Software as a Service (SaaS) has quickly become the largest category of XaaS spend1. In fact, Gartner estimates that the SaaS segment of the cloud will reach $85.1 Billion dollars in 2019. By design, SaaS providers have made their solutions easy to procure, setup, configure, and enable across your enterprise, both in IT and across the business. In some cases, an employee can create a new user account simply by authorizing payment through a credit card and activating the cloud application through the internet.
The Hidden Challenges of SaaS
Despite its convenience and benefits, SaaS has caused new problems for IT departments. The days of fully controlled, centralized IT governance are behind us, as businesses prioritize agility and speed to market in order to stay relevant and compete with industry leaders who have gone digital. As a result, there is an increase in “Shadow IT,” where SaaS implementation frequently bypasses IT or CIO offices, increasing security risk. While Information Security teams can manage SaaS access from company networks through cloud brokering and single sign-on solutions, they don’t have much insight into users logging into SaaS applications/data from other locations or the public internet. This increases data and information risks, and can impact GDPR compliance if the information is being transmitted to foreign locations.
In addition, traditional SAM programs aren’t able to keep up with these growing SaaS footprints, and IT is often being challenged with managing unpredictable cloud spend. Unfortunately, IT shops generally do not have a “single source of truth” for tracking SaaS applications running across their companies. While Cloud Cost Management (CCM) sounds fantastic in theory, many SAM programs continue to struggle with on-premise software compliance woes (e.g., vendor audits, true-ups, etc.) and don’t have the time, resources, or “know how” to tame their SaaS consumption and spend. Many organizations also handle SaaS renewals reactively and cannot identify vendor or product redundancies across cloud-based applications to generate IT cost savings.
Taking SAM to the Next Level
So how do you evolve your SAM function to handle the perils of SaaS, establishing proactive CCM and cloud governance?
It all starts with uncovering what you don’t know, turning over every SaaS stone across your corporate landscape. SAM teams must identify each SaaS application in use, who is accessing the cloud solution, and the time/frequency of usage. Once you can inventory your SaaS applications and produce a regular report of this key information, you’ll drive smarter decision making across the organization. You can then evangelize and share this data with cross-functional teams, which can help rationalize SaaS vendors, users and/or features. These insights will be actionable and will enable more effective CCM, ensuring tighter alignment between your CIO and company leaders.
Leveraging Cutting Edge Technology for SaaS Management
Pairing Zylo’s innovative platform (click here to learn more) with our SaaS supplier and software licensing expertise, Connor Consulting is able deliver real-time cloud insights and provide you with a reliable and secure system of record for your SaaS-based applications, transforming your SAM program from a cost center to a value center by instating proactive CCM and cloud governance.
Contact us at firstname.lastname@example.org for a free assessment today, and learn how to get a grip on your SaaS spend.
About The Author
Rich Reyes is an Executive Vice President for the Global Software Advisory practice at Connor Consulting. He brings 20 years of thought leadership around software licensing & compliance, technology asset management, and IT sourcing. Rich has performed hundreds of software audits on behalf of major vendors, and he’s established and led an ITAM/SAM department for a Fortune 100 retailer. He continues to advise companies on practical ways to mitigate IT supplier risks, reduce vendor total cost of ownership (TCO) and optimize software licensing environments. Rich holds CISSP and CISA certifications and is a frequent speaker at industry events.