Navigating product bundles

Let’s start with product bundles. SaaS providers typically have widely disparate pricing depending on which tier of service you select. When they add functionality via acquisition, that often affects how they bundle features and functions within tiers and how they price those tiers. Complete visibility into your SaaS environment is crucial to negotiate effectively with SaaS vendors and avoid overpaying for features your employees don’t need. Login or billing information isn’t enough.  

Gather data at the user level where you can discover paid as well as free applications and see which features users are accessing. A clear picture of the software you have, how your employees are using it and the value it’s providing to them is essential. You’ll be in a better position post-acquisition if a vendor presents new pricing based on new tiers and functionality. It’s easier to distinguish new capabilities that may represent a gap to be filled or features you can live without.  

Take Adobe Creative Cloud, for example. They have two main bundles — Single App, and All Apps. When an employee is using at least three apps, it generally makes sense to purchase the All Apps bundle. The cost difference between the two bundles is around $50.

Adobe may decide to bundle Figma into Adobe Creative Cloud. Let’s say that’s the case. You’re an Adobe Creative Cloud and Figma customer with employees using more than three apps on the All App bundle. You’ll get even more value from your investment and can cancel your Figma subscription. If, however, an employee is only using Figma and one additional app, the Single App license may make more sense. It’s critical to have that visibility into usage. Not only will you choose correctly for each employee, you’ll capitalize on SaaS savings after M&A events like this one.

Managing volume discounts

Most software and SaaS providers offer pricing discounts based on how many licenses you purchase. When a centralized IT department purchases all software, it’s easy enough to track purchases with each vendor and negotiate accordingly. Nowadays, that’s rarely the way things work with SaaS procurement. Business units and even individual employees are making purchasing decisions independent of IT more than ever.

When two well-established vendors like Adobe and Figma merge, you might find that you’re suddenly a much larger customer of the combined entity than you were of each vendor individually. It’s critical to have complete visibility into all SaaS in use throughout the organization when that happens. With it, you can negotiate from a position of strength and leverage your size to achieve pricing power. 

Taking advantage of competition

When one company acquires another, there are any number of ways the new, combined entity can take shape. The options range from business as usual to complete integration and everything in between. Regardless, the new, combined company will have an interest in making sure its customers use as many of its offered capabilities as possible. 

If, for example, you’re using a competitor of the acquired company, you may find there are incentives available if you switch. Once again, complete visibility into your current SaaS environment puts you into the best position to take advantage of this opportunity if it arises. 

The future of SaaS savings after M&A

To learn how Snow Software provides visibility into SaaS environments, you can review our guide to SaaS discovery methods. Interested in more? Check out how Snow addresses SaaS management to optimize software costs.

The post Adobe/Figma Merger: Three Tips for SaaS Savings After M&A appeared first on Snow Software.

The growth in demand for SaaS applications has exploded in the last few years and is forecast to continue rapidly. It’s also coincided with a mass movement of technology purchasing from central IT organizations to business units. In fact, according to the Snow Software 2022 IT Priorities Report, 86% of IT leaders report that business units are under significant stress because they’re unaware of all purchased cloud and SaaS. Though this level of self-sufficiency alleviates some of the burden on IT, it also creates an entirely new set of risks. IT must eventually face these challenges, especially when it comes to SaaS security. A recent Snow survey of IT leaders uncovered the #1 SaaS management priority is managing the security of SaaS applications. Whether they arise from misconfiguration, regulatory non-compliance or other issues, SaaS security threats are as plentiful as they are severe.

Application risk assessment 

To have a secure supply chain, your procurement process requires a risk assessment for new applications. During the risk assessment, your security team will be looking to understand how customer data is isolated, how data is encrypted, identify protections and user access reviews, data transit design, how the vendor protects confidential information and so on. 

This aspect of the procurement process is critical to keep your employees’ and customers’ data secure and protect your organization against security threats. So how is that protection impacted if the procurement team does not know about all the applications used in the environment?  

To perform proper risk assessments, your team needs to be aware of all the applications used across your organization, regardless of how the software was procured. There are also multiple departments who sign up for free trials and free services (like ChatGPT) that could cause security issues.  

SaaS misconfiguration

Most organizations have hundreds, if not thousands, of SaaS apps, many of which are unknown to IT. Each SaaS tool comes with many settings to control everything from data protection to encryption to admin privileges and beyond. With these numbers, it’s easy to see how the math — and your security — can get out of control very quickly.  

Just one misconfiguration is enough to present an attack vector. The Cloud Security Alliance conducted a recent survey in which 43% of surveyed organizations have had one or more security incidents due to SaaS misconfiguration. Take, for example, this story of a global permissions misconfiguration. This incident exposed NASA and hundreds of Fortune 100 companies to data leaks.  

Managing this challenge is difficult enough when a central IT organization handles it all. Think of the risk for business users who aren’t trained to routinely check configurations. Without visibility into what SaaS applications are in use, it’s impossible to properly configure all the software in the organization to protect sensitive data and IP.

Weak passwords

SaaS apps purchased outside of IT often bypass your SSO platform, leading to weak passwords that present another attack vector for hackers. According to research from Digital Shadows, over 24 billion username and password combinations are in circulation in cybercriminal marketplaces. That’s a 65% increase from the previous report in 2020.  

Vulnerable personal machines and software can pave the way for a security breach, which makes utilizing your SSO platform essential. Remember, though, that not all SaaS apps will integrate with the SSO platform you’ve chosen. Discovering what’s in use throughout the organization sooner rather than later can help you identify risky applications before they take hold and before switching to an alternative would be particularly disruptive.  

Access control

Remote work, workforce mobility and the number of applications in use can make offboarding a challenge for any IT department. Add into the mix hundreds of SaaS apps outside the reach of IT and managing access can quickly become untenable.   

When evaluating the security of your offboarding procedures, check if you have solid processes for removing a departing employee’s access to all applications and their corresponding data. Don’t forget to establish data removal processes for SaaS applications that the business unit or the employee directly purchased, too. 

As demonstrated by this story from August 2021, a single disgruntled former employee with access to applications and data can harm a business. In general, business units are simply ill-equipped to manage a comprehensive offboarding process properly. The combination of these factors can leave your business vulnerable to a costly breach.

Regulatory non-compliance

Governments around the world have various laws and regulations designed to protect the data of your employees and your customers. These laws vary by country (or even state) and by data type.

When it comes to SaaS applications, complying with data privacy regulations is a shared responsibility, and failure to comply can result in hefty fines. These fines can climb to tens of millions of dollars in some cases. Therefore, it’s critical to know what SaaS applications are in use and to have the following questions answered from each vendor:

• Who has access to the data? 
• What policies and procedures does the provider have in place for data handling?  
• How does the provider ensure they comply with all laws and regulations around data protection?  
• What happens to your data when your contract with the provider expires?  

Armed with this information, you can begin to put in place the necessary processes and procedures to ensure compliance.  

Visibility is the key

With so many potential pitfalls associated with SaaS applications, just hoping that there won’t be a security incident simply isn’t an option. That doesn’t mean that IT must prohibit business units from procuring the tools they need to be successful. It simply means IT needs visibility into which tools business units choose, who is using them and what data the tools will access.  

There are many different methods for discovering SaaS within an organization. You can comb through accounts payable, leverage SSO and pull data via vendor APIs, just to name a few. Without focusing on the user, however, there will always be blind spots. 

Valuable resources

If you’re concerned about SaaS security or your ability to understand the extent of SaaS applications in your environment, review “Gartner^® Predicts 2022: SaaS Dominates Software Contracting by 2026 — and So Do Risks.” In this report, Gartner examines four key strategic planning assumptions. They also outline how to plan, analyze, budget and manage risk as organizations increasingly adopt SaaS applications.

Additionally, we invite you to learn about the Snow approach to SaaS discovery and how it can give you the complete picture of both paid and free applications. With this view, you’ll have the information to properly evaluate your organization’s SaaS security and what measures you should take to mitigate risk.

The post How to Identify and Tackle SaaS Security Issues appeared first on Snow Software.

Even with shrinking budgets, organizations occasionally make fatal errors when they cut in the wrong areas. With a quick slash of the IT budget, your organization could run the risk of opening itself up to some serious vulnerabilities. So, what makes sense going forward? Costs have to be optimized, but how can you do that efficiently without negatively impacting your business? 
 
A SaaS management platform is a wise investment during these tenuous times and can continue to deliver cost savings well into the future. Here are a few solid arguments you can present to your executive team when rationalizing the cost of a SaaS management platform (SMP). 

A SMP will allow you to gain visibility into where your SaaS spend is being wasted and where it is put to good use.

Nearly 25% of SaaS spend is wasted on unused licenses.

SOURCE: Gartner®

Nearly all organizations overspend on SaaS and by a significant amount. It’s a no brainer to want to reduce wasted spend, but it is very hard to identify potential areas to save without a full view of your SaaS landscape. Manual discovery methods are not reliable and very difficult to scale across your organization.  
 
SaaS management platforms vary in the ways they discover SaaS applications, and those variances can affect the benefits they provide, but the right SaaS management platform will utilize the discovery methods listed below to provide a comprehensive view:

• Single sign-on (SSO) platforms 
• API connectors 
• Agents 
• Cloud access security brokers (CASB) 
• Browser extensions

You can use a combination of those discovery methods to bring clarity to your SaaS portfolio, so you can better rationalize, secure and govern SaaS usage. Visibility is the critical first step into gaining control over SaaS sprawl. 

After you’ve gained visibility across your SaaS landscape, a SMP can allow you to take a deeper dive into SaaS usage details.

With a new, sweeping view into your SaaS landscape through a SaaS management platform, you can get serious about the details. Another major advantage of using a SMP is that you can gain granular insights into how a SaaS app is being used at your organization. If you’ve previously been relying on financial records to discover SaaS applications, you know you can’t see any real details about how a user is interacting with specific tools you’re paying for. 

A SMP provides you with software usage data. A software metering tool can monitor how long an application was in use, how often users logged into apps and the details on which features were utilized. This provides cost savings insights well beyond understanding licenses paid for versus licenses allocated. 

Armed with SaaS usage details, a SMP can enable you to optimize your costs, and rationalize your SaaS portfolio.

With SaaS usage data, you can compare purchase and entitlement data to identify areas of overspend and ensure your organization runs with just the right amount of technology. This information is especially valuable during license renewals, since organizations are able to rely on actual usage information as opposed to just re-upping for the same volume as the last contract. A SaaS management platform will make it easy to discover unused licenses.  

You’ll also be able to optimize the license types for each of the applications you keep. Many SaaS companies offer multiple, and sometimes complicated, tiers of software licenses. Armed with detailed usage metering data from a SMP, you can choose which package would best suit the users and teams in your organization. 

A SMP will also enable you to rationalize your SaaS portfolio, meaning eliminate redundancies. Applications for video conferencing, file storage, project management, and team communications are common sources of SaaS redundancies. A SMP’s normalization process can allow you to highlight redundancies by tagging applications during the discovery process with an application type.  
 
For example, you could then quickly identify you have four different project management applications throughout your organization, and a significant portion of those licenses are going to waste. It may be more cost efficient to sanction one project management tool for the whole organization under a larger license tier rather than paying for four separate platforms. 

A SMP will allow you to secure, monitor, and closely govern your SaaS landscape to prevent costly security breaches.

In addition to optimizing costs and eliminating redundancies, a SaaS management platform can go a long way to keeping your organization secure and in compliance. Snow surveyed 1,000 IT leaders and found the top concern with SaaS management is security. Most organizations have hundreds and sometimes thousands of SaaS apps, many of which are unknown to IT. 

The main challenge with security for SaaS applications is the ease with which anyone can sign up for a SaaS application, use any credentials they decide, and upload any company data. Each SaaS tool comes with many settings to configure. These configurations control everything from data protection to encryption to admin privileges and more. It only takes one misconfiguration by one user to open your entire organization up to a major, costly cybersecurity attack. 

In addition to all the benefits listed above of a SMP, you can’t afford not to invest in a SMP when it comes to the added value of security.  

Investing in a SaaS management platform

SaaS is usually in the top three highest operating expenses for organizations. Even if you’re sold on the benefits of utilizing a SaaS management tool, you’ll have to convince your organization’s decision-makers. CFOs will want to see how the investment will pay off immediately, as well as into the future. CIOs will like to see the data around how SaaS apps are being used.  

A SMP can help you discover cost savings, or how much you can save immediately, by eliminating SaaS app redundancies, identifying unused SaaS licenses, and optimizing costs. 

A SMP will also help you with cost avoidance, or how much you can save on future costs, by better preparing your organization for SaaS renewals and negotiations, securing your SaaS environment to prevent costly security issues, and preventing SaaS sprawl. 

By implementing a SMP now, even during budget cuts, organizations can realize quick savings as well as continue receiving a return on their investment well into the future.  

_{GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.} 

The post Why Investing in a SaaS Management Platform During Budget Cuts Makes Sense appeared first on Snow Software.

Here are four money-saving tips for SaaS contract negotiations to safeguard your budget and avoid costly compliance fines.

1. Inventory your SaaS environment.

Before entering a contract or renewal negotiation, conduct a complete inventory of your IT assets (including software, SaaS, and cloud) and usage. This way, you know what you have and what you really need, which leaves room to trim out anything unnecessary the SaaS vendor may offer.  

• With SaaS applications, that’s easier said than done because SaaS applications are not often purchased centrally. Take a detailed look at both your paid-for and free applications in use. There are several different types of SaaS discovery methods you can deploy. Browser extensions offer the most comprehensive SaaS discovery available, as they can discover any type of SaaS application – known, unknown, paid and free. They are deployed on the browser of each managed employee, and they register the login and usage of any SaaS application. 
• If you have hybrid applications, those that can be accessed via browser and installed versions, then you will want to use an agent (to check installed usage) and a method to capture web usage (SSO, vendor portal API or browser extension).  

2. Deeply understand your SaaS usage.

Arm yourself with data on who is using what and how. In the case of a renewal, you’ll know how well the application is working for your organization, and if you’re actually using what you purchased. 

• Some SaaS vendors offer different license types (with differing features) at varying price points. Know how each license is being used to ensure you aren’t paying the highest price tier for someone who could just as easily use a less expensive license. 
• Many organizations rely on financial records to keep track of SaaS licenses. However, financial records reveal nothing about application usage. With a SaaS management platform, you can leverage software metering to monitor how long an application was in use and specifically which features are used. This usage data will better prepare you for contract negotiations, so you can determine where your money is well spent and where you’re wasting dollars on unused software. 

3. Don’t be afraid to negotiate price.

There’s almost always wiggle room in a SaaS contract – you just have to ask the right questions. 

• Do they offer volume discounts? Discounts on unit prices are more difficult to come by in today’s climate. 
• Are there features that you don’t need? Slash unnecessary spend on add-ons, extra capabilities, success packages, etc.  
• Can you enter into a longer term and get a bigger discount? Does the SaaS contract represent a “have to have” application? If you’ve reviewed your usage data and spoken to the business units responsible for using the software and have identified this as a well-used application, some SaaS vendors are willing to lock you in at a lower price if you agree to a longer contract term. You won’t incur as much risk if you’ve done your research prior to the negotiation and can save some value spend in the process. Longer terms also can protect you against near-term prices increases. 

4. Optimize your SaaS licenses.

Identify savings opportunities on your next contract cycle by optimizing your licenses and clearing out the waste. Bring that information to your next renewal conversation.   

• Do you have any unused accounts or are any of your accounts duplicate users? 
• Are any applications in use redundant? Does your user really need both licenses, for example, or can one be repurposed or even cut? 

These tips for negotiating SaaS contracts and renewals only scratch the surface on how you can land a good-fit agreement. We’ve got more information in the Gartner^® Report, 3 Reasons Why SaaS Vendors are Raising Prices and What You Can Do About It. 

If you’re preparing for a conversation with one of the four largest software vendors – IBM, Oracle, SAP, or Microsoft, check out our guide, A Perspective on Rightsizing Your Enterprise Application Software Costs.  

_{GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.} 

The post 4 Money-Saving Tips for Negotiating SaaS Contracts and Renewals appeared first on Snow Software.

But what about free SaaS applications? Employees routinely download free SaaS applications and incorporate them into their daily work. However, given the millions of dollars that organizations are spending to purchase SaaS, it can be tempting to overlook the free apps that aren’t directly impacting the bottom line – not yet, at least.

Unfortunately, free SaaS applications can ultimately lead to a heavy price tag. Security breaches, regulatory fines, data loss and unexpected license costs are all potential outcomes of unmonitored, free SaaS use. 

The challenges surrounding free SaaS apps

Getting a handle on free SaaS use in an organization’s IT environment is easier said than done. Almost by definition, free apps are accessed outside of IT. In fact, they’re often accessed outside of the business unit and are simply the result of individual users or groups of users deciding to download software.   

Even if an organization is leveraging a SaaS management platform (SMP), there’s no guarantee they’ll uncover free SaaS applications. Most SMP discovery methods have a blind spot when it comes to free SaaS.

Financial records, for example, are a source of discovery for many SMPs. The platform connects to an organization’s procurement or accounts payable systems and looks for keywords associated with known SaaS vendors. But if you’re not paying for the app, it’s not going to show up on an expense report.

Single-sign-on (SSO) connectors are another popular discovery method. Data from this source shows logins for known applications that are accessed via an SSO platform, such as Okta or Microsoft Azure AD. However, free applications used without the knowledge of IT aren’t going through an SSO platform.

Finally, like SSO discovery, API connectors to vendor portals are useful for getting information on apps IT already knows about. They’re not going to provide any information on free apps downloaded without IT’s awareness. Despite best efforts to manage their SaaS, organizations are still left in the dark, and that leaves them vulnerable to a host of risks.

Security vulnerabilities

Security is a concern with any cloud software, but when IT is aware of the application, it can take steps to mitigate the risks. Adding the application to an SSO platform is a great place to start. As mentioned above, however, free SaaS apps aren’t going through an organization’s SSO for access. That means users are selecting their own passwords, which are often weak and present attack vectors for would-be hackers.

Another potential security vulnerability comes in the form of misconfigurations. SaaS apps have multiple settings options to control admin privileges, data protection, encryption and more. A single misconfiguration can dramatically increase the risk of a security incident. 

Data concerns

Protecting the data and privacy of employees and customers is the thrust of numerous laws that vary by geography and government entity. To ensure compliance, it’s imperative to know what data is being shared with your software vendors and what policies those vendors have in place to handle and protect data. Steering clear of regulatory missteps is a shared responsibility between customer and vendor, and if you’re not aware of all the vendors with access to your data, you can’t possibly ensure those responsibilities are being met.

Then there’s the issue of data ownership and what happens to your data when you decide to no longer use the app. Is there a process for retrieving it? Does the vendor have the right to retain the data? Answers to these questions are found in the service-level agreement (SLA), but you’re not able to review the agreements for vendors you’re not aware of.

Unexpected costs of free SaaS apps

Most SaaS applications that are free are only free up to a point. Once some predefined threshold is met, the vendor expects to be paid for the software.

For example, some apps are free for personal use, but there’s a requirement to pay for commercial use. Consequently, if an employee uses a free app at home and later begins using it at work, perhaps even converting some colleagues, you could be exposed to unexpected license costs.

Many SaaS vendors offer a freemium pricing model where certain minimal functionality is offered for free, but additional functionality comes at a price. After using the free features for weeks or months, employees often realize that additional functionality is required to meet business objectives. After investing so much time and energy in the app to that point, transitioning to an alternative can be more costly than paying the original vendor.

What are organizations supposed to do?

Fortunately, there’s a solution to these challenges, and it starts with visibility. Simply being aware of the free SaaS applications in your environment allows you to get ahead of these issues, address any data and security concerns before they pose a problem, and prevent unexpected licensing costs from busting the budget.

At Snow, our combination of SaaS discovery methods ensures that you have visibility into not only known and paid apps but also the unknown and free apps that are often hiding in the shadows. Learn more, or request a demo to see firsthand how we help customers eliminate the dangers of free SaaS.

_{GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.} 

The post The Heavy Price of “Free” SaaS Applications appeared first on Snow Software.