An efficient SaaS management process involves having a SaaS management lifecycle that can ensure your organization is not exposed to risk and is controlling the SaaS spend, both in the short and long run.
The SaaS management lifecycle includes 4 stages: Discovery, Optimization, Planning and Governing.
We have already discussed the Discovery process in detail in our previous articles. What is involved in the other 3 stages of the SaaS management lifecycle?
The optimization stage includes figuring out how to increase the efficiency of the SaaS inventory. Here are some steps you can take:
It is estimated that on average, a big enterprise is paying more than $4000 per employee per year for SaaS costs. But as much as 38% of all licenses go unused after the first 30 days, hence companies are wasting $1500 per employee in unused SaaS spend. The optimization stage of the SaaS management lifecycle is aimed at cutting all that money thrown away.
When an unused or underused SaaS license has been discovered, the underused application could be compared to other company-paid applications having similar functionalities. Deductions can then be made on whether the similar application is being more utilized by the employees and if it can be offered as a replacement. It is recommended to also get in touch with the employee who abandoned the license and enquire about his intentions on future usage of the tool. If it is no longer needed, it can be reassigned to another employee or the license completely cancelled.
A situation that can frequently occur in big organizations is having more than one team sign up for the same application, without being aware of the duplication. In fact, about 12% of all SaaS purchases in organizations are duplicate purchases, that on one hand unnecessarily increase the SaaS budgets, and on the other - reduce the purchasing power of the organizations.
Another issue is the duplication of functionality - an issue occurring when multiple applications have been signed up for, all of them sharing similar functionalities.
The functional duplications typically occur with subscriptions to the following applications: web conferencing, project management, collaboration, training and learning, file storage and file sharing tools. It is usually the IT team’s responsibility to identify the functionality duplication, evaluate all duplicating applications and select the application that is most feature-rich, most secure, compliant, etc. The ITs can then advise that all employees or teams using the duplicate applications migrate to the one they evaluated and recommend as being most appropriate.
Of course, it is completely possible that some teams have particular reasons behind using a specific application, in which case it is legitimate to continue using different applications for similar functionality.
One of the key reasons for growing shadow IT is the employees’ ability to expense SaaS they signed up for. One third of all SaaS tools in an organization have been obtained via employee expense reimbursement.
To prevent shadow IT, it might be a good idea to rethink the cloud software acquisition process and either discontinue employee SaaS expense reimbursement or introduce specific expense thresholds.
Having an established SaaS approval process can be another option for preventing shadow IT. The process can require that each new SaaS an employee wants to introduce in the organization should be centrally submitted for purchasing, along with the reason behind this request. The SaaS review and approval can be accomplished by a board of representatives from the IT, legal, accounting, finance, procurement and other related departments, who would compare the new SaaS tool against the already available SaaS inventory and approve or disapprove its acquisition.
Such a process would require more time for app approval, but would cut unnecessary spend or uncontrolled risks.
The planning stage includes creating forecasts on the future SaaS spend of the organization. One key disadvantage of shadow IT is that, due to the lack of visibility, it makes any accurate projections on SaaS costs almost impossible. But, having a reliable discovery process and usage/utilization historical data on the entire SaaS stack - like last login, login frequency and other consumption metrics, ITs can get a good idea on SaaS trends and estimate the SaaS expense for the future periods.
Big organizations are on average renewing two licenses per business day. When those renewals are being managed reactively, they do not leave enough time for the managing people to prepare and act upon the renewal.
Hence, it is important to first ensure that all data about the renewal has been collected and is easily accessible for review, including renewal date and notification period, and second, that the renewal reviews have been scheduled in the task calendar of the IT team. Finally, it is also recommended that teams, business leaders and employees work together with IT to evaluate the usage, spend and other specifics of the application, so a fully informed decision can be taken regarding the renewal. If a decision is taken to renew, then the IT can work together with the vendor to negotiate better functionality, pricing, security and other terms.
To ensure efficient SaaS management in both the short and long run, each organization should set up a process for managing SaaS. There are different Governance options depending on the organization specifics, but a common approach is having the SaaS government distributed across the organization. What does that mean?
With distributed SaaS management, there are three levels of governance:
Governance is commonly assigned to IT for applications that are widely deployed in the organization - like Microsoft 365 for example, that are critical for the business operations, that require complex configuration and support, as well as higher level of security. Those applications get controlled by IT on a daily basis and are typically part of the IT budget.
These are applications that remain in the control of the team, business leader or employee assigned as owner, but that get initially implemented, troubleshooted and occasionally supported by the IT. Usually these are applications specific to the different lines of business in the company. They still undergo an approval and vetting process and are visible to the ITs at all times. The IT department, however, is not directly managing them but, rather, focusing on the apps critical for the company’s operations.
These are applications mostly used by individual employees or small teams. They get neither supported, nor managed by IT. Unmanaged applications belong to one of these two categories - approved applications or shadow IT.
Regardless of the fact that unmanaged applications are not supported or managed by IT, the ITs should still have visibility and documentation on them, and perform regular security, spending and other reviews, so these applications would not incur unnecessary spend or uncontrolled risks.
The distributed SaaS governance allows to achieve a substantial balance between flexibility and speed of SaaS adoption, on one hand, and spending control and risk management, on the other. However, it requires a reliable discovery process, a robust method for adding new applications to the SaaS stack and ongoing monitoring on the SaaS management processes.
Innovative organizations who use SaaS management platforms like Oveo have already seen the benefits of maintaining transparency and accountability on their SaaS tools. They are also using new approaches to preventing shadow IT like sharing a catalog of all approved SaaS tools with the employees and internal customers. Thus, the organization creates a coordinated and standardized application inventory, allowing employees and teams to get easy access to a tool as soon as they need it.
It is obvious that the SaaS market will keep growing, and will eventually totally outplace on-premise software. But, with no robust process for managing SaaS, companies will be facing a growing number of challenges as well. Lack of control on the SaaS inventory can expose the organizations to compliance and data security risks. Hence, implementing processes and practices for discovering, optimizing, planning and governing the SaaS tools are a must so the company can efficiently utilize SaaS while maintaining control.