by Philip Kushmaro

How to recover from SaaS stack bloat in the enterprise

Feb 06, 2019
EnterpriseIT StrategySaaS

Enterprises are seeing massive growth of SaaS adoption within their organizations. However, tech officers need to get organized and address issues with license management, redundancies, governance and compliance. Here are 5 steps to take to prevent IT bloat due to decentralized SaaS use.

Agility is highly sought-after in today’s business environment. As such, enterprises are now aggressively leveraging the efficiencies brought about by technology to drive their processes. And why not? Digital tools empower future-facing companies to perform better than laggards. A Harvard study shows that “digital leader” organizations enjoy a three-year average gross margin of 55 percent, while laggards only post 37 percent.

The decision on whether or not to go digital has essentially become moot. Instead, organizations now typically face the choice of whether to make either incremental or disruptive changes as part of their digital transformation efforts.

Interestingly, the emergence of Software-as-a-Service (SaaS) as a distribution model for applications has allowed companies to adopt new tools quickly. Due to relatively low costs of license subscriptions, even individual workers can simply opt in to these services using company credit cards. Previously, software purchases are made through lengthy formal purchasing processes.

However, since acquiring tech tools has become easy, the problem of bloat and loss of control in enterprise IT has also emerged. On the average, enterprises could be using over a thousand cloud services across various business functions, many of which may be underutilized or even unnecessary. Uncontrolled, this surge in SaaS use can give rise to various other issues such as integration challenges, security risks, and redundant spending.

As teams become empowered to acquire tools on their own to meet their specific needs, tech leaders may begin to wonder if it’s time to take a more passive role with software management.

However, the risks associated with SaaS stack bloat mean that your stewardship is instrumental in ensuring that your company makes the right technology choices. You also have to ensure that these cloud-based apps will work well with your on-premises IT and your existing enterprise software.

Here are five steps to take in order to prevent bloat in your IT due to decentralized SaaS use.

1. Identify

Before you attempt to manage SaaS usage and change the status quo, it’s important for you to gain a clear picture of SaaS use in your organization. You should create a comprehensive and up-to-date list of all subscriptions and users that are active in your enterprise. Note key details including the application names, the registered users, access credentials, subscription costs and duration, and legal and compliance information. This information is essential to formulating a strategy on how to streamline and manage these SaaS apps.

If your entire company pays for subscription services using a single credit card, then you’ll have a hard time determining which payments are for which software products, let alone tracking which department needs which app. But using a virtual corporate credit card service like Spendesk, you can easily segment and itemize all of this data. 

Tools such as Torii, meanwhile, can help IT admins to perform regular audits quickly. By integrating with your company’s web browsers and single sign-on providers, you can track SaaS usage within your network. This solution can also monitor employee activities so that SaaS apps are automatically noted for your review whenever users sign on.

Through the audit, you will then be able to review all applications in use and map out the various tech-driven functionalities that are needed by specific departments and teams.

2. Streamline

After the audit, one of the ways you can readily address bloat is to streamline the selection of SaaS apps that comprise your IT ecosystem. The list should help you identify potentially redundant functionalities and services.

For example, marketing teams may use various tools that have intersecting feature sets. Marketing tools like Mailchimp, HubSpot, and Unbounce all support landing page building and messaging personalization capabilities. Yet teams may still subscribe to all three to cover features available in one that others lack. For instance, HubSpot is the only one that includes a CRM.

By knowing these overlaps and the strengths of each tool, you may be able to cull redundant subscriptions and those that don’t fit your processes. Keep only the services that perform best given your situation.

3. Integrate

As an undesired side effect, rampant SaaS adoption can also reinforce the silo effect, or the lack of collaboration, across teams within the organization. The flow of information and work can be hindered if each team uses its own set of tools. To overcome this, it is necessary to integrate these apps and have them share data seamlessly. This way, work can readily progress from one business area to the next while ensuring the integrity of information.

Integration also helps in analytics and business intelligence. Having consolidated data allows for more accurate insights to be generated. This would be impossible if information from one SaaS app can’t be referenced with other data sources.

One way you can readily make sense of data across various apps is to use business dashboards like Klipfolio and Databox. These services support extracting the latest data from most mainstream SaaS tools, helping you generate an accurate snapshot of the business at any time, which you can easily share with stakeholders across your company.

4. Monitor

SaaS services can ease certain maintenance burdens from the IT team. For instance, software updates are often deployed automatically, unlike with conventional software, where IT teams have to roll out patches to endpoints themselves. But this doesn’t mean that these apps can be left unmonitored. You should still be on top of developments to ensure that these apps wouldn’t introduce issues to your ecosystem.

Many SaaS applications use JavaScript frameworks and libraries as part of their technology stacks. Package manager NPM, in its audit, found that 51 percent of projects that use JavaScript libraries contain at least one vulnerability. It is often up to developers to apply the necessary patches to their applications. IT teams, however, could exercise due diligence and verify if the apps they use include these unsecure libraries.

In addition, be wary of who has access to these SaaS apps. Left untracked, some employees may be able to retain access to your data through their own SaaS subscriptions long after they’ve left your company. Having capabilities such as single sign-on using company-provided credentials could help you assign and revoke access in a timely manner. Monitoring the number and length of subscriptions to SaaS services also allows you to control and minimize costs.

5. Secure

Cyberattacks are a pressing concern for all enterprises today. Unfortunately, by accommodating SaaS use, you’re essentially widening your potential attack surface. Since these services store your data in the cloud, you’re also essentially relying on their diligence and competence to secure your data. You wouldn’t want to readily hand over your company data to third parties with poor security.

Don’t let low-level staff have access to administrator or owner-level credentials. Establish protocols that allow you to check and vet new users and tools. Policies concerning employee use of SaaS service must be clearly outlined and make users accountable.

Un-bloat your organization’s stack

Keep in mind that you still need to strike a balance between empowering staff to be agile and your control over your infrastructure. You don’t want to limit the possible ways employees may be able to leverage new SaaS tools to your enterprise’s advantage. Besides, many of these SaaS products have now become the industry standard tools for certain business processes.

However, it’s still important to rein in SaaS adoption considering the risks that technology adoption efforts now carry. A bloated tech stack eventually becomes unwieldy and difficult to manage. Streamlining your SaaS use should be a top priority. A solid strategy and careful implementation should allow you to enjoy the benefits of SaaS and overcome potential issues.