Keeping SaaS sprawl in check: 3 key questions to ask

The widespread use of SaaS software is a good thing for organizations. People feel empowered to buy and use the tools they need to do their jobs effectively. On the other hand, SaaS usage can quickly get out of control from a workflow, spend, visibility, and security perspective if left unchecked. If there’s no dedicated IT person in an organization, it can be tough to even know where to start.

No need to stress; we’ve pulled together the three key questions to ask yourself to keep SaaS sprawl in check. Hint: it’s all about the relationship between people and apps.

Who’s using our apps?

One of the best things about SaaS is the ability to collaborate across teams and with outside contractors or partners. But it’s also one of the biggest risks. First, consider who in your organization has access to which apps, starting with your HR workflow. When you’re going through the employee onboarding process, make it a point to grant access to the right apps, just as you’d hand someone a laptop or other equipment when he or she starts. Alternatively, as a part of the offboarding process when an employee leaves, suspend account access on his or her last day. If employees change roles, ensure that they’re onboarded and offboarded onto the right tools, so no licenses or subscriptions are being unused.

Second, take an inventory of the external partners and contractors who have access to documents or apps in your organization. Check that each person or group has the appropriate permissions to view or edit documents, and that their logins to SaaS apps or systems remain updated if they’re no longer partnering with your organization.

Are we using our apps efficiently?

When Kate in accounting wants to test a new SaaS app, it’s easy for her to sign up for a free trial. But, if she forgets to cancel the trial, a phantom subscription could haunt the company credit card. That’s just one example of app inefficiency, and there’s plenty more you should be on the lookout for.

The key question is how are people using their SaaS subscriptions? After a month or two of use, are they abandoning them? Might be time to cancel. Are they power users that could be training other employees on the same tools? Empower them to do a lunch and learn. Are there several SaaS apps used in the same department for similar functions? Maybe one or two of them could be eliminated. Discovering these inefficiencies are key to optimizing SaaS spend and ensuring the right tools are in place to make your teams perform at their best.

Do we have the right (or any) security policies in place?

An ad-hoc, as-it-happens approach to security is all too common within organizations. The reality is, waiting until something bad has happened is a very risky approach. According to a study by the Online Trust Alliance, 90 percent of breaches are preventable with the right policies in place.

The key to establishing a good policy is removing human error from the equation whenever possible. Considering that 86 percent of people reuse passwords that were already leaked in a data breach, your organization can start with automating password management and requiring the use of two-factor authentication.

One more thing to keep in mind — if you’re going to be pursuing any compliance requirements (such as SOC 2), you’ll want to have a plan in place to know who’s accessing which parts of your systems and data, when, and why. That way, if something goes wrong, you can fall back on detailed audit trails.

Get help with SaaS management

The good news is, you don’t have to go at this challenge alone. Vendr can help you gain critical visibility into the relationship between your people and apps, providing tools to take control of SaaS usage and spend across your organization. We can help you to surface the apps your teams love to use (and some they don’t).

If you’d like to learn more about getting a handle on SaaS sprawl, check out The Blissfully Guide to SaaS Management today.