![](\"https:\/\/images.idgesg.net\/images\/article\/2022\/01\/spot-cso-primariy-hybridcloud-2400x1600-3-100915768-large.3x2.jpg?auto=webp&quality=85,70\"\/)
<\/p>\n
Credit to Author: Keith Shaw| Date: Mon, 10 Jan 2022 03:00:00 -0800<\/strong><\/p>\n The flood of remote workers at the start of the global pandemic in early 2020 had companies scrambling to find new software for communicating and collaborating with remote workers. Many turned to software-as-a-service<\/a> (SaaS) options.<\/p>\n It was an obvious choice. Under the SaaS model, applications are hosted and maintained by a third-party vendor and delivered to employees over the internet, making them easy to deploy remotely.<\/p>\n SaaS apps are subscription-based, typically charged monthly or annually per user or \u201cseat,\u201d without the large up-front investment traditional on-premises software requires. Introduced in the early 2000s, SaaS has soared in popularity over the years and is now the leading method of software delivery.<\/p>\n The shift to SaaS from traditional software is also part of many companies\u2019 digital transformation initiatives. \u201cThe whole notion behind digital transformation and modernization is to be more resilient and more agile,\u201d says Frank Della Rosa, research director for SaaS and cloud software at IDC. \u201cWith legacy software, the time it takes to bring up new infrastructure and the time it takes to deploy the software really limits a business\u2019 ability to respond to change.\u201d<\/p>\n SaaS offerings also have an advantage in their ability to make new features available more frequently than traditional software offerings. \u201cWith SaaS, the release cadence is happening on a quarterly basis,\u201d says Della Rosa. \u201cThere\u2019s a constant stream of new capabilities that businesses can take advantage of, which is not available to legacy software customers.\u201d<\/p>\n The ease with which SaaS applications can be deployed means line-of-business leaders, small teams, or even individuals can begin using them easily \u2014 and that, in turn, has led to a proliferation of SaaS apps in many enterprises. In its 2021 Businesses at Work<\/em> report<\/a>, for example, access management provider Okta reported that\u00a0 its customers have deployed an average of 88 apps, an increase of 22% over the past four years. Larger customers (2,000 or more employees) have an average of 175 apps, while smaller companies (under 2,000) deploy an average of 73 apps.<\/p>\n \u201cThese buying decisions now are democratized,\u201d says Della Rosa. \u201cWhat we\u2019ve seen with SaaS is that users will take out a credit card and buy the tools they need, and then submit the expense. So now you have an enormous explosion of expenses coming in with software licenses that are creating a real headache in terms of being able to manage that spend.\u201d<\/p>\n In addition, redundancies have arisen as different departments end up buying the same type of software without knowing what’s going on in other areas of the business. When subscription renewals come up, the procurement department often has no visibility into whether the software generates any real value for the business.<\/p>\n \u201cIf you look at the proliferation of SaaS in an enterprise, [companies] could be underreporting the number of applications by a factor of 10,\u201d says Della Rosa.<\/p>\n The continued growth of SaaS apps across organizations is becoming a major pain point for IT managers, who need to know not only what is being deployed, but whether the apps are secure, whether they meet compliance regulations, and how much money is being spent on them.<\/p>\n A category of tools to help manage the SaaS sprawl has grown as well over recent years. Depending on the group defining the category, these could be called SaaS management platforms (SMPs) or SaaS operations management software (SaaSOps). Gartner, which refers to this category as SMPs, says such tools are offered by pure-play vendors, as well as traditional software asset management (SAM) vendors, cloud platform management and cloud migration vendors, cloud access security brokers, and even some IT service management vendors.<\/p>\n \u201cTraditional SAM tools are still largely focused on the management of non-SaaS applications where an installation is present,\u201d Gartner wrote in its February 2021 Market Guide for SaaS Management Platforms<\/em>. \u201cHowever, leading SAM vendors are increasingly adding capabilities natively, or through acquisition, to support the discovery of SaaS applications and manage licenses.\u201d Gartner refers to some of these vendors as \u201cSAM for SaaS,\u201d which can further complicate a company\u2019s research.<\/p>\n IDC\u2019s Della Rosa says most SaaS management platforms evolved out of spend management and optimization tools that help organizations get a handle on the amount of money being spent on SaaS across the business. Over time, SaaS management companies began to add additional features, such as application security, vendor management, cost optimization, and onboarding\/offboarding configuration for employees. Many vendors now provide SaaS app recommendation services, giving advice on which SaaS apps may be better for a particular problem or category.<\/p>\n The market for SaaS management is booming right along with the explosion of SaaS apps themselves. Gartner predicts that by 2026, 50% of organizations using multiple SaaS applications will centralize management and usage of these apps through an SMP tool, up from less than 20% using them in 2021.<\/p>\n Experts say organizations should consider SaaS management software if they notice a surge in subscription expenses, if multiple departments start buying the same software, if the security folks express concern over whether the apps in use are secure and compliant with regulations, or if trying to manage software purchases in a spreadsheet is becoming a nightmare.<\/p>\n First and foremost, the tools should be able to handle at least three major tasks: automated discovery of apps<\/strong> within an organization\u2019s infrastructure; managing and automating administrative functions<\/strong>, such as onboarding\/offboarding; and providing a centralized location for enforcing app and data security policies<\/strong> for the SaaS portfolio.<\/p>\n Additional features and functionality may also be included. For example, some tools provide for role-based access controls<\/strong>; offer the ability to document, cancel, transfer, and upgrade software licenses<\/strong>; have a central reporting system<\/strong> for executives or compliance audits; let administrators create a catalog of approved apps<\/strong> that employees can download; monitor employee adoption and usage of apps<\/strong> and forecast future needs; and\/or provide SaaS app recommendation services<\/strong> to reduce app overlap and optimize spending. Many automation capabilities rely on integrations with SaaS providers, so be sure to investigate the integrations<\/strong> offered by any SMP you\u2019re considering.<\/p>\n Beyond discovery and management functions, Della Rosa says he\u2019s receiving many inquiries regarding security and compliance concerns over SaaS installations.<\/p>\n \u201cDepending on the data an application accesses, it introduces risk, because there\u2019s no way to confirm that it\u2019s being used in compliance and that the vendors providing the app are also current in their compliance [with] industry and regional regulations,\u201d he says. \u201cBeing able to track and ensure that all users are authorized \u2014 identity and access management<\/strong> is key.\u201d<\/p>\n Della Rosa says organizations should look at vendors that can help them solve their immediate needs, whether those are security and compliance, spend management, or user engagement. \u201cIf you ask any company what\u2019s most important \u2014 cost management, compliance, or usage data, they\u2019re going to say all three.<\/p>\n \u201cIf you\u2019re out of compliance or if you\u2019re unsure whether the vendors you\u2019re using have all of the updated documentation on their compliance, that\u2019s probably more critical than cost right now,” he says. “So companies may want to look at a platform that has built its core value proposition around that, and then think about integration to address cost optimization and user engagement,\u201d he says.<\/p>\n With many vendors offering standalone SaaS management, as well as traditional SAM vendors offering SaaS components to their offerings, companies should be able to find a product that meets their specific needs.<\/p>\n The main list below focuses on pure-play SaaS management vendors. Following that, you\u2019ll find other options including traditional SAM vendors that have added SaaS management features to their existing tools. Choosing a type of vendor for SaaS management may ultimately depend on whether your company already has a SAM tool deployed, or if you\u2019re looking for tools that can manage on-premises applications in addition to SaaS apps.<\/p>\n We selected the following products, arranged alphabetically, through independent research and discussions with analysts who cover the market. Inclusion in this list is not a buying recommendation, nor is exclusion a sign not to buy. Rather, this is meant to be a starting point that highlights vendors, core features, and unique functionality for companies to consider when choosing a SaaS management system.<\/p>\n BetterCloud<\/strong><\/a>: <\/strong>Features of the\u00a0BetterCloud platform include app discovery, file security, onboarding and offboarding, least-privilege access, security compliance, automated workflows, and centralized management of multiple instances of common SaaS applications. The company offers integrations with more than 60 different SaaS applications, including Google Workspace, Microsoft 365, and Okta. (See BetterCloud\u2019s security details.<\/a>)<\/p>\n Blissfully<\/strong><\/a>: <\/strong>Blissfully provides organization, automation, and security functions including SaaS management, vendor management, traditional software asset management, IT asset management, vendor and employee workflows, IT automation, access management, auditing and evidence, and compliance workflows. (See Blissfully\u2019s security details.<\/a>)<\/p>\n G2 Track<\/strong><\/a>: <\/strong>G2 offers a software marketplace<\/a> that lets people research, buy, and manage their software and services. The company recently introduced G2 Track, which helps companies discover and manage the applications used at their businesses. The offering lets companies manage their software and spend, track employee usage trends to attain value, control contracts and compliance, and reveal license and budget trends. (See G2 Track\u2019s security details.<\/a>)<\/p>\n Productiv<\/strong><\/a>: <\/strong>This platform uses machine learning models to discover \u201cungoverned\u201d apps and ensure compliance, provide recommendations for optimizing app spend, and streamline the process for employees to discover deployed apps and request new ones. The system can provide usage data on more than 20,000 apps, including the spend, licensing, adoption rates, security, and functions. Onboarding and workflow automation for SaaS apps are also available. (See Productiv\u2019s security details.<\/a>)<\/p>\n Stackshine<\/strong><\/a>: <\/strong>Features of this platform include a subscription calendar to track past and future expenses; a centralized dashboard for vendor data, contracts, and invoices; alerts of upcoming renewal dates; and security alerts around compromised vendors and offboarded employees. The vendor also offers services such as vendor discovery and contract negotiation and can run survey campaigns of employees to discover favorite and least-liked apps. (Stackshine\u2019s site does not include a security and compliance page; contact the vendor for encryption, authentication, and compliance details.)<\/p>\n Torii<\/strong><\/a>: <\/strong>This platform automates the discovery, spend optimization, operations, and compliance of SaaS applications across an organization. Spend monitoring includes vendor and license management, as well as chargeback reporting. The system can automate SaaS-related processes for employee lifecycle, it includes an application catalog, and it provides details on software utilization. Torii includes automated risk analysis and access control features, along with security alerts. (See Torii\u2019s security details.<\/a>)<\/p>\n Trelica<\/strong><\/a>: <\/strong>Based in the UK, Trelica automates SaaS discovery to find shadow IT installations, optimize app spending, automate IT operations, and engage with end users. Engagement data can identify savings from unused seats, and renewal negotiation can reflect how much employees are using apps. Other features include employee onboarding automation, security and access risk, and the ability to gauge user satisfaction. Integrations with identity providers and SSO apps, finance tools, and business apps are also available. (See Trelica\u2019s security details.<\/a>)<\/p>\n Zluri<\/strong><\/a>: <\/strong>This vendor says its goal is to simplify the world\u2019s transition to SaaS by helping companies adopt and operate their software stack through a single intelligent dashboard. Features of the Zluri platform include smart application discovery, renewal monitoring, application cost optimization, vendor management, onboarding and offboarding automation, application usage data, and real-time notifications and reports. (See Zluri\u2019s security details.<\/a>)<\/p>\n Zylo<\/strong><\/a>: <\/strong>This system can discover applications across an organization, optimize spending and discover inefficiencies, manage renewals and forecast spending, and ensure compliance through governance processes. (Zylo\u2019s site does not include a security and compliance page; contact the vendor for encryption, authentication, and compliance details.)<\/p>\n Enterprises that want to manage on-premises applications as well as SaaS apps should investigate software asset management (SAM), IT service management (ITSM), or IT asset management (ITAM) offerings, many of which are beginning to offer SaaS management features. Vendors in this space include Snow Software<\/a><\/strong>, Alloy Software<\/strong><\/a>, Flexera<\/strong><\/a>, Genuity<\/strong><\/a>, ServiceNow<\/strong><\/a>, and SailPoint<\/strong><\/a> \u2014 which addresses the issue via its identity management platform.\u00a0<\/p>\n We also discovered other tools that may have one or two of the three main SaaS management capabilities (discovery, management, and security), but do not currently appear to be a complete SaaS management system. Vendors such as Airbase<\/strong><\/a> and Vendr<\/strong><\/a>, for example, offer spend management features.<\/p>\n Other vendors, such as CoreView<\/strong><\/a>, Sonar Software<\/strong><\/a>, and AvePoint<\/strong><\/a>, offer SaaS management features, but only for specific products like Microsoft 365 or Salesforce.<\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Credit to Author: Keith Shaw| Date: Mon, 10 Jan 2022 03:00:00 -0800<\/strong><\/p>\n The flood of remote workers at the start of the global pandemic in early 2020 had companies scrambling to find new software for communicating and collaborating with remote workers. Many turned to software-as-a-service<\/a> (SaaS) options.<\/p>\n<\/p>\n