The Blissfully Guide to SaaS Management
The Virtuous SaaS Cycle
Software as a service (SaaS) has, without exaggeration, revolutionized the way we all work today. When software is delivered via the cloud, it’s easier to find solutions to unique challenges, rapidly test out new tools, and build an arsenal that works for everyone on the team. Organizations can quickly build stacks of apps they like and individual teams can make their own decisions about which apps they want to use.
Software is increasingly distributed throughout organizations and more end-users in all functions are able to find tools that they love and that solve their problems. Hardware is no longer an impediment to adoption, so teams are free to choose the computers and other tools that work best for them without worrying about which apps they’ll lose access to.
Unsurprisingly, this high-availability, low-friction method of software delivery has ratcheted up the expectations of SaaS providers. Customers demand software that is easier to adopt and use, while also requiring less technical intervention to get the job done. This increased demand creates more opportunities for software creators, which then creates even more competition to offer functional, well-designed experiences, and fun-to-use products.
We call this the “virtuous SaaS cycle.” Since SaaS is so much easier to try (and buy), SaaS companies must advance features as fast as they can and offering increasingly innovative solutions in a competitive marketplace.
While the benefits of SaaS are significant, it can be dizzying for both software providers and end users to keep up. As technology morphs and proliferates, the nature of how organizations manage software must change with it.
The SaaS Market Today: White-Hot and Getting Hotter
Due to the virtuous cycle described above, SaaS usage is accelerating at a rapid pace across businesses of all sizes and types. In fact, the average company pays for 20 times more SaaS subscriptions today than they did five years ago, and uses three times more free SaaS products than paid apps. SaaS has taken root across all functions and departments. Impressively, non-engineering SaaS spend rose from about 10% in 2010 to over 80% today.
The number of SaaS offerings and vendors has exploded along with this rise in adoption and spread throughout the organization. In fact, the SaaS segment accounts for 69 percent of overall public cloud market share today. Growth has consistently outstripped analysts’ predictions, and we don’t expect it to slow down anytime soon.
More SaaS = More Chaos
However, it’s not all roses and sunshine. Often, as SaaS tools begin to take hold within an organization, we start to see the signs of chaos:
The proliferation of SaaS naturally means businesses are investing in point solutions, which can be disconnected from each other, creating silos and adding complexity to workflows. Often businesses have to deal with inconsistent APIs and no clear, central hub for managing their SaaS applications. At times, tools do not play nicely with each other and opportunities for synergy (and productivity) are lost.
Lack of Visibility
As you have probably experienced, SaaS can sprawl rapidly. Since teams are able to add and change apps rapidly, there may be new ones in play each week, and it can be really tricky for IT or whoever manages tools in the organization to stay on top of who is using what, when, and how.
As software management becomes increasingly decentralized in an organization, it is common to find numerous SaaS tools with overlapping features. As an example, many organizations use a combination of join.me, Zoom, GoToMeeting, WebEx, and/or Google Hangouts, depending on the team or the use case—or just arbitrarily. Other times it can feel like there isn’t a single solution that can do it all (maybe you get good analytics with one tool but better publishing capabilities with another), so it feels like you need to have everything available. This can quickly spiral into chaos.
Human Resource and Finance Challenges
If you don’t know how many or what kind of apps your organization uses, it can be also difficult to forecast the costs of new hires, since technology costs are different for each department and role. There can be a wide margin of difference in costs between, for example, hiring a marketing manager who will need five to 10 very robust and specialized SaaS tools at her disposal and a customer success manager who will spend the vast majority of his time on just two or three platforms. Then there is the matter of getting each employee onboarded quickly to the appropriate tech, which can be time-consuming and thus expensive for the organization.
Finally, there is not a lot of standardization at this point when it comes to security and compliance concerns for SaaS tools. For example, many apps use two-factor authentication, but not all of them enable it on an automated basis, so users may skip over it or only use it with some tools. It’s also hard to know who has access to which apps and where the data is flowing. Thus, there are times when adding new SaaS tools to the organization can also increase your risk and open you up to cyberattacks, lawsuits, and more.
The Changing Role of IT
What do you think of when you hear the two letters “IT”?
It used to be “that guy who helped me set up my computer” or “the person I bug when the printer’s broken.” Today, IT personnel today serve a very different function than they did five, 10, or 20 years ago. In fact, at many organizations today, you might not even find a formal IT role at all. See, one unintended but widespread consequence of SaaS proliferation is that it has completely changed the nature of the IT function.
It used to be that if it had to do with tech, IT was in charge. With technology centralized, it was under control and safe. The IT team was tasked with choosing and managing both hardware and software, ensuring the security of tools, and managing budgets and vendors across all functions of the organization. If it was technical, it was the domain of IT. That’s much less true today.
With most teams choosing their own tools and managing their own tech budgets, and with far less hardware and highly technical network or server infrastructure to worry about, the linchpins of IT centralization are gone. However, data security, process compliance, technology cost forecasting, employee on and offboarding, and many more IT “jobs” still need to be done.
The challenge with SaaS is that, without centralization and visibility, it’s increasingly difficult for IT to fulfill its responsibilities. However, it’s also unrealistic and inefficient to expect every team to have a dedicated resource for managing technology.
So if all of the functions that were once managed by IT still need to be carried out, who should do it and how? Does it make sense for your sales team be in charge of Salesforce, your dev team in charge of Github, and your HR team in charge of BambooHR? What about Slack? Do you need some type of new, non-IT person to step in and take charge?
It is now a shared responsibility
Depending on your organization, the function of IT today might be handled by:
- The CEO
- The CTO
- Engineering or DevOps teams
- HR or office managers
- Individuals on various teams
- A “biz ops” team
- Some combo of the above
There’s not a single correct answer for every organization, but what is important is to have a clear understanding of who has ownership and responsibility for things like spend optimization, compliance, and security. The goal of SaaS management is to gain as much visibility as you can into SaaS usage so that the organization as a whole can make more strategic decisions about how to leverage technology.
A new IT maturity model by company size
We have noticed in our own careers in the startup world that there are often some common inflection points where the question of IT ownership comes up. In our experience, here’s what that often looks like:
- Survival Mode (~Under 35 people) – The primary concern is getting apps into the hands of employees who need them to do their work. Tech is everyone’s job, and often there isn’t time or space to think far ahead about the best way to manage SaaS; if you need an app, you get the company credit card number and make it happen.
- Growth Stage (~35-100 people) – While there are probably many of them in place, often there is still not much strategy or visibility applied to decisions about SaaS tools during the high-growth stage. Typically SaaS management falls to a combination of HR, finance, administrative staff, and a CTO (if you’re a company that has one).
- Tipping Point (~100-250 people) – At this point, it is no longer feasible for everyone on the team to manage SaaS tools on an ad-hoc basis. It’s time to hire someone or assign the task to a team member who can focus on it a large part of the time. Many tech-forward companies delay this decision as long as possible, since their team members tend to be pretty savvy and they can get away with it—but it can lead to real challenges down the road.
- Scaling (~250-1000 people) – You almost certainly have someone in charge of IT and of managing your SaaS stack, but that doesn’t mean it’s being done efficiently. As you scale, it’s a good idea to evaluate (say, on a quarterly basis) whether you have sufficient visibility and control over your SaaS stack. You also want to ensure that you frequently evaluate your stack from security, cost, and productivity standpoints.
- Enterprise (1000+ people) – At this stage, you absolutely can’t afford to let SaaS chaos slow down your organization. It’s vital that you have continuous visibility into app usage across your entire organization. You should have multiple people whose entire function is to ensure technology is being used to its fullest potential to accelerate the growth of your organization. This should include regular audits of SaaS usage, again focusing on security, cost, and productivity.
No one wants to be the bad guy who comes in and forms a bottleneck around SaaS usage. It’s no fun to tell team members who used to have complete freedom that they now have to secure permission and a budget before they invest in SaaS tools. But if you don’t start to put guardrails in place, all of the issues of SaaS chaos we mentioned earlier—from tool overlap to security breaches—can quickly become major problems.
Rather than continue to ride the waves of SaaS chaos, we highly recommend that organizations get serious about SaaS management. Here’s how to do it.
What Now? Moving Forward in the Age of SaaS Chaos
While the challenges described above may feel like a reason to tighten the reins (or toss SaaS altogether—ha!), the reality is that you probably can’t. Your employees likely won’t respond well to a plethora of restrictions, and while some large enterprises can get away with tight controls, many businesses who must compete for talent need to face the reality that happy, productive employees are too important to justify restrictive rules around SaaS.
Instead, organizations need a better approach to SaaS management. Your goal should be to better understand what apps your organization is using, who is using them, how much they are spending in each department, and then use that information to make good decisions that benefit all of your users.
Now that we’ve explored the challenge of SaaS chaos and the changing role of IT, let’s take a look at what SaaS management means, why it’s the antidote to SaaS chaos, and how to implement it at your own organization.
SaaS Management: The Antidote to SaaS Chaos
At its most basic, effective SaaS management requires two key ingredients:
- Visibility: A clear window into all SaaS applications (free and paid) being used across the organization
- Controls: Technological support for the organization to manage SaaS applications
Complete, Real-Time SaaS Visibility
SaaS management starts with visibility, specifically: increasing visibility into organizational relationships to SaaS products. In other words, visibility is the basic requirement of SaaS management. Visibility feeds the three major goals of SaaS management:
- Workflow optimization
- Spend management
- Security and compliance
None of them are achievable without visibility, so it’s arguably the most important aspect of SaaS management. What exactly do we want visibility into? Well, we want to be able to answer the following questions:
- What apps are being used, how, and by whom? (This is not limited to paid applications!)
- Is the organization paying for subscriptions that aren’t being used?
- How much is being spent on SaaS?
- What features does each app offer, and where is there overlap?
- Where is data being stored and which apps have access to critical data? (Ahem, GDPR.)
- Are apps being used in a secure and compliant manner? (And are apps being chosen for their security and compliance features?)
When you are able to achieve full SaaS visibility, you can answer these questions and achieve the goals of optimizing workflows and spend while maintaining security and compliance.
Organization-Wide SaaS Controls
As we outlined earlier, the role of IT is changing in large part because each team in an organization is often responsible for selecting and acquiring its own software. This means everyone has to contribute to SaaS management. Take employee onboarding for example. A typical onboarding process involves someone from each of the following departments: human resources, operations or office management, IT (if applicable), and engineering—plus the team lead for the new hire’s department. Each of these team members needs to have a clear understanding of what the new hire needs to know about SaaS in your organization. Implementing organization-wide SaaS controls means that, just as software is distributed, so is the responsibility for managing it. It increases your ability to onboard effectively, as well as to manage the employee’s SaaS usage throughout their term.
Applying SaaS Management Principles to Common Pain Points
Once you have gained visibility and control over your SaaS stack, it’s time to use those capabilities to better manage the following processes:
- Employee onboarding
- Employee offboarding
- Security and compliance
- Vendor management
- Software spend optimization
Simplifying Employee Onboarding
Effectively onboarding employees is critical for any organization. It helps build culture and happy employees, which leads to a productive team and company. And doing it right is important for security and compliance.
Onboarding processes should, as much as possible, be automated. Many of the tasks related to onboarding are repeatable and rote, so there is no reason that a human being should be directly in charge of them. When they are an employee’s task, they may not always be at the top of the to do list and can easily slip by for days or weeks (or never get done). If you implement automation, you can keep the process, well, automatic!
They should also be streamlined. We recommend companies invest in a single tool that automates the onboarding process, particularly as it relates to SaaS technology. Beyond streamlining technology onboarding, make sure that roles and responsibilities that can’t be automated are clearly defined and assigned to the appropriate team members from the beginning. Check in and ensure that action items are completed in a timely manner. This way, everyone understands what they are responsible for and nothing slips through the cracks.
We cover all of the above in detail in our Employee Onboarding Guide.
Securing Employee Offboarding
Effectively offboarding employees is also critical for any organization. It helps build a culture of security and compliance, and it protects you from liability. However, often the process for offboarding an employee is ad hoc or neglected altogether. (Ever left a job and still had access to your company email months later? Oops…)
You can’t risk company or customer data leaks or security breaches, and one of the best ways to avoid this is to develop tightly controlled offboarding processes. A whopping one-third of all companies have already experienced an insider threat incident, according to a recent SANS report.
A proper offboarding process dramatically decreases the odds that your company will be vulnerable to this type of attack. It’s easy for credential allocation and privileged access controls to slip through the cracks if there aren’t clear processes in place, especially at the moment of offboarding. Protect your organization’s security by getting this right.
We cover how to do this in detail in our Employee Offboarding Guide.
Facilitating Security and Compliance
While SaaS tools can help your organization accomplish its goals more efficiently, they can also introduce security concerns if not properly locked down. Most organizations start off with no policies or systems for security and tackle any issues on an ad-hoc basis. Since business teams are often selecting their own SaaS applications, security can fall to the wayside in favor of focusing on the user experience and ability for the app to directly address the need. If it makes the list, security is often the last priority.
You can’t wait to think about security until after something bad has happened. Both ad hoc and absent security policies can open you up to major risk. On the other end of the spectrum, some organizations employ arcane security practices around SaaS products (like forcing users to change their passwords at regular intervals for no real reason) that are not even remotely user-friendly and are thus often skirted by employees.
Generally speaking, we believe you should rely more on reasonable systems and guardrails than on user actions and training. In other words, take human error out of the equation whenever possible. We also believe it’s best to have fewer vectors, rather than more, and to harden these protections as much as possible. A true SaaS management approach includes taking a systematized approach to security. We explain this and offer best practices in our Guide to SaaS Security.
Additionally, you want to ensure that when you make decisions about what SaaS tools to use and what controls to build around them, you keep in mind any compliance mandates you are beholden to now (or may want to meet in the future). One popular framework to look at is SOC 2, which applies to many businesses today.
To meet many compliance mandates like SOC 2, you need to have strong SaaS management protocols in place so you know who is accessing which parts of your systems and data, when, and why. That way, if something goes wrong you can fall back on detailed audit trails. At a minimum, your organization should know which apps are in use (and by whom) and what internal data sources these apps have access to. (Check out our full Guide to SOC 2 Compliance here.)
Managing Vendors Effectively
While a necessary starting point, having comprehensive SaaS visibility isn’t the same as effectively managing your vendors. There is a difference between the apps you use, and the vendors that sell them, which means subscription payments and managing renewals is not as simple as knowing when a single app renews. (For example, many software companies offer more than one application. Microsoft offers Office 365, but also Dynamix CRM, Azure, and many more. Whereas Slack is just Slack. ) This is where vendor management comes into play.
In many cases, the person who owns billing for an app or vendor is different than the person who owns the vendor relationship. Let’s take as an example a common tool many organizations use: Salesforce. You might have 20 or so sales people using Salesforce, and your finance team owns the billing process. However, when it comes to setting up a new user or changing access levels for an existing user, it’s not likely to be finance that handles this, but rather someone in operations, IT, or even the head of sales. So managing vendors effectively means knowing who is responsible for each aspect of the app’s usage and for any direct relationships or communication with the vendor.
Another big part of effective vendor management is renewal management. Many apps are billed on a month-to-month basis, so the cash flow is pretty predictable. However, vendors often offer a discount for annual subscriptions (or simply require them). If you have an annual contract in place, it’s important to have a reasonable amount of notice about an impending renewal in case you want to make a change. And different apps need different lead times to make those types of changes. Sixty days is plenty of time to make a decision about whether to renew GotoMeeting, for example, but not nearly enough time to make a wholesale switch from Hubspot to Marketo.
Every company’s vendor management process is different. In some organizations it may be more formal, requiring requests to include a business reason and for each stage of the process to be captured for compliance. If you aren’t that far along yet, it could just be having a complete view of all your vendors, spend, renewal information and knowing who is ultimately responsible for the vendor relationship.
Optimizing SaaS Spend
Often a catalyst for dealing with SaaS proliferation is the inability to track and understand SaaS spend. If you’re thinking to yourself: I have no idea what we spend on software. Well, it’s common for organizations to be in the dark about SaaS spending. But it’s not exactly ideal…
While no one questions the value or need to invest in SaaS, tool overlap can be a big problem and can lead to wasted resources. Furthermore, it’s important from an organizational perspective to have a clear view of where money is being spent, by which teams, and whether the spend is justified by results (hello, ROI).
Additionally, it’s increasingly difficult for finance teams to get a handle on runaway SaaS costs. Many organizations will attempt to project out their technology costs, only to find that the reality does not match up at all. Different team members have different technology needs, so SaaS spending can make the cost of a new hire vary in ways that tracking salary and benefits will not account for.
Business teams are responsible for extracting value and return for their SaaS spend, but most are just focused on getting their jobs done. Activities like license optimization and renewal management are not top of mind for most team leaders. This was traditionally something IT managed, but it has fallen through the cracks and leads to money being wasted and contracts being renewed that might not otherwise have been.
At the end of the day, organizations need to have clear visibility into how much they are spending on SaaS, so they can evaluate whether these costs are justified, make accurate projections, and ultimately be as strategic as possible about investment in SaaS tools.
Executing a SaaS Management Strategy
Hopefully it’s clear by now that, at some point, every organization is going to need to invest in SaaS management to gain increased visibility and control over their usage of software in the cloud. Now, let’s talk about how to actually execute a SaaS management strategy that works.
Ideally, to achieve the goals outlined in this guide, you want to build a consolidated source of truth, where you can quickly visualize apps, team members, and spend all in one place. To achieve this, you need real-time data that will allow you to see what apps you have now and proactively identify newly added apps before billing begins, so that the organization can better forecast spend.
The good news: Technology is both the challenge and the solution here, since it can be a huge boon when it comes to SaaS management. Here is what we recommend.
Blissfully: Worry-Free SaaS Management
Luckily, when it comes to SaaS management, you don’t need a huge stack of yet more software to get the job done. Blissfully was created to solve the SaaS management challenge, by building a thorough inventory of free and paid SaaS applications used across all teams in your organization. By connecting app data with critical metadata on people and spend, Blissfully provides all the tools you need to take control of SaaS chaos across your organization. We can help you surface the apps your teams love to use (and typically find a few apps you’re paying for without using).
Blissfully also helps teams optimize SaaS spending by accurately tracking and reporting costs across all teams and apps, enabling organizations to eliminate overlap and waste, while ensuring better forecasting. With Blissfully, you will be alerted to upcoming renewals so you are never surprised by a bill.
Next, we help teams automate IT workflows to eliminate tedious, manual work that is often otherwise handled in spreadsheets and Google docs. All the processes that IT once managed related to applications can be now be streamlined. Tasks like renewal management and employee on- and offboarding can be centralized by using Blissfully to aggregates all apps and app-related workflows in one place.
Finally, Blissfully is able to improve security and compliance by enabling you to quickly view permissions across apps and build an audit trail around access. Detailed tracking helps teams make sure no one has access to data who shouldn’t and enables them to quickly revoke access when necessary.
When it comes to managing SaaS chaos, Blissfully can help you go from ad-hoc, wasteful sprawl to a streamlined and cost-effective strategy that enables your organization to get the most out of its investment in SaaS. And isn’t that the goal?
Try our Free SaaS audit to see what SaaS applications your organization is using right now: