
These business continuity threats include blindspots into the state of the software environment, producing redundant purchases, unnecessary diversity of tools, and overlapping functionality. These conditions can dilute the value of planned software investments, weaken purchasing power, and add unnecessary friction in the form of incongruent software platforms and services amongst intra-organizational teams.
Other issues with shadow IT are direr, including security and privacy threats from unvetted and unmanaged tools handling company data such as PII. Without a way to discover and monitor SaaS applications for business, and the personal information they do or do not hold, compliance with regulations such as HIPAA and GDPR remains unknown to software asset managers.
“When there’s no control or oversight, people get into trouble because if you don’t know about it, you can’t have a hope of managing it,” Russman says.
CapEx vs. OpEx
Another subtle but essential distinction between SAM-based practices for on-premise software and SaaS management is how they appear on the overall accounting ledger. Where on-premise software typically gets classified as CapEx, SaaS is a service, and therefore OpEx.
“If we switch to SaaS, we have gone to a utility or a service, so you’re paying for it like electricity or gas, so that expenditure becomes OpEx,” Canavan notes. “And that expenditure hits your P&L and reflects on the bottom line.”
CapEx versus Opex has been a focus for IT purchases in the past and is a strategic part of traditional software asset management tools. But with the increase in SaaS application purchases at the enterprise, CapEx doesn’t exist with SaaS technology subscriptions.
This shift can be beneficial. But now CIOs and CFOs have a much higher vested interest in managing recurring OpEx costs associated with increased investment in SaaS, including directives to cut costs and optimize value to software asset management teams. Without frequently monitoring and identifying new SaaS investments, costs can quickly grow out of control.
SaaS requires continual monitoring
Compounding the risks of shadow IT for organizations is the fact that new and unvetted applications continually enter use within large organizations. With on-premise software, applications are typically sourced, deployed, and managed by the centralized SAM team, so the application inventory is a finite, known quantity.
But with SaaS, based on Zylo customer data and feedback, as many as ten net-new applications enter the inventory of organizations with 1,000 or more employees every month. Given this fact, it’s not surprising that businesses often underestimate the actual number of apps used by two to three times.
Canavan suggests that SaaS monthly subscription billing as a way to identify tools that may be new in the IT environment – a process most likely to be owned by the SAM team.
“Now, because the bills are coming in monthly, you need to be looking for those spikes of activity,” he says. “That kind of activity needs oversight; it needs an appropriate level of management. And that falls back to SAM. It’s not going to go to another layer of the business.”
Less focus on audit defense (for now)
One of the most critical differences between how SAM teams operate and the new tactics required to manage SaaS can be found in contrast between audit defense and driving ROI for software.
“The whip that drives the need for SAM in many instances is vendor audits,” says Canavan. Ensuring that software deployments match the terms put forth by vendor agreements and that the company subsequently won’t incur additional license fees remains a primary motivation for a robust SAM program.
With SaaS, no audit defense is necessary as new features or additional licenses can be added on a pay-as-you-go basis. However, as more major software vendors move more products into SaaS deployments–especially those with pre-existing revenue streams from audits and true-ups on license quantity–some SAM experts believe SaaS-based audits are likely.
“The software business is what the software business is,” Tomeny says. “There are enough software vendors that make a lot of money off of audits and so they’re going to continue to keep the audit element in the business plan, as long as they make money from it.”
Reyes agrees: “It’s not a matter of if but when providers will start verifying compliance with their subscriptions,” he says.
A prominent contrast in SaaS assets compared to on-prem software is the prevalence of automatic renewals. Where on-prem software features perpetual licensing (purchase it once), automatically renewing subscriptions are, in part, designed to help ensure continuity of service. That is, you won’t lose critical SaaS tools or services if you fail to renew your subscription manually.
Due to the widely distributed nature of SaaS applications and lack of central visibility, automatic renewals can trigger unnecessary costs with significant impacts. Managing SaaS effectively requires a close examination of every SaaS contract and charting renewal dates and notification periods on a holistic calendar.
This proactive process affords software asset managers time to evaluate each renewal and curate data about the application, its functionality, and utilization to make an informed business decision about each renewal, rather than merely reacting to renewals as they arise. Or worse yet, automatically renewing an application with zero research or decision making.
Foxen notes a proactive stance to SaaS and automatic renewals should suit SAM practitioners. “SAM as an overall function should absolutely be proactive – that’s the point of it,” he says. “It should act as a gatekeeper for all software applications and be proactive with renewals, consumption, and costs.”
As mentioned in the introduction, the source of much of the explosive growth of SaaS occurs because business units, teams, and employees can now easily acquire and deploy software tools without IT. While this invariably causes shadow IT risks in organizations that don’t have processes in place to monitor and identify new, incoming applications, not all shadow IT or user acquisition is necessarily detrimental.
Many SaaS-forward organizations rely on the rapid acquisition of new tools and technologies as a competitive advantage. This view of technology acquisition fosters agility and innovation, and therefore success in the marketplace.
However, while this SaaS-forward approach challenges many of the fundamentals of a centralized SAM practice, allowing business units, teams, and employees to self-manage their applications may reduce unnecessary workload for SAM pros – if the right governance and visibility are in place.
The key to managing rapid adoption and inventory churn, Russman notes, is flexible governance. “In the modern environment, savvier companies have controls and parameters in place that allow users to have the flexibility to do some things but not others,” Russman says.
Utilization and consumption metrics
A significant challenge for anyone attempting to manage SaaS is the lack of central reporting and data for utilization and consumption metrics.
Rather than managing a finite, curated toolset of centrally managed on-premise software, a SAM pro managing SaaS may have to sort through multiple application dashboards and highly diverse consumption metrics, even amongst similarly functioning tools.
However, due to the all-digital nature of SaaS, if a SAM pro can discover and inventory all applications within an organization, license management functions can become more manageable.
“The management side of things differs massively because you have much more technology now to help govern users and usage,” Foxen says. “Vendors provide you with portals so you can go in, manage consumption, and assign licenses easily. Historically, you’d have had to add a license key that was probably on a software box, or in an email; you haven’t got all of that nightmare anymore.”
How SAM Pros Can Adapt to Manage SaaS
Despite all the differences, SAM practitioners are often best positioned to manage SaaS deployed at scale.
“It’s still software; it still needs an appropriate level of management. All the good tips and tricks that people learned for on-premise software can be adapted and applied to SaaS management,” Canavan says.
RELATED: How Nike and Atlassian Manage SaaS
Managing SaaS starts with discovery
As mentioned earlier, it’s impossible to manage invisible applications. The ability to discover and identify every SaaS application in use within a given business environment–to bring shadow IT out of the dark–is a critical underpinning to any effective SaaS management initiative.
Tomeny recommends checking your single sign-on (SSO) solution, if available, to identify logins to tools that may be within the realm of identity management, but not yet identified by SAM professionals within the organization.
A SaaS management tool like Zylo can be especially useful in this regard, as it integrates directly into multiple SSO tools–including leading solutions like Okta–to provide a more comprehensive view of activity.
Performing a manual inventory of all SaaS applications within use can also produce this information. This manual process frequently unfolds via surveys designed for business leaders and end-users to document what tools they use.
However, in large organizations, a workforce-wide survey can be a cumbersome, lengthy process that doesn’t produce highly accurate results. The length of time required to survey a large number of employees about their tool choices all but ensures this information is outdated by the time it’s summarized.
Examining financial data accounts payable (AP) and expense reports is a more reliable source of truth to discover the full inventory of SaaS application inventory. As an example of how this information can be utilized, the Zylo SaaS management platform uses machine-learning to ingest large volumes of AP and expense data and accurately identifies SaaS applications.
Cloud access security brokers can also provide data on the types and quantities of SaaS applications employees use. However, due to the massive upswing in employees working remotely and not primarily connecting to office-based networks, these systems have limited visibility. Web-based network monitoring can also provide some glimpses of the application inventory as it occurs on company-based networks. Still, it may not reveal the complete picture due to employees not accessing or failing to use company networks.
Use a SaaS management framework
Managing SaaS specifically is a relatively new practice among IT and software professionals. Salesforce, one of the earliest and most widely known examples of SaaS, was founded in 1998. Slack was founded more than a decade later in 2009. Microsoft didn’t offer its Office suite on a subscription basis until 2013. The body of guiding processes and documentation created over decades to guide software asset management practices have mostly not yet been developed for SaaS.
Founded in 2016, Zylo documented the best practices its teams developed for SaaS management through hundreds of implementations of its SaaS management platform across various use cases. Zylo’s SaaS management methodology emphasizes transparency, flexible governance, and software value when considering SaaS use across an entire organization.
The five concepts demonstrate how experienced SaaS consultants and analysts at Zylo think about universal SaaS management practices used with more than 100 customers today. Within each pillar, there are three recommended actions that every business and software asset manager can use to take control of managing their SaaS tools.
Zylo’s SaaS Management Methodology
- Discover and catalog your full Saas inventory
- Monitor flow of new and off-boarded SaaS applications
- On-board and vet proposed SaaS applications
- Designate ownership and cross-functional stakeholders
- Roll out software policies that address modern software
- Define your strategy (i.e., managed vs. unmanaged)
- Eliminate inefficient purchasing
- Reduce application overlaps and redundancy
- Right-size via automated license re-harvesting
- Forecast future spend with actual utilization data
- Renew Saas apps with data-driven insights
- Alert owners & LOBs to upcoming renewals & drive compliance
- Alert owners and lines of business to upcoming renewals and drive compliance
- Build self-management among line of business leaders
- Create employee software visibility for new tool requests
Download: Zylo SaaS Management Methodology PDF
Watch the video below for a full explanation of how each of the Zylo SaaS Management Methodology pillars and actions can be applied to augment SAM practices.
Watch the video above for a full explanation of how the Zylo SaaS Management Methodology can be applied to augment SAM practices.
For more information about the forefront of SaaS management best practices, including presentations from Zylo founders, customers, and analysts, visit Conduct Virtual.
Build more collaboration with stakeholders
To be successful at adapting their practices to account for SaaS, SAM professionals must increase collaboration with stakeholders, line of business owners, and end-users.
The fact that businesses acquire SaaSthrough multiple channels (including accounts payable, sourcing and procurement, resellers, corporate credit cards, and employee expense reimbursement) underscores the need to coordinate SaaS management best practices among multiple teams productively.
While this notion may challenge SAM’s traditionally central POV within the organization, savvy SAM pros can utilize the data and insights derived from implementing SaaS management techniques to elevate the effectiveness of their position.
An effective SaaS manager will be able to:
- Track and assess SaaS agreements, contract details, and product order forms.
- Develop and implement plans for measuring the total cost of ownership for all SaaS applications.
- Collaborate with users to identify and eliminate functional overlap.
- Empower software stakeholders to enter contract negotiations informed with data.
These skills not only prove useful to the SAM team but the organization as a whole. And, Russman notes, according to IBSMA’s annual surveys of SAM professionals, elevating the profile of their function within the organization is a perennial goal for SAM professionals.
“You have to work at promoting and selling your success and staying visible to be relevant,” he says. “Reach out to other departments that you can help or that can help you, or that you can share data with – that gives more value to SAM overall.”
Ready to start managing your organization’s SaaS? Get a demo of Zylo, the leading SaaS management platform of choice for software asset management leaders.