Remote security, threat detection, and incident response are some of the most critical issues IT and Security teams face in supporting their organizations. These attacks and vulnerabilities cost companies billions in lost revenue, lost data, and damaged reputation every year. For smaller organizations, the impact can be fatal.
In all of these instances, an ounce of prevention is worth a pound of cure. Some of the most valuable organizations in the world make their mark protecting the assets and reputation of thousands of other companies.
To help you build a secure, thriving business, here are seven IT services and platforms that help companies protect themselves.
In the post-pandemic world, remote work continues to be a valuable and important part of the landscape. With millions now working from home, companies need ways to securely bring people together digitally. Endpoint protection and remote access have become top priorities for organizations offering flexible work to their staff.
This is the mission of LogMeIn, a SaaS platform for remote collaboration, IT management, and customer engagement. Founded in 2003 by Marton Anka, and Michael K. Simon, this Boston-based firm has become a well-recognized name in the industry.
They became a comprehensive resource for secure, streamlined remote collaboration through both their own development efforts (such as Central by LogMeIn remote management tool), and by completing key acquisitions with LastPass and GoToMeeting.
Ransomware is both costly and destructive. As the world goes remote and digital, ransomware attacks have exploded, with experts predicting one attack happening every 11 seconds this year alone.
SentinelOne helps clients prevent and recover from ransomware and other malware threats using autonomous, AI-empowered detection to recognize the behaviors common in ransom operations.
The tool prevents bad actors from encrypting files and offers a roll-back option for protected Windows devices, allowing users to recover quickly in the event of a breach.
The Israeli-founded company, started in 2013 by founders Tomer Weingarten, Almog Cohen, and Ehud Shamir, has experienced considerable success in only 8 years. It has grown to over 700 employees and just last month landed on the New York Stock Exchange (NYSE) as the highest-ever debut for a Cybersecurity IPO.
Up-to-the-minute information is essential for maintaining your IT infrastructure. It empowers companies to keep internal and external teams and products running, without costly downtime or errors.
PagerDuty helps comapnies stay on top of their infrastructure through an incident management platform that provides reliable notifications, automatic escalations, on-call scheduling, and other functionality. This allows teams to operate seamlessly and maintain uptime on their most important services and products.
The Toronto-based company was founded in 2009 by University of Waterloo graduates Alex Solomon, Andrew Miklas, and Baskar Puvanathasan. The three founders, software engineering alums of Amazon, built the company after realizing that even large corporations had to fend for themselves with internally-built tools for managing IT infrastructure calls.
Knowing the critical role incident reports and escalation plans play in both IT security and company reputation, they built PagerDuty as a solution that any enterprise could easily put in place.
Their idea took off, growing to a $1.8B valuation in just 10 years. The company debuted on the NYSE in April 2019.
Another player in the remote security and endpoint protection space, Crowdstrike is a recognized leader providing threat intelligence and cyberattack response services to a variety of high-profile clients and industries.
The team soon added other high-profile names to its ranks, including former FBI investigator Shawn Henry. Henry was picked to lead CrowdStrike Services, a portion of the business focused on proactive detection and response services.
The company has garnered a bit of a star-studded reputation, with involvement in high-profile investigations including the widely-publicized Sony Pictures hack, and attacks on the Democratic National Convention (DNC) servers in 2015 and 2016.
As a result of their high-profile investigative work and comprehensive protection and response services, the company enjoyed an eye-catching Initial Public offering in 2019, with shares doubling on the first day of trading on the NASDAQ.
Getting logged in quickly and securely is important, whether you’re a remote employee or a customer logging in to use a service.
Secure identity verification company Okta makes getting logged more secure than ever. Offering both single and multifactor login options for employee and customer applications, Okta ensures “that the right people have the right access to the right resources at the right time.”
The platform allows IT and IS teams to more easily manage and secure their user authentication processes. It also allows developers to create more secure login and identification controls for programs, services, and devices.
Okta was founded in 2009 Okta by Todd McKinnon and Frederic Kerrest. The company has enjoyed long-term success, first as a private company attracting $75 million in VC funding from top names including Andreessen Horowitz, Greylock Partners, and Sequoia Capital.
Later, the company’s 2017 IPO debuted with a valuation of over US $6B.
Yes, remembering your password is a hassle. But it’s important.
Weak or forgotten passwords are one of the easiest ways for bad actors to infiltrate systems or platforms. Therefore, secure and reliable password management is imperative for everyone, whether you’re trying to securely log into company systems or post photos to Insta.
1Password was designed with all these needs in mind, from personal social platforms to mission-critical financial systems access.
This password manager, developed by AgileBits, provides secure storage for multiple passwords, software license keys, and other confidential data. It achieves security and flexibility via the use of a “virtual vault,” protected with a Password-based Key Derivation Function 2 (PBKDF2) master password. The SaaS-based service stores all your passwords (across many devices and browsers) in one place for a low monthly fee.
Launched in 2006 by Dave Teare and Roustem Karimov (a self-described “two guys in a garage” story), 1Password quickly gained traction, growing to millions of users, 50,000 companies, and finally a $200m investment from top VC firm Accel in 2019. Continuing its evolution, 1Password acquired encrypted secrets management service SecretHub in April of this year.
Cybereason is a managed detection and response provider, helping to identify and avert cyber attacks, analyze evolving threats, and help clients recover from those attacks.
The company’s suite of services includes comprehensive endpoint management for devices, cloud-services protection, threat intelligence analysis, and detection & response.
The Boston-based company, founded in 2012 by Lior Div, Yonatan Amit, and Yossi Naar also provides Next-Generation Antivirus (NGAV) services as well as a research entity, Nocturnus, that “specializes in discovering new attack methodologies, reverse-engineering malware, and exposing new system vulnerabilities.”
Nocturnus is notable for successful detection and “vaccination” of high-profile viruses such as the 2017 ransomware attack known as Bad Rabbit and the encryption malware attack NotPetya.
This success in detection and prevention has garnered attention from venture capital investors including Charles River Ventures and tech investing giant SoftBank Group, with funding multiple investment series totaling over $388m US.
Sign up for an ongoing stream of leading SaaS buying research and resources.
The latest news, technologies, and resources from our team.
SaaS Stack Management
We’ve seen more remote work from home across all industries, with growth in tech, media, and shipping verticals, and other industries essentially shutting down. This change has particularly hit IT and created the question of how to manage SaaS and software for an organization in a very different environment.
Over the last few months, as the world has changed, we’ve seen a dramatic impact on our customers, their businesses, and how they’re run. We wanted to share with you some of what we’ve seen on how to best manage and deal with these changes. Here’s a short guide to managing IT in the age of work-from-home.
It’s no question that the Coronavirus Pandemic has had a dramatic effect on how businesses operate. We’ve seen more remote work from home across all industries, with growth in tech, media, and shipping verticals, and other industries essentially shutting down. This change has particularly hit IT and created the question of how to manage SaaS and software for an organization in a very different environment.
A recent tweet by Aaron Levie, the founder and CEO of Box.com, highlighted some of these impacts:
This is a brief overview of how IT strategies are changing overnight: From some cloud software to an all-cloud environment, from trusted devices only to any device, from protecting the perimeter to no perimeter – supporting people on home WiFi – from monolithic tools to best of breed applications. From thinking about UX as secondary to UX above all and thinking about the shift from a traditional world of employees to a more extended enterprise.
Technology early adopters have been living in this future for a while, but now most companies are forced into that same reality. These changes are difficult for IT, because the remote first, work from home and decentralized nature that we’re living in now has broken a lot of traditional IT processes. Historically there was a lot of centralization around IT into a command and control environment. Now, with workforces distributed, we’re seeing that really break apart as businesses work through a much more decentralized and organic approach to managing technology and visibility.
As a result of that, we’re seeing a lot of internal challenges because these processes have not been pressure tested. They’re being implemented quickly across organizations because they are necessary, but they haven’t been tested and refined. This is causing a few consistent issues:
In the new world, we see a bigger risk for unknown or unapproved apps with fewer controls, especially outside the perimeter, outside of controlled devices and you’re potentially having a lot of risk of wasting money without these controls.
In an age of distributed workforces, we’re seeing spend on SaaS rise rapidly. And, with cash flows tightening, organizations are placing a much higher priority on saving money across the board and in particular on SaaS apps. SaaS can often be the third biggest line-item expense in a company after employees and an office. It’s, therefore, a natural place to look at to be able to save money to extend runway and create some operational flexibility.
Here are some practical tips to think about how an organization can go ahead and save some money on their SaaS applications:
1. Do a SaaS audit. The first part of this is to inventory and understand key vendors, how much you’re spending on them, what’s the usage? This audit creates a foundation for a data-driven approach to spend optimization. You can look at typically some of the bigger line items within your SaaS applications and know based on that audit and inventory how to go down and approach that list.
To get this audit you should leverage multiple data sources, typically export data from a finance system to get some of the vendors you’re paying for. You can also survey users and team leaders to get not just the list of apps they’re using, but also some additional insights into how they’re using these across the organization. This SaaS data tends to be a very natural place to start giving you visibility to identify some ways to actually optimize spending.
2. Once you have that audit in place, a great place to look at is how do you identify or eliminate orphan subscriptions? We see a lot of companies that have subscriptions that they’re still paying for, but perhaps the champion left the company and it was never canceled when they left the company. Now you have these zombie subscriptions still being paid for on a monthly basis or even annual basis that are really not being used. The SaaS audit can help you identify those by identifying ways to have subscriptions, but if you ask around the company and nobody claims it, that is a good candidate to be orphaned.
3. Another step is to reclaim underutilized licenses. Maybe you bought a pack of 100, but you only need 80 of them, to go back and reduce your license count. Similarly, you can remove unneeded users that may have a license but haven’t been using it in a while because it’s not as critical to their role. Another way to think about optimizing spend is to potentially drop a tier if the features in a given tier are not needed. This depends on getting involvement from the team leaders in terms of understanding whether a particular feature set is critical or not.
4. Lastly, think about potential vendor or app consolidation. A lot of SaaS applications might have overlapping features or products might have similar use cases. This might be a little bit more involved in terms of understanding where those overlaps are, but you might want to think about that if saving money is important. The final step would be to actually negotiate with vendors. A lot of vendors are very aware of the pressure that businesses are under and reaching out and talking to them is probably a good way to actually find some ways to save some money.
With a huge swath of the country working from home and reducing travel to a minimum, the ability for an organization to manage employees, devices, and software “outside the perimeter” becomes a priority. The primary and most important step in this process is visibility. It’s one thing for an IT department to gather data on software, device, and network usage when all of the above are company property, but when we’re all using our own networks and devices, that data begins to spread in unmanageable ways. Using a SaaS management platform like Blissfully will provide the necessary visibility into your IT environment to be able to manage efficiently and effectively.
Preparing and managing potential layoffs
As workforces distribute, there are often changes to the team. A few tips here as you’re thinking about them: It’s critical to work with legal, HR and management to create a strategy, not just how to execute the layouts, but what’s the long-term business strategy of it? Does this extend runway by X months to put the company on a better trajectory to survive long term? See if the payroll protection plan in the new government stimulus is applicable to you and obviously consult your lawyers and counsel there. Then think about the model and how it’s changing based on new assumptions. Week-to-week we’re seeing different reports on the economy, on health and it’s important to take that into account on a regular basis.
Another consideration is the actual offboarding process. You’ll want to do this upfront so that you have a clear process with checklists and key stakeholders so that you can run this process in a smooth and repeatable way. The type of things that you need to think of when doing that process is: freezing account access, leveraging IT automation where possible, making sure you want to backup account emails and files so you don’t lose any sensitive data and probably identifying the transfer of SaaS billing ownership so that you don’t create more orphan subscriptions that we were talking about earlier.
It’s important to be proactive about IT in this age of uncertainty. The traditional notion that everything is centralized and expected of IT has to change. IT must become much more collaborative in this decentralized remote world. Now what does that look like? We think of some of the traditional differences between traditional IT and collaborative IT and how we think about it. Let’s start with app selection.
Traditionally IT budget was controlled by IT and finance, with adjustments coming during annual renewal cycles. Now it tends to be much more fluid, as teams make decisions on-the-fly and on their own. This can be a double-edged sword if you’re thinking of cutting costs.
To summarize, an IT process that used to be fairly rigid, inflexible, and localized, is now broadened into something collaborative and distributed. The tools that managed IT in traditional IT such as ticketing systems and spreadsheets just aren’t built for today’s environment. That’s why we built Blissfully. (See our guide to Collaborative IT)
Beyond just the approach of traditional IT versus collaborative IT, it’s important to think about how you actually collaborate. What are the roles for different people across the entire company? Let’s walk through some of those.
Historically app selection has been centralized around IT with some finance involvement, but in a collaborative IT world, team leaders and individual employees have a lot more say about choosing the apps that are relevant to their job function. Consider visibility: traditionally IT had visibility because everything went through IT. It was very centralized. Now in this collaborative shared world, the visibility becomes even more important, and yet, it’s harder for IT to get complete data on a software environment that’s being distributed away from them. At the same time, it’s also important for IT to have a different attitude towards employees sourcing their own software (shadow IT) when workforces are distributed. It’s not about eliminating shadow IT at the perimeter, but instead, it’s about understanding the choices employees are making and what users are actually doing to be able to support them in a very different environment that they’re used to working in.
Security and compliance has historically been about tight controls enforced with very strict security and compliance teams. Now you need to do this outside the perimeter on non-trusted devices. This means cloud-first security and compliance that supports how people are actually working now, and that shares these responsibilities, working with IT and the rest of the organization to enforce controls from afar.
The role of IT in a collaborative IT environment is to understand the SaaS management program. What’s the company’s approach to SaaS and how do you manage that? Help provide guidance to team leaders when choosing tools. Some industries might have much stricter security and compliance needs than others. It’s IT’s job to help communicate that to people so they can choose the tools that are consistent with the organization’s needs. Finally, IT is the one that’s coordinating with finance on budget and HR to coordinate the on and offboarding processes, which are even more difficult today because it’s so distributed.
Finance has a very key role in the collaborative IT environment by helping manage approved budgets, reviewing spending and obviously managing contracts and renewals. In an age of trying to optimize budgeting, that renewal process is very critical. HR and people ops has a shared responsibility with IT to get new employees up and running, on and offboarded really quickly and smoothly. One of the big goals of onboarding smoothly is getting them access to the apps they need to do their job. Most people in a knowledge economy are doing most of their work in a SaaS application day-to-day. Similarly, for off-boarding, it’s really critical to do that in a secure and time-effective way in order to minimize wasted cost and security risks. We’ll come back to some of those offboarding tips.
Team leaders in our view have a very key role in a collaborative IT environment, much more so than in a traditional world. They are often the ones on the frontline choosing and evaluating tools that are the best fit for the type of job that they’re doing. They are oftentimes now responsible for managing their team budgets, for actually implementing and rolling these tools out to their teams and to make sure there isn’t overlap or waste across different tools. Sometimes the challenge is they may not have the visibility of what other teams are doing. It becomes a little bit of a challenge for an organization to navigate that, but there’s no question that team leaders have a big role.
Engineering is obviously the one that’s helping integrate SaaS and dev ops tools. They are often managing APIs, oftentimes internal company APIs to different applications and typically have access to much more sensitive information and customer data via the production databases. It’s really critical that engineering is doing a good job of managing access to that sensitive data. The security team, they’re sending controls via permission and authentication and reviewing these logs and protocols on a regular basis. Legal is helping to review contracts.
Finally, individual employees are actually part of this collaborative IT environment. They’re the ones that are using the SaaS applications and doing their work in a SaaS product. There also often should be giving input about these products to their managers, to IT and how they like them. With fewer controls, you have to put more responsibility and trust onto individual employees to follow the guidelines on security compliance and other best practices, therefore it’s important to educate them. In our view, in a collaborative IT world, IT doesn’t need to go it alone and they shouldn’t. It’s important to get all these key stakeholder holders involved in managing IT and setting up the organization for success.
1. Audit your SaaS: Review all your vendors, identify key renewals, analyze usage if possible, and survey your team to see what they need or don’t. >Blissfully can start this process with you right now!
2. Optimize your subscriptions: After your audit you’ll likely find un-used subscriptions, underused licenses, or product tiers your might not be using, all low hanging fruit for ways to save.
3. Consolidate apps and vendors: Your audit will likely also find product or vendor overlaps, enabling you to consolidate apps or vendors.
4. Negotiate with your vendors: Finally, don’t be afraid to reach out to your SaaS vendors to ask for discounts or other helpful terms, especially if your company or industry is particularly hard hit.
Waiting to close down email accounts, change passwords, or revoke access to proprietary platforms and resources leaves the company open to security breaches. It can also create confusion and communication roadblocks. Work with IT to promptly reset the employee’s accounts, including:
SaaS Stack Management
Today’s SaaS-forward organization looks dramatically different; team leaders are buying and allocating licenses across their teams themselves. Without the proper visibility, IT teams are often left at a loss trying to track all of these decisions across the organization, which is where License Management can get tricky.
Software as a Service (SaaS) licensing can be complicated to manage, and its complexity can quickly increase as an organization grows. At some organizations, License Management can look a lot like the discipline of software asset management (SAM), where the IT team attempts to balance the number of software licenses purchased with those actually consumed or used. The key difference is that modern SaaS management is centered around people, whereas an old-school SAM approach focuses on managing the assets themselves. As we all know, people can be unpredictable!
In the SaaS world, it can be tougher for IT teams to wrangle licensing and usage, since the nature of software purchasing has fundamentally become distributed across the entire organization. In the past, the role of IT has been highly centralized, and has controlled all of the decision-making around software purchasing and licensing. Today’s SaaS-forward organization looks dramatically different; team leaders are buying and allocating licenses across their teams themselves. Without the proper visibility, IT teams are often left at a loss trying to track all of these decisions across the organization, which is where License Management can get tricky.
A subset of SaaS Vendor Management, which focuses on both License Management and the financial and compliance relationships of third-party vendors, SaaS License Management is very specific to how people control and use apps within an organization. Before we get into the specific challenges, let’s look at the two main areas of License Management: Tiers and Utilization.
If you’ve ever signed up for a SaaS subscription, you probably know that there are usually several tiers you can choose from, depending on your organization’s needs. These tiers typically fall into the following categories:
Another dimension of SaaS licensing is utilization, or how much an app is used, and how many of those licenses are actually allocated across the organization. Without the proper visibility across SaaS accounts, the question of utilization can often be difficult for IT managers, or even the team leaders themselves, to answer.
When it comes to license allocation, licenses are either used or they’re unused. Taking it a step further, you’ll also want to know if licenses are allocated or unallocated altogether. If there’s an overabundance of unallocated or unused licenses, your organization may be spending significantly more than it needs to on SaaS.
There are many flavors of SaaS licenses out there, but some of the most common pricing models include:
The relationship between apps and people is far more complex than most organizations realize, which can have major, hidden business implications. Much like Facebook’s “Social Graph” for people-to-people relationships, the SaaS Graph illustrates people-to-app relationships and the complexity they can introduce into the organization. SaaS licenses are one dimension of the SaaS Graph, which you can read more about here.
Data from Blissfully’s 2019 SaaS Trends report shows that the typical 200-500 person company uses 123 apps, which doesn’t sound too out of control. But, when you consider the SaaS Graph relationships, it gets much more complicated: the same sized company has an average of 2,700 SaaS Graph relationships. The number of relationships get deeper and more complex as the organization grows: companies with 500-1,000 employees have an astounding 5,671 app-to-people relationships!
Imagine how complicated this gets from a SaaS licensing perspective, as people move between roles, shuffle responsibilities, and new employees come and go. The one thing constant about the SaaS Graph is change, so here are a few key implications you should be aware of for License Management.
In simple terms, Employee Lifecycle Management refers to the steps HR, IT, team leaders and other stakeholders take as an employee joins, progresses within an organization, or as an employee leaves an organization. From a pure SaaS licensing perspective, there are a few key phases of the employee lifecycle that organizations should focus on mastering:
Not all SaaS users look alike. As new team members are on- and offboarded throughout the year, the role of each user can get especially complicated. Without a clear understanding of these roles, organizations could be wasting time on inefficient processes, wasting money, or worse, granting permissions to the wrong people (which could be a big security concern). Here is a suggested list of internal roles to assign to one or more team members, to effectively manage each SaaS subscription.
In 2018, the average company spent $343,000 on SaaS, a whopping 78 percent increase over 2017. In fact, companies spend more per employee on SaaS than on laptops. The average midsized company has 32 different billing owners for SaaS apps, effectively distributing the task of IT budgeting across the entire organization.
With SaaS budgets and the cost-per-employee quickly rising, organizations need to implement an effective License Management strategy. In SaaS-first businesses, it’s difficult, if not impossible, to use a centralized decision making approach to budgeting and License Management, since team leaders often become billing owners themselves.
The most effective way to meet these budgeting challenges is for IT and finance leadership to gain further visibility into the SaaS stack and collaborate directly with team leaders to determine the organization’s needs (an approach we call Collaborative IT). There may be some cases, for example, where longer-term contracts can save the organization money over more flexible licensing options, if teams are going to use a guaranteed number of licenses.
Tracking SaaS renewals can get tricky, especially since they happen at different points throughout the year. While some vendors are great about reminding you about subscription renewals, others just come and go with little fanfare. As a result, many organizations overlook renewals as an opportunity to negotiate pricing and terms, or re-evaluate the team’s needs.
A Collaborative IT approach can help teams keep renewals in check. Consider following this checklist for SaaS vendor renewals:
Data privacy is a crucial consideration, especially for organizations that are beholden to certain compliance regulations like GDPR or HIPAA. However, many organizations that sell to the enterprise also need to be aware of their vendors’ data privacy practices, especially if they’re pursuing compliance certifications like SOC2.
Typically, data within apps exists in three different states:
Without the proper protections in place from both a user and vendor security perspective, sensitive data could be at risk. For example, each user’s connection to an app presents a possible vulnerability, in the absence of strong passwords and/or multi-factor authentication. And in most cases, organizations will want to get documentation into each vendor’s security processes, certifications, and/or attestations during the initial contract or renewal process.
Considering all of the implications described above, it’s easy to understand why SaaS License Management is so difficult for many organizations to wrangle. Between the sheer volume of apps, the number of license types and the amount of decision makers in an organization, many IT teams struggle to gain visibility into exactly what’s in use in the organization, when, and why.
Often, organizations track SaaS licenses in a very ad-hoc or disorganized way. Some individual teams may keep their own spreadsheets, which can be difficult to maintain or gain a collective view across the entire organization. Still others may have no system in place at all. Even if your organization does use spreadsheets, it can still be impossible to get data on the number of licenses available, usage of key subscriptions, and other important information that could determine the course of your budgeting strategy.
Luckily, there are solutions available to serve as a single pane of glass for visibility purposes, and help teams effectively collaborate across all key SaaS stakeholders.
Having the right systems and automation in place will help make some of these SaaS License Management challenges much easier. Instead of depending on ad-hoc processes, automating many rote tasks—such as checking renewals, configuring accounts, or tracking team changes—can save a lot of time and allow the IT team to focus on more strategic tasks.
Solutions like Vendr provide IT, HR, finance, and team leaders with a single pane of glass to gain visibility across all of your SaaS vendors. SaaS management can help manage key License Management workflows including employee on- and off-boarding, team changes, vendor approvals, renewals, app usage, and more.
A system of record provides consistency within ever-changing SaaS organizations, and empower simpler collaboration across stakeholders.
SaaS management solutions allows teams to input new SaaS licenses or import existing ones, and integrates with vendors such as Salesforce and Zendesk to sync key license and user metadata into the system.
When a license is up for renewal, or an employee is onboarded or offboarded, Vendr notifies key stakeholders about required changes or approvals. With Vendr, teams can easily track apps, people, and spend in one place.
SaaS Stack Management
In this guide, we will explain why the employee offboarding process matters so much, how to streamline and improve it by taking a holistic employee lifecycle view, and the positive effects this can have for your organization, especially when it comes to compliance and security.
Ever left a job and still had access to your company email or shared drive months later? Yikes.
Each time an employee exits a business, there’s the potential for something to be left unfinished, presenting dangerous security breaches and potential leaks of company assets.
A solid employee offboarding process is vital for every organization—not only for security but also as a means of respect for each and every employee.
In this guide, we will explain why the employee offboarding process matters so much, how to streamline and improve it by taking a holistic employee lifecycle view, and the positive effects this can have for your organization, especially when it comes to compliance and security.
Employee offboarding is formally separating an employee from their company after resignation, termination, or retirement.
It consists of all steps and workflows that occur when an employee leaves, including:
Good offboarding ensures there are no loose ends or open access when an employee moves on. This way, there is nothing lost, and there are no opportunities for any data or security breach.
Offboarding also gives the exiting employee a chance to provide feedback about his or her role, and for the organization to better understand how to improve its culture and employee experience.
Many businesses are much more invested in onboarding than offboarding, and understandably so. The start of a relationship feels like a more fruitful point to nurture than the end of one. Yet a strong offboarding plan is just as, if not more important than onboarding for several reasons.
Offboarding is a discrete and important process. But it is also part of a larger picture—the employee lifecycle. This spans from long before an employee’s first day until long after the employee leaves.
The benefits in terms of employee productivity, organizational efficiency, and reduced risk are well worth the effort that goes into building a streamlined employee lifecycle. Understanding and planning for the entire employee lifecycle is an excellent way to improve retention, morale, and ROI on new hires.
It also reduces the likelihood that you’ll find yourself at the center of a breach or PR scandal. Having a broader picture of how offboarding fits into the employee lifecycle can help you define processes, plan, and make strategic changes that benefit your entire organization over the long run.
For more on the first part of the complete employee lifecycle, see our guide to employee onboarding. Now, let’s take a deeper look at a framework for streamlining and optimizing your offboarding process.
Effectively offboarding departing employees helps build a culture of security and compliance, and it protects you from liability. But that’s only the beginning of a long list of benefits the offboarding process brings once you part ways with an employee.
People are your company. Employees who stay on board will notice how the offboarding process is handled—and word-of-mouth travels. It can color views of your organization and skew it in a positive or negative direction.
Some of your employees will inevitably be in charge of helping to offboard employees. Developing clear processes will make their jobs easier while emphasizing that you take security and compliance seriously. Research shows that 70% of job candidates look to company reviews before making career decisions. More employee confidence ensures that your reviews showcase a healthy work environment worth joining. To do that, your offboarding process must be both human and empathetic.
Taking a people-first approach has the added benefit of improving your organization’s productivity. A good offboarding process will simplify life for your HR, IT, and leadership teams, and will also protect the company from negative perceptions.
Customer data leaks or security breaches aren’t worth risking—and one of the best ways to avoid this is to develop tightly controlled offboarding processes. According to a recent IBM report, the average cost of a data breach is over $3 million.
A proper offboarding process dramatically decreases the odds that your company will be vulnerable to this type of attack.
You may also need to meet relevant guidelines and regulations for your industry and organization type. For many SaaS-based organizations, SOC 2 must be adhered to at all times. This and many other compliance frameworks require tight controls around access—specifically around offboarding.
Strong adherence to compliance is an important way to win customer trust and show that your business takes its security seriously. Good offboarding is integral to that.
A large part of the employee offboarding process can be automated. However, offboarding still requires a human touch. So parts of the process like exit interviews and gathering feedback are better handled with real-time human interaction.
Yet, for example, the process of access revocation to company data can be automated so it runs in the background while you finalize other aspects of the offboarding workflow.
Here are some key factors to keep in mind when refining your offboarding process. It starts with setting a positive foundation.
Whatever the reasons for the termination of employment, offboarding should always be a positive experience as part of the company’s last impression. You should put in the same effort as you would during onboarding.
Acknowledge your employee’s contributions, and interact positively about their time in the company.
An exit interview is an indispensable part of the employee offboarding process. Many employees may be hesitant to express their unguarded opinion while they’re still with the company to avoid conflict. An exit interview is a moment to get honest feedback.
Incorporate knowledge transfer efficiently.
Don’t wait until team members depart to start the knowledge transfer process. Instead, make it part of their ongoing work responsibilities. That way, they aren’t crunched for time as they finalize their last days with the company.
The single best way to show your existing employees your appreciation is to stay in touch and support them. This might mean asking their permission to contact them through either email or a preferred phone number. If they decline, take note of their decision and proceed accordingly.
With the onset of the great resignation and about a quarter of US employees working from home, remote employee offboarding is necessary. This will look like creating a preliminary setup along with a checklist that includes the revocation of access to sensitive data, monitoring the last few days of employee activity if the departure isn’t on good terms, and conducting virtual exit interviews.
The remote offboarding process stands to gain a lot from a predetermined removal process. Generally, the same steps to removing an in-house employee still apply.
As soon as a departure is finalized, the process should begin in earnest. We’ve created this checklist as a template for your processes. You can personalize it so it fully covers the specific needs of your company.
SaaS management is unique in how it connects all aspects of the offboarding process. Many tools cover one or some aspects of the process—yet SaaS management is built to manage the entire offboarding workflow across all teams and tasks. SaaS management helps you:
Our workflow engine gives businesses a ready-made offboarding checklist, plus a platform to customize and formalize the particular process for the organization, able to be repeated whenever necessary.
When you begin an offboarding process, whether it starts in your HR tool, or email client, your solution generates a list of steps to ensure a complete offboarding, as well as assigning the task to who is responsible. Each team can easily define its own steps, tools, and processes.
Workflows are also automatically recorded and can be easily audited. This means easy documentation for compliance audits, as well as an easy way to investigate any issues by going back and seeing if all steps were successfully completed.
Your system-of-record provides a holistic view of what tools are being used by which department, at what level and through which license. This central source helps teams select and provision those tools to make sure your new hires have everything they need to be productive from day one.
Your SaaS management tool automatically freezes any accounts associated with the offboarded employee, preventing unauthorized data transfer. This can be done through your email or SSO provider, such as Okta.
Your SaaS management solution integrates with your email or SSO provider to allow an offboarding to be initiated in any tool, and it manages the de-provisioning of tools through those platforms as it maintains consistency across all tools in an organization. When using other tools, your SaaS management solution will still track third-party completion.
Your SaaS management solution stores a backup of the offboarded account, along with any associated emails and shared files. This ensures there’s no data loss in the handover and enables you to delete the account to stop paying for the license and keep data to archive long-term.
Your SaaS management solution automatically transfers ownership of SaaS tools and billing, making vendor management more consistent, and ensuring that someone is monitoring spending on tools.
The employee offboarding approach outlined in this guide, when executed with a central platform in place, will make your organization a better place to work as it protects your valuable assets and keeps you from potentially fatal security breaches.