The 2021 SaaS Sprawl Management Checklist
December 17, 2020
4 minute read
It’s that time of year when you sit down to make lists for things like holiday gifts and New Year’s resolutions. But it’s also a good time to build a different type of list: Your enterprise’s 2021 SaaS sprawl management checklist.
It’s good practice for every organization that relies on SaaS to take inventory periodically. Without knowing and monitoring for potential SaaS app account creep, your SaaS environment becomes a risky, expensive, and unmanageable clutter.
Why IT should actively manage SaaS sprawl
According to our State of SaaSOps survey research, when asked about routine searches on the corporate network to find new end-user app subscriptions, 31% say they simply don’t do them at all.
But the case to conduct these routine searches is strong, to say the least. Our recent blog post on the importance of full visibility reveals why. Depending on how many users you have, enterprises generally have 2 to 3 times more SaaS app accounts than they think they do!
Without actively managing them, the dangers mount. But what can you do?
Your 2021 SaaS Sprawl Management Checklist
Here’s our holiday gift to you. We built a checklist that will help you tame SaaS sprawl in the upcoming year.
Discover all apps in your SaaS environment
If your organization is small enough, you may be able to work with business users to learn about the SaaS apps in use. However, if your organization has many apps and many users, you may need to run an automated tool.
So, first up on the 2021 SaaS sprawl management checklist is to ensure full visibility of your SaaS environment. It’s important to do the following:
- ❏ Understand tools with duplicate accounts, like multiple instances of Slack or G Suite
❏ Identify tools with duplicate use cases, like Asana and Monday.com
❏ Understand tools that are integrated into key productivity suites
❏ Identify tools that authenticate using your domain
❏ Monitor license usage for tools
❏ Eliminate SaaS tools without users according to your company’s policy
❏ Audit permissions that employees grant to unauthorized SaaS
❏ Compare permissions to your established data governance that defines who within an organization has authority and control over data assets and how those data assets may be used
❏ Prioritize consolidation of tools according to overall usage, spend, or risk
❏ Merge ownership of primary productivity tools like G Suite and Slack and Box and DocuSign into IT
❏ Consolidate ownership secondary tools as governance and policy require
Decide which SaaS apps will become standard
No 2021 SaaS sprawl management checklist is complete without discussing redundant apps. They come in two flavors:
- The same SaaS app used in different accounts by different users and teams
- Different applications that solve the same use case.
When the same app is used, your enterprise misses out on enterprise or volume-pricing which is the easiest way to cut costs. Also, you’re probably missing out on preferred features, functionality, and support that comes with higher volume SaaS tiers. When multiple apps solve the same use case, your enterprise also misses out on efficiencies related to SaaS app standardization, like user and IT productivity.
So next on our 2021 SaaS sprawl management checklist is how IT tackles this common challenge. Here are a few things you need to do:
- ❏ Determine the level of feature parity
❏ Meet with business partners to conduct interviews to really understand use cases, pain points, and challenges that users have with SaaS applications - ❏ Get the holistic view of integrations between tools
❏ Know which SaaS tools are supported in your SaaSOps platform ecosystem of integrations, as supported apps give IT much greater control and efficiencies
❏ Examine governance and policy
❏ Get app reviews from security and compliance teams, as every tool has different security
❏ Get app security and integration approvals from security and compliance teams
❏ Meet with each tool’s finance stakeholders and their customer success team
❏ Decide which SaaS app becomes the enterprise standard: Choose the app that best balances security with the business need (e.g., use of the best or most important tool for talent retention and recruitment).
Make selected SaaS tools officially sanctioned by IT
Once the final SaaS tool decisions are made between security, IT, and the business teams, the last milestone is to bring the tools under IT support. As the new owner for the app, IT needs to:
- ❏ Broker the relationship with finance to negotiate contracts
❏ Document processes for all the involved parties
❏ Make sure integrations and data flows between apps work as required
❏ Integrate tool with an identity provider and SaaSOps platform
❏ Set up security reporting logs
❏ Enable IT teams to support selected tool
❏ Monitor apps, users, files, and license usage
Rely on an automated tool to discover, manage, and secure SaaS
It’s not enough to merely search to find unsanctioned SaaS apps. It’s critical to use a platform that provides centralized, comprehensive visibility into all the SaaS apps in your IT environment. That platform should also enable you to assess potential vulnerabilities, take action, and actively manage your SaaS environment.
Most importantly, since a SaaSOps platform helps IT work more efficiently, it frees up valuable IT time to work with teams with unique needs and build awareness of corporate-approved SaaS options.
BetterCloud Discover is an incredibly powerful tool for any IT or security team looking to refine a SaaS App Account Management Checklist. But Discover only scratches the surface of what BetterCloud can do for your entire organization.
Want to learn more about how BetterCloud can help you discover, manage, and secure your SaaS environment? Schedule a demo.