Why SaaS Management is the Next Step for ITAM and SAM Professionals

Zylo team members joined analysts and scores of technology leaders at Next Generation ITAM in St. Petersburg, Fla., to connect and learn more about trends and developments in the world of IT asset managers.

The theme of the conference was, “What should we be doing to manage new technologies?” Many information technology managers including specialists in hardware and software exist in a world that requires continual learning and updates to identify the “next big thing” in technology and adapt the best methodologies to manage it in their work.

As noted by ITAM Review analyst AJ Witt, many in the ITAM world have identified managing the cloud and specifically software-as-a-service (SaaS) as prime upcoming challenges.

A New Enterprise Software Landscape

As IT managers have successfully adapted to other technological shifts in tools or processes, they’ve transferred applicable best practices of the previous regime to help address the new status quo.

And in some ways, this methodology can be true for software asset management (SAM) practitioners who seek to address the new challenges of SaaS.

If you thought that SaaS and SAM were akin, you’re not mistaken, they are similar. They are both software. They are used by the business. They can be deployed to multiple users. And they can both be professionally managed.

But there are some key differences that must be addressed when developing a professional SaaS management strategy.

You Can’t Manage the SaaS Applications You Don’t Know About

With SAM, enterprise software enters the front door of the business with a formal invitation in hand. Technology leaders, sourcing teams, and stakeholders have made an informed decision to purchase a software asset and deploy it within the organization’s framework.

Most SaaS is purchased differently. While some enterprise SaaS products do get formally invited into the business via a planned purchase and deployment strategy – an enterprise-grade CRM such as Salesforce for example – many more SaaS applications enter the business through the “side doors,” that is, applications are purchased and implemented in the business by team members.

This software is purchased and implemented without approval, input, or agreement from IT. This is shadow IT and it’s frequently hidden throughout the enterprise. Zylo data shows many large organizations underestimate the number of SaaS applications deployed within the business by two to three times.

One reason for the increasing prevalence of shadow IT within the enterprise: Rapid growth and specialization within SaaS applications leading to highly niche team-specific tools for Marketing, HR, and other teams.

Because SaaS applications are purchased and implemented in the business in a decentralized way not addressed by traditional SAM, SaaS management requires a new unique approach.

You can’t manage what you can’t see. For that reason, the first step to professionally managing SaaS approach must focus on accurately revealing all shadow IT within a business with a discovery process.

Managed vs. Unmanaged SaaS Applications

When compared to the maturation of SAM practices, the concept of professional SaaS management is just beginning to take shape for many organizations. However, a key contrast between the two approaches is the very question of continuing to centralize ownership for all software within a business.

For many enterprise organizations, once shadow IT has been revealed through a discovery or visibility process, assigning ownership of applications is the next logical step. In a SAM model, IT would be the logical owner for most if not all applications.

But because SaaS is so widespread, as well as relatively inexpensive, quickly adopted, and easily implemented, for many professional IT managers, the new question for managing SaaS is not “How can IT effectively manage all business software applications?” but rather “Should IT manage all business software applications?”

Within a responsibly managed framework that emphasizes vetting for security, data, and financial risks and focuses on the benefits of organizational agility rather than rigidity, SaaS ownership can be decentralized.

Managed applications would continue to fall under the supervision and direct support of central IT controls, whereas unmanaged applications would receive an initial vetting but then fall under the control of business units or teams who utilize them.

The thresholds for determining which applications are managed or unmanaged are likely to vary widely by organization, but some of the emerging criteria include:

• Being mission critical to business operations, data, or security
• Being mission critical to customer experience
• Spanning multiple cost centers or teams
• Meeting or exceeding certain cost thresholds
• Having consumption metrics that require close monitoring to prevent significant cost overruns

It’s important to note that in this SaaS management scenario, an unmanaged application does not mean it is an unseen or unmonitored application. SaaS managers will need a SaaS discovery and visibility platform that keeps unmanaged applications within sight for IT managers.

Although IT managers wouldn’t necessarily oversee day-to-day operations or even support these applications, their costs, utilization, ownership, renewal date info, and other essential attributes could be continually monitored.

Perpetually Licensed vs. Perpetual Auto-renewal

While a traditional SAM focuses on monitoring their software assets to prevent over-deployment of licenses and subsequent surprise costs at true-up, the subscription basis of SaaS demands a different focus.

Since SaaS is subscription-based and not an on-premise asset, you only provision the licenses you need, which creates more flexibility for the business around costs.

However, regardless of how many licenses are utilized, proactive monitoring and management is needed to prevent new costs incurred by SaaS application auto-renewals.  

Zylo data shows that enterprise organizations must manage two SaaS renewals every business day on average, underscoring the difference between checking in on an annual enterprise agreement to prevent cost license over-deployment.  

Again, creating a strategy for SaaS application renewals requires a strong visibility process to reveal application data like vendor notification periods, application cost, and actual renewal dates. Ideally, an IT asset manager or team would have access to a centralized source of record that visibly lists all information about all applications within the business.

The Big Picture

While integrating new asset types and processes may be par for the course for ITAM teams, the unique attributes and rapid growth of SaaS use within enterprises demand not only the advancement of the existing discipline of ITAM and specifically SAM, but new practices, models, and methodologies specifically designed for professionally managing SaaS.