Getting control of your SaaS applications and services can seem like a daunting task. So how do you make it happen? Break it down into the most important areas, tackle each one, and you’ll be back in control. Here’s the playbook for the Top 3 SaaS management actions.
Today we’ll start with an overview, and in future posts we’ll dive into each area in detail.
1. Discover SaaS Applications and Services
In order to control your online apps and services, first you have to know what you’ve got.There are lots of ways to discover what’s in use within your organization. If you are doing this on your own, here are a few ideas:
- Scan your financial systems to identify SaaS line items
- Accounting/ERP (NetSuite, Intacct, Xero, QuickBooks, SAP, Oracle, etc.)
- Expense (Concur, Expensify, ExpenseBot, etc.)
- Online banking and credit card
- Look at apps listed in your SSO (single sign-on) platform (Okta, ADFS, OneLogin, Ping Identity, Centrify, etc.)
- Examine the lists of apps people log into using their Office 365 or G Suite credentials, if you use those platforms
- Ask your fellow team members
- Which apps they use
- Which apps they love and which apps they hate — that will get them thinking
- Ask the InfoSec team to generate a report from your CASB (cloud access security broker such as NetSkope, CloudLock, BlueCoat, etc.), if you have one
Now you’ve got a list. Since you’re doing this on your own, it’s almost certainly in a spreadsheet. And although there’s no way it’s a complete census, you’ve got a great starting point.If you want to quickly get a more complete picture, and avoid a lot of running around chasing people down to fill in your spreadsheets, use an automated SaaS management tool like Alpin.
2. Optimize SaaS Costs
Once you’ve got the list, you can prioritize by spend and by user base. The next step: add in more information so you can find opportunities to cut costs.Start by pulling together all your contracts, billing emails, receipts and financial reports, so you can map out the payment history for each subscription, and get a sense of upcoming costs. Again, if you’re doing this on your own, start by focusing only on a few top-priority apps.For each application or service, find out the actual usage over the past few months (at least), as well as expected usage. The most basic way to estimate past usage is to survey users, but there are obvious drawbacks. A better method is to log in as admin to the app’s portal and examine the most recent login date of each user.
A more extensive analysis can go beyond logins to also examine activity levels and types.However deep you go, you can then follow up with the users and/or their managers (who may be paying the bill) to determine whether the user should continue to have access, or have their license reassigned or terminated. This can represent significant cost savings — for example, our customers have saved hundreds of thousands of dollars optimizing a single app.Once you have the basic cost analysis done, you can take it to the next level — especially if you have a SaaS management tool that automates the data collection, processing and reporting. Here are some objectives you can accomplish:
- Comply with license requirements
- Eliminate redundant apps
- Manage your renewal calendar
- Understand how much an employee costs when factoring in all those apps
3. Monitor SaaS Activity and Security
SaaS management is not just about knowing what your teams are using, or about optimizing the financial aspect of your subscriptions. To truly be in control, you have to govern your organization’s SaaS usage and exposure. That means you need to know who is using which applications and services, when they are doing so, how they are doing so, and what vulnerabilities they are introducing. If you’re doing this on your own, pick your battles carefully. Focus only on a handful of apps that are most used, most likely to invite a security problem, or most costly.For each app, set a schedule to log into the portal so you can examine user activity. Each application and service will have different metrics to analyze. Decide what you want to track, and set up a spreadsheet or other reporting tool to house and report on the data. Here are some examples:
- Office 365
- Emails sent and received
- OneDrive documents added, edited, deleted
- Contacts created, edited
- Emails sent and calls made to prospects
- Deals closed
To monitor security, define scenarios that represent risky actions and the presence of dangerous applications. For example, someone might publicly shares a document from the Finance folder, or might add an application that can view all their (potentially confidential) calendar details. Then examine user activity to detect when these scenarios become real.
You could supplement these efforts with a CASB, but be prepared for very significant efforts to install, configure and monitor the system. And recognize that a CASB cannot and will not detect all security risks. Whichever path you choose, you will definitely be more informed than before.To bypass this manual process with its significant effort and limited visibility, consider using an automated SaaS management tool such as Alpin. This way, you can get summary and detailed reports about activity across many applications and services, as well as real-time alerts to security issues.
There you have it: your top 3 SaaS management actions! Start with knowing what you’ve got, then extend into costs, activity & security. Whether you choose to manually collect the data or use advanced tools, your path to mastering your SaaS landscape starts by recognizing that online software is growing fast, and that now is the time to take control. Contact us.
Stay in touch by subscribing to our weekly roundup – which includes news, useful tips about SaaS apps, and our latest blog posts.