Many ITAM Review readers are yet to get their arms around the issue of managing the risk and cost of cloud based software. Whilst it still represents a small percentage of annual spend, it’s a growing area and something we need to learn how to manage.
IDC predicts that by 2018 SaaS will represent 27.8% of the Enterprise Applications software market.
When it comes to SaaS, one of the major challenges for ITAM and the IT department as whole is awareness and ownership. Many ITAM Review readers I speak to lack the basic awareness of what SaaS apps are in use and who owns them. The appeal of SaaS apps for say, the marketing department, is that it’s a turnkey application that can be configured and managed by marketing. It might be paid for using a marketing credit card or marketing purchase order and bypass IT scrutiny, but for governance and optimisation IT needs to identify what is in use and by whom.
I’m yet to see a traditional SAM tool deal with this elegantly. The usual approach is to stay within the confines of the agent-server model. i.e. We’ll configure our inventory agent to identify when someone is visiting a URL, then you’ll be able to manage SaaS. This approach is limited because a) It assumes you know they are using it and b) you need to know what URL to look for. Current SAM tools are missing SaaS discovery which is not comprehensive enough using an agent. It also misses the fact that a corporate user these days might own 3-5 different devices to access that SaaS app. Using an agent alone to track SaaS usage is old school thinking and is not robust enough for modern IT environments. Do you agree? Let me know in the comments.
I recently spoke with Erik Christopher and team at Zylo, a new start up looking to address SaaS optimisation. They take a new and innovative approach to managing SaaS spend by looking way beyond the IT department and traditional SAM tool ways of working. Their two primary data sources are Accounts Payable records for software spend for the whole business and single sign on information which tracks logins to apps (I’m not suggesting this approach is completely exhaustive either, but it’s certainly progress on current industry norms).
SaaS is completely new terrain, but we can still apply the same old ITAM principles of managing risk. Discover consumption, recognise it accurately, manage risk and cost.
As with the traditional SAM tools this approach to managing SaaS apps takes us through the process of:
Whilst compliance issues do exist with SaaS, the biggest business driver here is reducing waste, identifying duplication and redundancy and chopping out cost with no loss of service to the business.
This is a good idea and innovative solution but can’t help but feel it would be better off embedded within a normal SAM tool. For example Zylo offers a SaaS renewals timeline and contracts repository for SaaS apps – would you really need that in addition to the tools you use for managing the rest of the estate? This offering assumes I only manage SaaS apps or want to manage them in isolation to other IT assets. In the longer term it might be a bit annoying to have two ITAM platforms to manage (but perhaps not unusual, more than one ITAM tool in large environments is the norm).
Zylo is currently a blend of service and product with a view to being pure product, great innovation here and I look forward to watching them make an impact on our industry. More info at https://zylo.com/