The relationship between apps and people is far more complicated than most organizations realize. Much like Facebook’s “Social Graph” for people-to-people relationships, the SaaS Graph illustrates people-to-app relationships and the complexity they can introduce into the organization. Each SaaS Graph relationship could represent a potential point of security vulnerability or unnecessary efficiency. A new approach to SaaS management can minimize these risks and optimize once-cumbersome workflows. Let’s dive into how.
New data from Vendr shows that the typical 200-500 person company uses 123 apps, which doesn’t sound too unmanageable. But, when you consider the SaaS Graph relationships, it gets much more complicated: the same sized company has an average of 2,700 SaaS Graph relationships. The number of relationships get deeper and more complex as the organization grows: companies with 500-1,000 employees have an astounding 5,671 app-to-people relationships!
The SaaS Graph spans five key dimensions, all of which represent new challenges to stakeholders across the organization. While SaaS has made it much easier for anyone to purchase and deploy new software across teams, these dimensions introduce new, potentially hidden problems and inefficiencies.
Not all SaaS users look alike. The role of each user can get complicated, especially as new team members are onboarded and offboarded throughout the course of a year. Without a clear understanding of these roles, organizations could be wasting time on inefficient processes, wasting money, or worse, granting permissions to the wrong people (which could be a big security concern).
Potential roles within any app include:
Usually teams have either free or paid licenses, which on the surface seems pretty clear-cut. However, paid licenses typically have different tiers, which companies need to track when employees join or leave. Issues also arise when team leaders purchase licenses for software that has redundancy across subscriptions in other teams or departments, or if there’s a good, free alternative.
The frequency of app usage can vary drastically across individuals and teams. Often, apps can go underused or unused for months without anyone in the organization knowing about it. These inefficiencies can add up to major wasted spend.
From a security and compliance perspective, data is the most important dimension of the SaaS graph. Without the proper protections in place, sensitive data could be at risk. For example, each user’s connection presents a possible security vulnerability, in the absence of strong passwords and/or multi-factor authentication.
Typically, data within apps exists in three different states:
Without knowing vendor status, teams could be at risk of wasted spend, or potential security vulnerability (if accounts are left open to unauthorized users or unattended altogether).
A selected vendor might be in any of the following phases within an organization:
Managing the SaaS Graph gets a lot more complicated when you examine the rapid rate of change at most organizations. Our 2019 SaaS Trends report found that 43 percent of the average company’s application stack changed in the last two years. According to data from LinkedIn, that’s more than three times the average employee turnover rate in the tech industry. These two factors taken together mean that the average SaaS Graph relationship changes on a dime, which demands an entirely new approach to SaaS Management.
Since there’s typically no longer a “command-and-control” approach of a centralized IT manager provisioning apps across the company, each dimension in the SaaS Graph needs to be periodically examined. There’s a new set of stakeholders in town, and they each need a seat at the table.
By taking a collaborative IT approach, organizations can bring all of the key stakeholders into the process of SaaS management. Unlike in the command-and-control days, team leaders, finance, HR, operations, security and IT must all be involved in the process to ensure that each SaaS Graph relationship is valid and up-to-date.
While this approach may sound more complex, in reality, it’s a cultural shift that feels natural to most organizations, and is much simpler to maintain in the long run. Each group has a vested interest in sharing responsibility for SaaS apps: whether it’s to gain access to the right apps, balance the budget, or ensure security and compliance. Gathering these teams around a single system of record can ensure that everyone’s getting what they need out of technology in a fast-growing organization.
The latest news, technologies, and resources from our team.
Ryan Neu took the stage of the largest technology conference in the world to share a solution for a problem many of us have faced: how we buy software.