SaaS solutions offer enterprises unprecedented cost savings, scalability, resilience, flexibility, speed, and accessibility. But in many enterprises, the growth of cloud-based applications takes place uncontrolled. Many employees subscribe to cloud-based applications without going through the IT team. Any enterprise cloud policy that exists remains on paper. Soon, SaaS sprawl, or the excessive use of SaaS applications without proper oversight or management, sets in.
The justification for SaaS sprawl is business exigencies. Today, most employees work under severe time pressure in a very competitive business environment. They cannot afford the delay associated with the formal process routed through the IT department.
SaaS sprawl may deliver immediate benefits to the subscriber. But it creates inefficiencies and complexities at the enterprise level.
Uncontrolled SaaS sprawl leads to extra costs instead of the cloud saving money for the enterprise. The business ends up paying for multiple subscriptions for similar or overlapping functionalities. Integration of different applications becomes challenging and costlier. The extra costs increase overheads. Worse, unapproved SaaS applications may have weak security protocols. The enterprise becomes more vulnerable to data breaches and malware attacks. Compliance with data privacy regulations is another causality.
Another set of challenges is technical debt and integration. Each SaaS solution has its independent ecosystem of people and practices. A typical enterprise with SaaS sprawl engages with more than 100 vendors. The hotchpotch of multiple vendors, contracts, and support models is the perfect recipe for chaos. The specialised skills required to support each SaaS application lead to knowledge silos within IT. It becomes difficult to maintain a cohesive and efficient operation.
CIOs cannot expect to tackle SaaS sprawl by issuing policies. They need to take proactive, workable approaches that do not interfere with the core business functions.
Ensure visibility and conduct audits
The first step in controlling SaaS sprawl is identifying all the running applications. Thanks to shadow IT, many enterprises have more applications running than they think they do.
Create a comprehensive inventory of all SaaS applications. SaaS management platforms or cloud access security brokers (CASB) do the job. The 2023 IDC SaaS Path research reveals that 67% of businesses with over 1,000 employees deploy a SaaS management platform. Deploying lightweight agents on devices enables monitoring application usage. Implementing single sign-on (SSO) also makes explicit all the applications users access.
Review financial statements to unearth cloud spending. Many departments use their financial autonomy to subscribe to SaS services. As such, a comprehensive audit needs to cover departmental spending as well.
After ensuring complete visibility, perform audits to rationalise applications. Make sure the audit exercise:
- Identify underused apps and apps that no longer serve their intended purpose. Consolidate or eliminate such apps.
- Prioritise apps based on usage metrics, criticality, cost, and feature overlap. This provides a roadmap to eliminate redundancy and inefficiencies.
- Review subscription plans and negotiate with vendors to optimise SaaS costs. Pay special attention to the licences.
Conduct such a network visibly and review periodically since SaaS sprawl is ongoing.
At times, SaaS sprawl sets it due to mergers and acquisitions. A proactive attempt to rationalise the SaaS applications post-merger controls the sprawl. Expedia Group offers a good case study. The company grew into 21 separate travel brands, each with its tech stack and SaaS providers. Addressing the ensuing SaaS sprawl took three years of hard work to re-evaluate all the SaaS providers across brands. The process cut down redundancy and simplified the complex set-up.
Enforce centralised procurement
The number one reason for SaaS sprawl is a faulty enterprise cloud strategy. The crux of such a faulty strategy is often centralised procurement.
Enforce centralised procurement and management to the extent possible. SaaS sprawl occurs when centralised procurement breaks down, or the enterprise does not practise it. To make centralised procurement work:
- Establish a clear process for approving and reviewing SaaS subscriptions. Create an assessment framework that evaluates the alignment of the new SaaS solution with the existing tech stack. Take input from both IT and key business stakeholders to ensure need and viability. Make the approval process friction-free and quick. In most cases, the bureaucratic attitude of the IT team and the associated delays lead to shadow IT and SaaS sprawl.
- Educate employees about the potential problems of SaaS sprawl. Make them understand the long-term implications of shadow IT. Convince them how SaaS sprawl will negate any short-term benefits they enjoy. The best policies and initiatives fail without the support of the rank-and-file users. Issuing blind orders often turns counterproductive.
- Identify and standardise a core set of SaaS applications to meet common needs across departments. Whitelisting apps allow direct subscriptions, negating the need to look for workarounds.
- Communicate the existing SaaS applications used at various company levels to all employees. When employees can use an available application, they will not look for duplicate subscriptions.
Overcome integration challenges
One of the ill effects of SaaS sprawl is the challenges associated with integration. Shadow IT SaaS apps do not integrate with the other enterprise systems, creating silos. Valuable information remains trapped in these silos, rendering data access and analytics incomplete. Such silos can cost the enterprise in today’s data-driven information age. Ensuring all these SaaS applications integrate makes SaaS sprawl a non-issue.
Adopt the following approaches and techniques to make integrations a smooth affair:
- Use proprietary off-the-shelf integration platforms available in the market. These may, however, be expensive for most businesses.
- Use APIs. APIs, when available, are the most cost-effective and easiest option.
- Develop custom codes to provide integration capabilities. Though custom codes may take extra effort, the overall benefits may make it cost-effective.
- Integrate the data in different SaaS silos, leaving the applications alone. Effectiveness depends on creating dedicated pathways to ensure real-time data flow to centralised hubs. The legacy batch processing approach becomes unsuitable in the changed realities.
Regardless of the approach, establish clear integration guidelines to simplify the process. Clear and comprehensive guidelines reduce the risk of vulnerabilities arising from non-standard integrations.
The SaaS market is worth $232 billion in 2024, and SaaS management has become a top priority for many enterprises. Proactive and detailed SaaS management addresses the challenges of SaaS sprawl.