SAM in a time of SaaS

Software Assest Management

In A Time of SaaS

Software Asset Management In A Time of SaaS

Not to brag, but we’ve been writing about Software Asset Management for a long time at SoftwareONE. Which makes sense because as we wrote about in "Implementing a Software Asset Management Plan," employees across the globe have become more reliant on software for communication, organization and automation of daily operations – rendering SAM a business critical process.

However, one area we haven’t touched on as thoroughly is how SAM – both the process and the tools – has evolved, and continues to evolve, as more organizations turn from on-premises to the cloud, or Software as a Service (SaaS) applications.

Gartner reported in April 2018 that SaaS continues to be the largest segment of the overall cloud market (including BPaaS, IaaS and PaaS) and is expected to see revenues increase to $73.6 billion by the end of 2018 and constitute 45 percent of overall application software spending by 2021. According to Cisco’s Global Cloud Index for the period 2013 – 2018,59% of all cloud workflows will be delivered by the end of this year.

Further solidifying the importance of SaaS in the world of SAM is the fact that a major vendor – Flexera and ServiceNow– recently purchased Meta SaaS and VendorHawk respectively to more effectively monitor SaaS spend management. Other SAM tool providers are also acquiring SaaS solutions to bolster their existing SAM tool solution. As more companies realize a hybrid approach with their software estate, needing to manage both on-premises increasingly more SaaS applications, it is imperative that SAM processes and tools keep up in order to better manage overall cloud spend.

“IT sourcing and vendor management leaders need to recognize that SaaS subscriptions are not a turnkey fix to licensing complexity, but will increase cost risks and add to the demands on SAM.”

Nine key areas

There are 9 key areas to think about when implementing your SAM plan:

1. Spend and added costs

SaaS costs a lot. Any organization using SaaS solutions sees how quickly it grows. This is because SaaS is intentionally engineered to make it easy for employees to sign-up and invite other employees to use software without the intervention of the IT department, leading to IT procurement not having the internal financial controls over SaaS. Without an effective SaaS software asset management process, spending can quickly spiral out of control.

Published pricing may appear to be of good value, but extra fees can add up quickly. Common additional costs include extra users, customizations, integrations, third-party services, training, and set-up fees. Work with your sales rep early in the process to understand what additional charges might apply to your account. By far the best way to keep the additional costs down is to avoid customizations to functionality and integration with other systems. Also, negotiate a set rate for incremental growth as the project grows.

2. Compliance and security risks

License compliance is very different from packaged software, and it’s naïve to think that buying a SaaS solution means that there’s no longer a compliance problem. SaaS is simply replacing compliance risk with spend management risk.

If you are non-compliant with on-prem software, you waste money if audited and risk large penalties. With SaaS, you waste money if you’re not proactively managing your users or subscription levels. An example can help illustrate this: Take Adobe Creative Cloud. Do users only need 2 – 3 applications in the Creative Cloud catalog? If so, maybe it’s best to purchase a Single App version of Creative Cloud versus a Creative Cloud All Apps plan. This is the value a good software asset management consultation can give you.

Snow shares the same view with industry experts such as Gartner in their paper SAM Reaches a Tipping Point: SaaS Cost Management Eclipses License Compliance.

3. Length of Term

If the vendor wants a long-term subscription, we recommend that you start with the shortest – probably one or two years. If you do agree to a longer term of three to five years, make sure you have an out clause. Typically this would provide a window of opportunity to break the contract during a specific time window. For example, it might allow you to walk after one month of using the system but before 90 days. Another example might be the ability to break the contract if certain levels of service are not provided consistently.

4. Service Level Agreements (SLAs)

The SLA is the vendor’s commitment to keeping the system up and running. It is typically expressed as a percentage of “up time.” You will almost always see the SLA represented as 99.9% or thereabouts. However, there is wide variation in how that number is calculated.

5. Renewals

Given that the renewal process provides an important exit opportunity from a bad contract, as well as an opportunity to re-negotiate, make sure you are still in control when the renewal date comes around. Watch for an “evergreen” renewal. An evergreen automatically renews your term, usually 30 days prior to expiration. If you spot an evergreen renewal, ask to remove it. When a company refuses to remove the clause, this is a red flag.

6. Backups and recovery

If you input valuable data every day, then you will want to ensure the provider performs a backup each day. Others might back up throughout the day. The way the backups are performed is also important. Some vendors maintain numerous backups, while others maintain only one and overwrite the previous backup. Creating separate entries allows you to rollback to a prior date if necessary. This takes up a lot of space so you will probably have to ask for it specifically. The final consideration with backups is whether the data is backed up in a separate data center. Keeping it at a separate center will add a buffer against data loss in the event of a data center disaster.

7. Data export

Finally you will want to include a clause about data export. Two things are key here: you should always retain ownership of your data and you should know how to get it back. This will be most important in two scenarios:

If you want to migrate to a new system because you are unsatisfied

The vendor goes out of business and you need access to your data even before you select a new system.

The method for getting your data back will vary, but common methods include a XML, CSV, and HTML. For the very technical, a SQL export may be better.

8. Shadow IT

Shadow IT refers to technology that has been procured outside of official organizational channels and isn’t managed by the IT team. In a typical SAM plan with on-premises software you have checks and balances in place to ensure that any software purchase goes through specific procurement and approval processes.

With SaaS this isn’t always the case. Employees can simply use the company credit card to buy what they want, when they want it. This can cause serious compliance, data integrity and cost issues, as well as compromising what may already be in place on-premises.

It is vital to ensure that the SAM culture at your organization encompasses checks and balances for SaaS based applications as well, and that the SAM tool you are using can evaluate SaaS usage.

9. Total Cost of Ownership

On-premises license structure tends to be more straightforward than SaaS, as they are typically dependent on number of users and not consumption.

When implementing a SAM process and tool for SaaS, it needs to cover off on shorter upgrade cycles, how the subscription model actually works, and service renewal costs to ensure you have full visibility into what the SaaS model is costing your company.

Many organizations deploy SaaS based applications and have zero visibility into the actual cost of those applications until their cloud budget is entirely out of proportion – SAM can help reign in those costs and make sure your budget stays aligned.

SAM is for SaaS too!

SaaS based applications are only increasing throughout the business environment and it’simportant to realize that there are differences between how SAM works on-premises and in the cloud.

Good software asset management will cover the following:

  • Discovery: revealing who is using what subscription and which subscriptions are known and unknown. Our Software Asset Management services are focused on maximizing the return on software investments in the cloud.
  • Cost optimisation: Cut SaaS costs, manage license renewals and forecast spend. Take a look at how PyraCloud does this.
  • Monitoring and alert: covering activity – such as who is doing what and security – alerts for risky behavior and suspicious permissions granted to third party apps

A comprehensive SAM plan and tool will cover off on both and ensure you have full visibility and control of your assets, and the costs of said assets across the entire software estate.

Driven by SaaS solutions?

If you’re just getting started down the SAM “path” and you’re also a business increasingly driven by SaaS solutions, please visit here to learn more about our SAMSimple offering to better understanding how SAM can result in you quickly realizing the value of your SaaS investment, reign in rogue SaaS spend and reduce compliance risk.

Get all facts about our SAMSimple

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Blog Editorial Team

Trend Scouts

IT Trends and industry-relevant novelties

Related Articles

  • 15 September 2021
  • Bala Sethunathan
  • Cybersecurity, Managed Security, Cyber Threat Bulletin, Cybersecurity User Awareness
  • Cyber Threats, Ransomware, Vulnerability Management

Cyber Security Update August 2021

Accenture and Bangkok Airways suffer from a LockBit Ransomware Attack. Learn why ransomware attacks have become a favorite form of attack.


10 Ways to Optimize Your Azure Spend

SoftwareONE’s Cloud Cost Optimization helps you analyze your current Azure consumption. Discover the top 10 ways to identify real savings potential.

Handling GDPR Authorities After a Breach
  • 16 August 2021
  • Bala Sethunathan
  • Cybersecurity, Managed Security
  • GDPR, Cyber Threats, Data Breaches

Handling GDPR Authorities After a Breach

If a data breach or ransomware attack occurs in your organization, you must contact GDPR authorities. Here’s what you need to know to prepare.