Leaders who jump into SaaS eventually come to realize that an unmanageable digital estate leads to all sorts of business risks. An unruly sprawl of untamed applications and cloud services can quickly become an angry nest of snakes, potentially causing serious harm to your organization.
While these risks manifest differently across organizations, most have experiences with one or many of them. People find and use the tools they need at work. But who’s watching? Who’s controlling software spend? What about overlapping capabilities across departments? Often departments have no idea what others are using in the cloud. And unused licenses – who knows? License violations? Security…?
From software spend to license violations to visibility and security, the risks that SaaS Sprawl open up are critical enough to demand attention from the executive level.
SaaS sprawl can spawn more problems like ‘Data Sprawl’, which is when your app data is sprinkled around the cloud ecosystem, yielding even more risk. These can expose your organization to privacy violations, especially in light of higher data protection standards such as GDPR, already in place, and the California Consumer Privacy Act (CCPA), which will take effect at the end of the year.
Then there are department-specific sprawl issues. For example, the HR workflow is laden with permissions-based processes that give rise to potential problems with access security. Each time a new employee is onboarded, they must be granted managed access to the apps and systems they need. The same process happens in reverse during the offboarding process: when employees leave, what doors are being left open, exposing the company to risk? Is consumption and access being tracked when employees change roles? Consumption is a troublesome security issue, but it also comes into play when you’re figuring software spend. Is the organization paying for licenses that are sitting there, unused, after people change roles or leave?
These types of issues and concerns are duplicated across every department. Without a solid plan for management and control, it can all get out of hand quickly, exposing an organization to serious harm. Even enterprises who have large IT central departments will find their resources spread too thin when managing thousands of apps. And even if they could handle the sprawling digital estate, it would leave them with no time to fulfill more important goals like guiding the organization through the steps of digital transformation.