Webinar

Product Spotlight ft. Conditional playbooks, Enhanced Access Reviews controls and more

Register Now!
Button Quote
Featured
SaaS Management

6 SaaS Management Mistakes to Avoid

Traditional methods of keeping track of all SaaS applications and their purchases is a time-consuming, error-prone, and effortful task. Proper SaaS management helps discover, organize and streamline SaaS applications across the organization.

Companies need proper SaaS management to address lack of visibility, poor control, ineffective SaaS license management, and improper spend management. Gaining visibility into all SaaS applications helps to weed out unnecessary SaaS apps and optimize spending.

To understand how to make the right choices for SaaS management, IT teams should know the common mistakes they make while managing SaaS applications in their organization.

6 SaaS Management Mistakes to Avoid

Let's discuss the six common mistakes made while managing SaaS applications.

1. Using Spreadsheets

Asset Image

An average mid-size business uses 1250 SaaS applications.

Yet, despite those high numbers, most companies still track their SaaS app usage with an Excel or Google spreadsheet.

Using a spreadsheet for tracking so many apps at once can be error-prone if done manually. It is also time-consuming and insufficient for SaaS management as it takes time to manually change, edit or add applications’ data into the spreadsheets.

Note: If you are a small team, you can use spreadsheets initially. Download our SaaS tracking template.

Asset Image

Spreadsheets are hard to manage, especially for SaaS subscription management. One of the reasons for it is that SaaS apps are constantly rotating in and out of organizations.

Using a spreadsheet for SaaS subscription management requires IT teams to continually check in with each other about whether they have changed or altered any of these details. One of the data updates may go out as human error, and the spreadsheet isn't efficient enough.

It is difficult to stay on top of the ever-changing rotation of SaaS subscriptions in any given organization, at least if done manually. Keeping a SaaS spreadsheet up to date could easily absorb a one-person job.

Whether it's a mistyped line item or a small change that happened without a notification, these documents become full of small mistakes that result in a build-up of an inaccurate picture of the company's landscape.

2. Managing SaaS With Traditional Software Asset Management Tools or CASBs

Another mistake most IT teams make is thinking that traditional tools, such as SAM, ITAM, or CASB, are sufficient to manage SaaS.

SAM tools are powerful, but they are not made for managing SaaS. Though they possess some capabilities of SaaS management platforms, they were primarily made to manage on-premise software assets.

In a survey done by ClearEdge, they found that 75% of those with Flexera paid $3M-$10M in audit fees in just the past year. This shows that customers have developed a false sense of security around modern-day SAM tool functionality and don't consider the limitations and risks.

When an IT admin uses remote server access software to provide applications to end-users remotely, the SAM tool will only count one single installation of the software. But when remote server access is used, apps can be utilized by any users that have potential access to that server.

Most software publishers have contract clauses that require to pay for users who have access to the application, be it locally or remotely. In this situation, the SAM tool will only count one instance of a software license on a server, but hundreds or thousands of users could be utilizing it, making the company liable for a large true-up in an audit.

SAM tools are good at counting the licensing metrics like users, devices, processors, or cores. But software publishers commonly create new, complicated, and custom licensing metrics that the SAM tool may not be able to count accurately.

Only with granular visibility into SaaS apps can one set access control rules to provide access to specific user identities and the terms of their accesses. CASBs excel in data control within the cloud services, but they do not support access control and rarely provide reasonable visibility.

Accurate visibility, access control, and data control are required to avoid threats that risk an organization's data and reputation. CASB only has visibility into a user's actions on the service itself.

This provides a very limited point of view that cannot satisfy security compliance and leaves the organization exposed.

3. Negotiating and Buying SaaS Without Data

A SaaS contract defines the type of relationship shared by a SaaS vendor and its customers. It contains clauses for pricing, renewal, data privacy, IP rights, service level agreement, and more.

SaaS buying and negotiation should be data-backed. With proper insights into the SaaS stack, the procurement team can negotiate favorable terms and conditions for the business.

Without proper information about the app, the procurement team will be unable to negotiate points. If data isn’t available, we recommend taking an expert's help for SaaS buying.

This knowledge can be pricing benchmarks and SaaS usage metrics.

Prices for negotiations depend on the multiple factors which are associated with the requirements of the departments and the company, like which license tier is required, for how many employees SaaS apps are required, etc. These factors influence the pricing, and we negotiate to get you the best deal.

We at Zluri offer SaaS buying services. We have benchmark data on SaaS prices.

Asset Image

We bring data-backed insights with knowledge on fair pricing to get you a better deal that you can negotiate on your own.

Our SaaS buying experts understand each category of software product and the price associated with them.

Asset Image

Additionally, we analyze the overlapping of features between the multiple SaaS apps that can complicate the SaaS environment of the company and make you spend unnecessary. We guide the company on this and advise removing the apps with similar features to the existing ones.

Asset Image

4. Thinking SaaS Management Means Spend Management

But this is not true.

SaaS management ≠ Spend management.

In a survey, most of the respondents were focused on cost/license optimizations. On the contrary, only  20% said their focus is security, risk, and governance.

Asset Image

Though cost-saving is valuable, it is a one-time benefit. On the other hand, by focussing on SaaS governance,  you get continuous benefits and prevent issues from happening in the first place.

Limiting the scope of SaaS management just to spend management can harm your business. When you are non-compliant, you risk heavy fines during failed audits.

It can also lead to security breaches, leading to distrust in customers. It's no surprise that with increasing universal SaaS adoption, SaaS security issues have increased too.

SaaS products are straightforward to deploy. Therefore, employees can often procure them without oversight from IT security teams.

Control over security isn't possible if you don't even know what apps you have. There is a need to focus on discoverability, governance, and security so that IT admins can vet unused, unmanaged, or abandoned apps and terminate access when apps don't pass security and compliance standards.

With its 9 discovery methods and the largest app library cosistening over 225k apps, Zluri discovers 100% of SaaS apps used in your organization.

Zluri’s nine discovery methods

See how the Zluri discovery engine works here.

Maintaining compliance with regulations like GDPR and CCPA having strict data protection provisions is also important.

As third-party data processors, SaaS apps have to follow these provisions. Zluri helps you to find critical apps and users thus mitigating the risk of data breaches.

Asset Image

If an employee uses a non-compliant application, then they could compromise the organization's compliance.

Asset Image

Zluri also gives you information on what compliance standards the app follow.

5. Not Having Policies Around SaaS Procurement

SaaS procurement is getting difficult tasks with so many apps available with different and complex pricing models and no way to see that you are getting the value from them.

In large companies, sourcing apps is done by employees themselves, so the IT budget needs to be constantly re-evaluated to identify areas for cost savings and potential consolidations.

Without proper policies around SaaS procurement, the procured SaaS app may not have the expected advantages, not ensure that the company meets regulations, and also may not follow the safety and security terms for the app's operations.

There are different policies that companies can implement for their SaaS procurement, such as data security policy, data retention policy, privacy policy, and acceptable use policy. These policies help employees to make informed decisions while selecting the best tool to carry out their jobs.

6. Manual Provisioning and Deprovisioning

User provisioning and deprovisioning involve the process of creating, updating, and deleting user accounts in multiple applications and systems.

Asset Image

Manual user provisioning is prone to risks. If a new user is manually provisioned, the IT teams run the risk of giving them more access to the organization's SaaS and data than they need to get their jobs done.  

If new users are manually provisioned to new SaaS apps, and there is no accuracy in  visibility, then the IT admin will not be able to know who is accessing what within the organization visibility. It will therefore be difficult to detect or pinpoint errors while troubleshooting.

Manual provisioning can also lead to provisioning more users than needed for services that require licensing and charge by user count or even missing users during deprovisioning. The user’s anime will remain on the balance sheet with unused accounts.

Manual deprovisioning is arguably riskier than any of the above situations. When an employee quits or is removed, their accounts shouldn't continue to act as a gateway to organizational networks.

Asset Image

In manual deprovisioning, while offboarding, there may be times when the employee isn't devoid of all applications. This can let the individual misuse this opportunity by accessing data, altering, or stealing. It can also lead to abandoning apps that can result in shadow IT.

Being able to suspend user access to applications is a powerful security feature and an important requirement in achieving regulatory compliance.

Zluri not only automates the provisioning but also makes sure that the ex-employees do not have access to company data lying in SaaS apps.

Asset Image

We recently launched an employee app store to solve many of these tasks.

SaaS management practices should be implemented well for the IT department to acquire benefits in different ways. By avoiding the above mistakes, IT teams can get hours of time back, produce fewer errors, negotiate well, optimize costs and keep their fellow employees productive.

Book a Demo

Table of Contents:

Webinar

Product Spotlight ft. Conditional playbooks, Enhanced Access Reviews controls and more

Register Now!
Button Quote

Go from SaaS chaos to SaaS governance with Zluri

Tackle all the problems caused by decentralized, ad hoc SaaS adoption and usage on just one platform.