SaaS Sprawl: Taming the Chaos of Digital Applications

Think of SaaS sprawl like a cluttered digital workspace. It’s the uncontrolled expansion or proliferation of Software-as-a-Service (SaaS) applications within an organization. While SaaS apps are great for flexibility and scaling, their widespread use without proper management can lead to this sprawl, making things difficult to manage and organize. It often happens when various departments or even individual employees buy and install software independently, without coordination or approval from the IT department. This means the IT department loses visibility and control over the growing number of applications.

Now, it’s important to understand that SaaS sprawl is different from, but often a result of, Shadow IT. Shadow IT refers specifically to the use of technology, including SaaS, that hasn’t been sanctioned or approved by the IT department. While SaaS sprawl is about the multiple, often redundant and poorly integrated unapproved cloud apps piling up, Shadow IT is the act of using them in the first place without IT’s knowledge. Both phenomena point to a lack of communication and coordination within the organization. Shadow IT can be quite significant; Gartner and Everest Group data suggest it accounts for between 30% and over 50% of IT expenditures in large enterprises, and it’s a major IT security concern for SMEs.

So, why does this “sprawl” happen? The sources point to several key causes:

• Ease of Access and Purchasing: SaaS apps are designed to be easy to buy and use, allowing employees to sign up without necessarily getting IT approval.
• Lack of Centralized Management: Many companies don’t have a unified process for managing SaaS apps, leading to employees downloading different applications, sometimes with the same functions.
• Bring Your Own Device (BYOD) Policies: Employees installing cloud apps on personal devices without company-wide monitoring contributes to sprawl.
• Increased Popularity: The sheer availability of a wide range of SaaS apps in the cloud makes it easy for employees to access and install new tools quickly.
• Lack of Awareness: Sometimes employees just aren’t aware that the company already has an appropriate tool for their needs.
• Need for Speed: Employees might download new apps to quickly meet immediate work demands, without considering long-term implications.
• Poor Company Culture: If a company isn’t open to officially procuring necessary cloud apps, employees might just buy them without approval.
• Departmental Independence: Teams often select tools based on their specific, immediate needs, without coordinating with other departments or IT.
• Failing to Remove Old Apps: If apps are bought but not removed when no longer needed or replaced by a new tool, the stack just keeps growing.
• Insufficient Training: Employees might seek new tools if they don’t know how to fully use the approved ones.

This uncontrolled growth brings significant challenges to organizations.

One major area of impact is Financial:

• Uncontrolled spending is a primary challenge, leading to unexpected costs from duplicated services, licenses, and maintenance.
• Organizations average over 1,000 SaaS apps, with 17% being “rogue apps”, which can add up significantly.
• Up to 30% of a company’s SaaS spend is wasted on unused seats, duplicate, or redundant apps. Data suggests average companies waste over $135,000 on such tools.
• Up to 41% of organizations report 19% of total SaaS spend is unused or underutilized licenses, with some wasting up to 40%. The average organization only uses 47% of its provisioned licenses, amounting to about $21M in wasted spend per company.
• It’s difficult to get visibility into spending and attribute costs to departments when purchases are decentralized.
• Difficulty negotiating group licenses also increases costs.
• Inaccurate budgeting and forecasting become a nightmare without visibility.

Operational challenges are also widespread:

• Decentralized buying causes inefficiencies and duplication as teams use different apps for similar tasks. Over 30% of businesses report duplicated work due to multiple apps.
• This leads to data silos and integration issues, making it hard to share data and limiting informed decisions.
• Managing updates and upgrades across many disparate systems becomes difficult.
• Employee productivity suffers. 7 out of 10 employees waste up to an hour daily just switching between tools. Many find it challenging to find resources (50%) or feel their job is chaotic (46%), leading to “app fatigue” and potentially losing up to 80% of productivity.
• More apps increase the administrative burden on the IT team, pulling them away from strategic tasks.

From a Security and Compliance perspective, SaaS sprawl is a significant risk:

• More unverified third-party apps increase the risk of data breaches, especially with sensitive data involved. Over half of organizations have experienced ransomware targeting SaaS data, with many attacks successful. 75% believe safety is the biggest risk.
• Security misconfigurations are a common cause of incidents.
• SaaS apps are subject to regulations like GDPR and HIPAA, and sprawl makes ensuring compliance challenging due to lack of visibility.
• It’s hard to enforce security policies consistently across many unsanctioned apps. Gartner predicts companies are five times more likely to experience a cybersecurity incident without centralized visibility.
• Apps bought outside policy often bypass security reviews. Most apps in average portfolios have poor risk scores.
• With sprawl, fewer apps are typically secured behind Single Sign-On (SSO), which is a risk. On average, only 21% of apps are behind SSO.

Finally, there are User Adoption challenges:

• Poor integration between non-compatible apps bought decentraly leads to user frustration and poor coordination.
• Training end-users on a multitude of third-party apps becomes challenging, leading to low adoption and wasted licenses.
• Employees might resist adopting new solutions if they weren’t involved in the purchase or perceive them as less efficient. A transparent purchasing process is needed to improve user welcoming to new purchases.

So, how can organizations get this under control? The sources offer several best practices:

• Get Visibility: This is the absolute first step. You need to discover all the SaaS apps in use, including Shadow IT. Centralize information about each app (licensing, usage, contracts, owners). Tools like SaaS Management Platforms (SMPs) use discovery engines to find and categorize apps.
• Centralize Management and Procurement: Consolidate SaaS management under IT for better control and visibility. Implement centralized processes for purchasing and managing apps.
• Implement a Software Purchasing Policy: Establish clear guidelines and procedures for buying software, including who is involved and the approval process. Crucially, communicate this policy effectively and regularly to employees.
• Create an Enterprise Application Catalog: Provide a centralized list of approved apps that employees can easily access to find tools or request licenses. This prevents unnecessary new purchases.
• Rationalize Your SaaS Stack: Regularly assess and remove unnecessary or redundant applications. This process helps identify tools to eliminate, consolidate, or replace and can lead to significant cost savings and improved security.
• Train and Educate Employees: Inform staff about the risks of sprawl and the importance of using approved tools and following policies. Provide training on how to effectively use existing tools.
• Use a SaaS Management Tool: These platforms (like CloudEagle, Axonius, JumpCloud, BetterCloud, Vertice) are specifically designed to help manage SaaS sprawl by providing visibility, tracking usage, costs, and compliance.
• Improve Onboarding and Offboarding: Ensure new employees are provisioned with needed tools and that access is revoked for departing employees to prevent security risks and wasted licenses.
• Conduct Regular SaaS Audits: Periodically review all subscriptions to identify inefficiencies, compliance issues, underutilized tools, and cost-saving opportunities.
• Implement Access Controls: Use approval workflows for new subscriptions and manage user permissions to reduce redundancy and ensure compliance.
• Encourage Departmental Collaboration: Foster communication between teams to identify common needs and share tools, reducing redundant applications.
• Optimize SaaS Spend: Analyze usage to determine value, renegotiate contracts, consolidate subscriptions, and eliminate unused tools.
• Regular Vendor Audits: Evaluate vendors’ adherence to security and data protection.
• Document Contracts: Keep detailed records of SaaS contracts.
• Real-Time Monitoring: Use tools to monitor usage and security in real-time.

Addressing SaaS sprawl proactively is crucial for reducing costs, improving efficiency, bolstering security, and ensuring organizations can truly benefit from the flexibility and innovation that SaaS offers.