SaaS discovery methods Archives - Snow Software https://www.snowsoftware.com/blog/tag/saas-discovery-methods/ The Technology Intelligence Platform Thu, 06 Apr 2023 18:28:53 +0000 en-US hourly 1 https://wordpress.org/?v=6.4.3 https://www.snowsoftware.com/wp-content/uploads/2022/01/cropped-cropped-snow-flake-32x32.png SaaS discovery methods Archives - Snow Software https://www.snowsoftware.com/blog/tag/saas-discovery-methods/ 32 32 The Heavy Price of “Free” SaaS Applications https://www.snowsoftware.com/blog/the-heavy-price-of-free-saas-applications/ Fri, 17 Mar 2023 16:53:21 +0000 https://www.snowsoftware.com/?p=10230 As organizations continue to adopt SaaS applications at an accelerating pace, there’s a growing focus among IT leaders on cost optimization to eliminate the waste associated with SaaS subscriptions. Gartner® estimates the average company wastes 25% of their SaaS spend on licenses that go unused. But what about free SaaS applications? Employees routinely download free […]

The post The Heavy Price of “Free” SaaS Applications appeared first on Snow Software.

]]>
As organizations continue to adopt SaaS applications at an accelerating pace, there’s a growing focus among IT leaders on cost optimization to eliminate the waste associated with SaaS subscriptions. Gartner® estimates the average company wastes 25% of their SaaS spend on licenses that go unused.

But what about free SaaS applications? Employees routinely download free SaaS applications and incorporate them into their daily work. However, given the millions of dollars that organizations are spending to purchase SaaS, it can be tempting to overlook the free apps that aren’t directly impacting the bottom line – not yet, at least.

Unfortunately, free SaaS applications can ultimately lead to a heavy price tag. Security breaches, regulatory fines, data loss and unexpected license costs are all potential outcomes of unmonitored, free SaaS use. 

The challenges surrounding free SaaS apps

Getting a handle on free SaaS use in an organization’s IT environment is easier said than done. Almost by definition, free apps are accessed outside of IT. In fact, they’re often accessed outside of the business unit and are simply the result of individual users or groups of users deciding to download software.   

Even if an organization is leveraging a SaaS management platform (SMP), there’s no guarantee they’ll uncover free SaaS applications. Most SMP discovery methods have a blind spot when it comes to free SaaS.

Financial records, for example, are a source of discovery for many SMPs. The platform connects to an organization’s procurement or accounts payable systems and looks for keywords associated with known SaaS vendors. But if you’re not paying for the app, it’s not going to show up on an expense report.

Single-sign-on (SSO) connectors are another popular discovery method. Data from this source shows logins for known applications that are accessed via an SSO platform, such as Okta or Microsoft Azure AD. However, free applications used without the knowledge of IT aren’t going through an SSO platform.

Finally, like SSO discovery, API connectors to vendor portals are useful for getting information on apps IT already knows about. They’re not going to provide any information on free apps downloaded without IT’s awareness. Despite best efforts to manage their SaaS, organizations are still left in the dark, and that leaves them vulnerable to a host of risks.

Security vulnerabilities

Security is a concern with any cloud software, but when IT is aware of the application, it can take steps to mitigate the risks. Adding the application to an SSO platform is a great place to start. As mentioned above, however, free SaaS apps aren’t going through an organization’s SSO for access. That means users are selecting their own passwords, which are often weak and present attack vectors for would-be hackers.

Another potential security vulnerability comes in the form of misconfigurations. SaaS apps have multiple settings options to control admin privileges, data protection, encryption and more. A single misconfiguration can dramatically increase the risk of a security incident. 

Data concerns

Protecting the data and privacy of employees and customers is the thrust of numerous laws that vary by geography and government entity. To ensure compliance, it’s imperative to know what data is being shared with your software vendors and what policies those vendors have in place to handle and protect data. Steering clear of regulatory missteps is a shared responsibility between customer and vendor, and if you’re not aware of all the vendors with access to your data, you can’t possibly ensure those responsibilities are being met.

Then there’s the issue of data ownership and what happens to your data when you decide to no longer use the app. Is there a process for retrieving it? Does the vendor have the right to retain the data? Answers to these questions are found in the service-level agreement (SLA), but you’re not able to review the agreements for vendors you’re not aware of.

Unexpected costs of free SaaS apps

Most SaaS applications that are free are only free up to a point. Once some predefined threshold is met, the vendor expects to be paid for the software.

For example, some apps are free for personal use, but there’s a requirement to pay for commercial use. Consequently, if an employee uses a free app at home and later begins using it at work, perhaps even converting some colleagues, you could be exposed to unexpected license costs.

Many SaaS vendors offer a freemium pricing model where certain minimal functionality is offered for free, but additional functionality comes at a price. After using the free features for weeks or months, employees often realize that additional functionality is required to meet business objectives. After investing so much time and energy in the app to that point, transitioning to an alternative can be more costly than paying the original vendor.

What are organizations supposed to do?

Fortunately, there’s a solution to these challenges, and it starts with visibility. Simply being aware of the free SaaS applications in your environment allows you to get ahead of these issues, address any data and security concerns before they pose a problem, and prevent unexpected licensing costs from busting the budget.

At Snow, our combination of SaaS discovery methods ensures that you have visibility into not only known and paid apps but also the unknown and free apps that are often hiding in the shadows. Learn more, or request a demo to see firsthand how we help customers eliminate the dangers of free SaaS.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

The post The Heavy Price of “Free” SaaS Applications appeared first on Snow Software.

]]>
How to Find the Right SaaS Discovery Method for Your Organization https://www.snowsoftware.com/blog/how-to-find-the-right-saas-discovery-method-for-your-organization/ https://www.snowsoftware.com/blog/how-to-find-the-right-saas-discovery-method-for-your-organization/#respond Thu, 24 Feb 2022 21:35:15 +0000 https://www.snowsoftware.com/?p=6491 There are multiple methods of capturing SaaS details and depending on your goals and technologies in use, some may be more appealing than others. Learn which method is right for you.

The post How to Find the Right SaaS Discovery Method for Your Organization appeared first on Snow Software.

]]>
Before you can find the right SaaS discovery method for your organization, it’s important to learn why finding out your organization’s true SaaS application usage is important. Here are three of the most common reasons why you need an accurate understanding of usage. 

1. Reducing riskUnless you’ve locked down access to the internet, your employees are very likely not going through your formal procurement or SSO to use SaaS applications. Applications not vetted by IT security might not be secure and your employees may not be using strong passwords.

2. Removing complexity. The complexity caused by redundant applications and multiple contracts with the same vendor is a challenge, especially for organizations with distributed IT and procurement and frequent M&A. This “SaaS sprawl” is the biggest challenge in managing SaaS applications, according to a Snow survey of IT leaders.

3. Optimizing cost. Around 30% of SaaS cost is wasted due to unallocated or unused licenses. With SaaS, vendors bundle functionality in tiers. You may be paying for a more expensive tier than you need.

Read more about the importance of understanding how many sanctioned, unsanctioned and free SaaS applications are used in your organization here.

Comparing SaaS discovery methods

Now that you’ve considered your goals for managing your SaaS environment, your next move is to learn how to collect this information so your organization can actually reduce costs, remove complexity and identify risk. There are multiple methods of capturing SaaS details and some may be more appealing than others, depending on your goals and technologies in use. Your specific goals for SaaS app discovery will impact your discovery methods.

Check out the tables below to learn more about each of the methods and their benefits and identify which method is right for you.

SaaS Discovery Methods
Discovery MethodDescription and Benefits
Vendor APIThis discovery method is a great option for SaaS applications in which you need to stay on top of license allocations and usage. This method sometimes offers the ability to see usage of specific features and products, so you’ll have the data to downgrade from expensive license tiers if employees are not using the functionality. The downside of using vendor APIs is that you are dependent on the vendor publishing usage data and obtaining it in a readable format to consume if you’re not leveraging a SaaS management tool.  
Agent Agents are traditionally used to capture installed software. Some SaaS vendors price application tiers aligned from where the application is used. For example, Microsoft 365 E1 licenses are priced for accessing applications online, but the more expensive E3 license allows users to access applications online and install them on their desktop/PC. The value in detecting from where applications are accessed is the ability to potentially downgrade employees from a more expensive license tier. 
Browser ExtensionThe main benefit of detecting application usage with a browser extension is the ability to obtain information on shadow SaaS or unsanctioned and unvetted application use. With access to the internet and a credit card (or not), employees are able to try and use SaaS applications with ease. This discovery option may not be ideal for some organizations, especially those in Europe with privacy rules and workers councils, unless the data captured can be anonymized. Anonymized data does offer some value in terms of providing an understanding of the scope of risk.  
SSO PlatformsThis discovery method works well to detect usage for known or sanctioned applications. SSO data normally captures last login but does not provide usage details at the application feature level. Such information can help you assess premium tier downgrade opportunities.  
CASB PlatformsWith the recent increase in SaaS usage, CASB platform usage is becoming more mainstream. CASBs give organizations the ability to restrict and control access to cloud services from trusted users and devices. CASB tools are great at finding shadow SaaS usage, and blocking or restricting use. CASBs are excellent and identifying and mitigating risk. 
Financial SystemsFinancial systems can provide much information about the SaaS applications you’ve paid for, including a decent inventory of these applications and contract information that is very valuable when preparing for renewals, consolidating contracts, etc. Financial data, however, can be tricky to automatically normalize, and it often requires human review. The lack of usage data and the inability to detect use of free or incorrectly expensed applications also may be possible downsides of this discovery method. 
Network TrafficYou may be able to capture application traffic within your network by using network monitoring tools. With most employees working from home and many not accessing VPN every day, this method of obtaining visibility to all SaaS application usage is not the best alternative for today’s working-from-home environment.  
Mobile Device ManagementMany SaaS applications are often accessed via mobile devices. Organizations issuing mobile devices and centrally managing them through a mobile device management platform could obtain some visibility into SaaS applications usage on those devices. 

Combining discovery methods

In order to fulfill all use cases outlined above (reduce risk, remove complexity, optimize cost), you may need to employ multiple discovery methods. It is important to note that combining methods increases the accuracy and value of the data collected. Here are some examples you can put into practice:

  • Identify applications that are not going through SSO. Capturing usage via browser extensions will inform you of all applications in use. You can then compare this data with applications in use via your SSO platform and determine if there are applications that should be going through SSO.
  • Identify users with individual licenses that should be leveraging the corporate agreement. You may have a corporate agreement in one business unit and can detect usage by connecting to the SaaS API, but other business units may be using individual accounts of the same software.
  • Assess the value of unused/under-allocated licenses/redundant applications for renewal and rationalization conversations. By marrying application usage data with contract financial details, you’ll have a better understanding of how much these unused premium licenses, unallocated licenses and redundant applications are costing your organization.

Learn more about the benefits of tracking SaaS usage for both paid and free applications and see how Snow can help with SaaS discovery. 

The post How to Find the Right SaaS Discovery Method for Your Organization appeared first on Snow Software.

]]>
https://www.snowsoftware.com/blog/how-to-find-the-right-saas-discovery-method-for-your-organization/feed/ 0