Managed Services

A note from Entech's Stephen Tracy: Understanding SaaS Sprawl

Stephen Tracy, VP of Service Operations

The SaaS revolution began in 1999 when Marc Benioff founded Salesforce went public in 2004 after achieving $96 million in annual sales. Sixteen years later, it was added to the Dow Jones Industrial Average after reporting revenues of $17.1 billion in fiscal 2020. SaaS is no longer a revolutionary concept. It’s been embraced as a foundational IT building block within companies of all sizes, industries, and geographies. 

If this is the first time you’ve heard the acronym SaaS, or if you’re only vaguely familiar with Software as a Service platforms like Salesforce, the definition of SaaS is: “a cloud-based software delivery model in which the cloud provider develops and maintains cloud application software, provides automatic software updates, and makes software available to its customers via the internet on a pay-as-you-go basis.” 

The way I like to explain SaaS is: any software application that you would have traditionally installed on your computer and/or would have been installed and accessed via a Server that you own, but that you now access via a website is SaaS. A common example that spans most organizations historically was utilizing Microsoft Exchange for e-mail. Organizations ran their own e-mail servers in-house (largely utilizing Microsoft Exchange) to provide e-mail services – now most organizations pay a monthly fee for Microsoft 365, G Suite, or another similar service to provide their business e-mail services in the cloud. SaaS is so pervasive that most providers of these legacy software applications are not producing locally installable options any longer after their current software becomes end of life – everything is moving to a cloud software as a service delivery model. 

With SaaS becoming so commonplace, new issues are cropping up that organizations should be aware of.

The primary issue with SaaS is sprawl.

SaaS Sprawl, also known as Shadow IT, is the term for any technology — including hardware like flash drives and smartphones — in use at your organization that’s "outside the ownership or control of IT” whether that’s you, your in-house IT staff or your external IT partner — or all of the above. 

As more and more SaaS apps are being developed and released, employees or teams are increasingly selecting and adopting tools on their own. The general ease with which SaaS apps can be bought and deployed has only sped up this process – as a result, more than half the apps in the average SaaS portfolios in 2022 were shadow IT. 

Most of the time, they're not doing it intentionally. In fact, they may be doing it out of a desire to do their job more efficiently. Even if you’ve provided them with your chosen application that they should be using, they might not be aware that it’s mandatory to use those applications and they might have a preference from a past job or past experience utilizing a different application. In some teams, you might also discover that people are using multiple tools with overlapping functionality because each app lacks a specific feature they need. 

Beyond the risks to your organization’s Cybersecurity, if employees are using applications that aren’t managed by IT with proper Cybersecurity controls, there also can be major issues with employee productivity. Context switching is when you move from one task to another - it can often happen when you toggle between tabs, switch apps, or even change conversations.

The more apps you’re using, the more you’re constantly switching between them, which can seriously impede your ability to focus.

When Cornell University’s Ellis Idea Lab researched productivity tools, they found employees were spending 59 minutes every day searching for information in different apps and tools. That’s a huge loss of productivity that will ultimately chip away at an organization’s bottom line.  

Teams can also become siloed as they adopt their own tools to work, manage projects, and communicate. This fragmentation makes it difficult for teams to effectively collaborate cross-functionally. Additionally, disparate data sets can create data trust issues as well as make it difficult to mine useful data to make organizational decisions easier.  

So – hopefully I’ve kept your attention long enough with the “why should I care about Saas Sprawl” to get to the “what do I do about it?” 

There is no one size fits all approach and much of this will depend on how many SaaS applications are in use currently, but starting with an audit is the best course of action. If you're not directly responsible for your organization's tool stack, you'll want to ask your IT or operations team to audit the following: 

  1. Which SaaS apps your organization is using. 

  2. The subscription costs for each app.

  3. How often team members are using each application (many SaaS providers let you see your usage limits, otherwise, you'll need to talk to team members directly to get this information). 

  4. The renewal plans for each application.

It’s also worth talking to team members and department heads directly to potentially uncover "shadow tools" — the ones that teams are using without approval. 

Once you’ve conducted an audit, the next step should be to determine how this will be managed moving forward. Organizations can use a SaaS Management Platform to help ensure data security and compliance by providing real-time visibility into which apps employees use, and which teams are using them, and ensuring adequate security of the applications. This insight can help IT teams prevent sensitive data from being misused or accessed by unauthorized individuals and can also alert you to new applications showing up in your IT environment. 


Stephen Tracy

VP of Service Operations

How to Reduce the Risks of Shadow IT; download the Guide

Similar posts