Organisations today face a multitude of challenges when it comes to managing their ever-expanding SaaS (Software as a Service) estate. These challenges can be broadly categorised into two main groups: those related to compliance, including security, regulatory, and usage concerns, and those associated with efficiency. To effectively address these challenges, organisations need a robust governance model that encompasses both compliance and efficiency.
We answer some of the most frequently asked questions we are asked about overcoming these challenges.
One of the initial obstacles organisations must overcome is indeed understanding the true extent of their ungoverned SaaS applications and the associated risks. Surprisingly, a significant portion of SaaS products often goes unnoticed by central IT governance, with an estimated 60% of SaaS applications falling into this category. To make matters more complex, around 10% of SaaS products are not used or have been forgotten by the departments that originally purchased them.
This lack of visibility into the SaaS landscape leads to a range of issues, including security breaches, compliance violations, and cost inefficiencies. Without a comprehensive view of their SaaS footprint, CFOs and CIOs find it challenging to manage and report on their organisation's digital costs accurately. This lack of control can hinder efforts to demonstrate a meaningful return on investment (ROI) for technology expenditures and track progress in digital transformation.
Business units are increasingly approached directly by SaaS vendors, and if a solution makes sense, they have the capacity to make informed decisions about its adoption. However, what they may not be fully aware of are the risks associated with SaaS, including security, legal terms and conditions, negotiation best practices, renewal processes, and potential redundancies in the software stack.
The critical factor in achieving the right balance is the implementation of a well-defined governance model. While the approach to managing SaaS may vary depending on factors like cost, size, and the number of users, a gradual shift from centralised IT management to greater business unit autonomy can be a sensible strategy. Regardless of the specifics, a robust governance model must include a clear SaaS catalogue and a non-negotiable security and terms-and-conditions approval process for all SaaS acquisitions.
Given the diversity in SaaS models, adopting a "one size fits all" governance framework is highly ineffective. Organisations must tailor their SaaS management strategies to accommodate the various types of SaaS products in their portfolio.
Tier-1 SaaS products are used across the entire organisation and often come with high costs and complex licensing and compliance requirements - they represent 2 to 5% of purchasing transactions and 80% of overall SaaS cost. These solutions, such as Salesforce, Microsoft, and ServiceNow, typically fall under the scope of IT and require expert management.
On the opposite end of the spectrum are Tail-End SaaS products. While they constitute the majority – on average 80% of purchasing transactions, they usually account for less than 30% of overall SaaS costs. Business units are often responsible for managing these solutions, but they still require security and legal oversight, along with adherence to official purchasing processes.
Tier-2 SaaS products fall between the previous two categories. They are used by multiple business units and are gaining significance in terms of users and cost. Managing Tier-2 solutions needs collaboration between IT and business units.
To effectively manage this diverse SaaS landscape, organisations should employ experts for Tier-1 and Tier-2 solutions, focusing on cost governance, licensing compliance, and usage optimisation. Meanwhile, Tail-End SaaS products benefit from improved governance, cataloguing, security, legal approval processes, and purchasing efficiency, as well as business owner identification, redundancy elimination, proper renewal management and purchasing/transaction efficiency.
While different, managing a modern portfolio that encompasses classic software, SaaS, and enterprise solutions complements traditional Software Asset Management (SAM) and IT Asset Management (ITAM) practices.
The shift to the cloud and the emergence of FinOps have introduced a new paradigm. FinOps advocates for "Inform, Operate, Optimise" management phases and emphasizes accountability and broader stakeholder engagement. Unlike traditional on-premises software, SaaS often doesn't require IT technical support, can be purchased via various channels, and is financed differently, through operational expenses (OPEX).
To effectively manage this hybrid landscape organisations should implement a 360° Smart Portfolio Management initiative. This initiative covers legacy management, new technology adoption, and application modernisation strategies, applying the "Transformation 7Rs" framework (Rehost, Relocate, Replatform, Refactor, Repurchase, Retire, and Retain) to the overall application portfolio. Therefore, to master SaaS management, one has to apply the FinOps methodology over the known software landscape.
In the rapidly evolving landscape of SaaS management, organisations must reconsider and redesign their end-to-end strategies. To achieve successful SaaS estate management in the modern era, several key ingredients are essential:
Compliance, especially regarding security, legal, and regulatory policies, should not be up for debate. Every SaaS product must undergo the necessary approval processes. The key is to make these processes quick and efficient, ensuring no bypass from business units toward the established protocols.
SaaS is a critical component of an organisation's digital investment, and CIOs, CFOs, and CEOs must have clear and predictable visibility into all digital costs and their ROI. What was once called Shadow IT should be viewed as "Business-chosen digital adoption."
Balancing control and freedom is the secret to garnering general adherence to governance practices. A pragmatic approach that accommodates the specific needs of business units for different SaaS products is vital.
Managing the overall software and SaaS portfolio governance incurs costs and needs thorough change management. This is an integral part of achieving a positive ROI on digital adoption, and C-level executives should be prepared to allocate resources and competencies accordingly.
SaaS applications are pivotal enablers of modern business success. While business units need agility and the freedom to adopt SaaS solutions rapidly, organisations must strike a balance by enforcing non-negotiable compliance, maintaining financial control, implementing realistic governance, and allocating the necessary resources to budgeting. In this era of rapid digital transformation, these ingredients are crucial for successful SaaS estate management.
SoftwareOne offers a range of services and solutions designed to support comprehensive SaaS management. Our approach begins with an advisory phase meant to understand our clients' existing investments and ITAM/SAM/FinOps maturity levels. From there, we help them define a roadmap covering technological and commercial architecture, optimised governance model, potential adoption and change management to achieve optimal ROI. It's important to note that there's no one-size-fits-all solution for end-to-end SaaS management, and customisation is key.
For SaaS discovery and management tooling, we collaborate with leading ITAM, SaaS Management, and Financial Operations (FinOps) technology partners. This includes well-known names like ServiceNow, Flexera, Snow, Apptio as well as niche players such as Beamy and Xensam.
There's no one-size-fits-all solution for end-to-end SaaS management. Customisation is key. Work with SoftwareOne to understand your existing investments and maturity levels, avoid risks and achieve cost optimisation.
There's no one-size-fits-all solution for end-to-end SaaS management. Customisation is key. Work with SoftwareOne to understand your existing investments and maturity levels, avoid risks and achieve cost optimisation.
