Introduction
In the ever-evolving landscape of technology, Software as a Service (SaaS) has emerged as the go-to model for businesses of all sizes. Gone are the days when companies had to purchase, install, and maintain bulky software. Now, it’s all about subscriptions, cloud-based services, and—let’s be honest—a smorgasbord of apps that promise to solve every business challenge under the sun.
And while much of that promise is true, an unforeseen consequence has emerged—SaaS sprawl. While cloud apps are easier to adopt and implement, they are also more difficult to detect, manage, and optimize. As a result, a new industry has emerged—SaaS Management Platforms (SMPs).
Here are some data points about the importance of SaaS Management. According to Gartner, by 2027, organizations that fail to find some form of SaaS Management solution for visibility and management will:
- Remain five times more susceptible to a cyber incident or data loss due to misconfiguration.
- Overspend on SaaS by at least 25% due to incorrect and unnecessary entitlements and not rationalizing overlapping tools and instances.
- Related: In our visibility and impact report, we found that 41% of executives report challenges with SaaS spend visibility and optimization.
In the last five years, the market for SaaS Management Platforms has increased significantly as more and more organizations recognize the need to oversee, de-risk, operationalize, and optimize their cloud apps. Today, SMPs are becoming essential for IT professionals trying to keep up with daily work.
However, not all SMPs are cut from the same cloth. Different tools offer different advantages. Top analysts predict that as the market for SMPs continues to fragment, there is an ever-increasing risk that I&O leaders will invest in tools that do not address all their requirements.
With time and continued market fragmentation, the choice of which SMP becomes critical to long-term budgetary, security, and operational efficiency across your SaaS.
The purpose of this guide is to help you navigate this complex buying process, identify priority capabilities for your team, and equip you with the tools to make the best decision possible.
Methods of SaaS Management
Let’s talk strategy. Different tools have different strengths. When considering which SMP is right for you, consider what your primary use case(s) are. Here are the primary approaches that different SMPs take towards optimizing your SaaS stack:
Spending management
These tools are a godsend for those under pressure to trim budgets. Designed with cost-efficiency in mind, they employ automation to optimize license use and identify savings opportunities across your app portfolio. Beyond just monitoring your outlays, they shine a light on hidden “shadow” expenses and allocate them appropriately. This Spend Management approach doesn’t just win over IT—it also earns appreciation from Finance teams by offering crystal-clear spend visibility and robust cost control.
Did you know? 73% of CIOs feel like their company lacks a strategic framework for app rationalization, causing a full 75% of CIOs to consider “wasted SaaS spend” a top threat to long term success.
However, While Spend Management-focused SMPs excel at cost control, they often come with trade-offs that could impact other critical areas. For instance, they often lack other features such as security or employee lifecycle automation. Additionally, they often cater to Finance teams with metrics that may not provide the full picture for IT managers who are looking at long-term strategy and operational efficiency.
Security-Centric
If you’re the type who double, no, triple-checks the locks, this one’s for you. Security-centric platforms prioritize data protection, compliance, and risk mitigation. They heavily rely upon shadow IT detection, risk assessments based on integration access, and ensuring user privilege is strictly enforced.
Did you know? 92% of IT pros believe their organization understands modern cybersecurity threats. However, only 16% believe that their training and education are their primary strength and only 7% have strong confidence in their standard operating procedures.
SaaS Management platforms, while able to contribute to security, struggle to provide a holistic solution. Outside of monitoring and shadow IT discovery, most organizations find that a SaaS Management Platform is not a complete security solution. So, while it is important to have baseline governance and discovery capabilities, Security-centric platforms often struggle against dedicated security solutions (such as cloud access security broker [CASB], security service edge [SSE] and SaaS security posture management [SSPM]).
Vendor Management
Managing multiple vendors can feel like herding cats. This approach aims to streamline vendor relationships, from contract negotiations to performance evaluations. It’s the diplomat in your software stack, keeping all parties in harmony.
Did you know? Only 36% of IT professionals reported collaborating with Procurement teams on surfacing important app data in preparation of contract negotiations.
However, these platforms often focus so much on vendor relations that they may overlook other critical aspects like security, cost management, and employee lifecycle. These tools often provide capabilities ideal for procurement teams but lacking for most IT professionals. They might offer excellent metrics on vendor performance but lack comprehensive data on internal usage or security compliance. For IT managers, this could mean a gap in understanding the full impact of their SaaS portfolio.
Employee Lifecycle
From onboarding to offboarding, this approach manages the employee experience with your SaaS tools. Ensuring your employees have all their apps on day one is just as important as ensuring your IP is secure on their last day. These tools specialize in maintaining the appropriate access privileges based on the user’s status.
Did you know? 59% of IT pros consider offboarding employees from applications a top security threat.
However, while these platforms are great at managing the employee experience, they often fall short in other areas like cost management. Additionally, their metrics are usually employee-centric but lack critical visibility into the utilization of applications during an employee’s tenure. This may not provide a complete picture for IT managers focused on broader operational or financial goals.
While different SMPs might offer different focuses, there is one critical difference that is often overlooked—whether or not the SaaS Management Platform is truly a platform or if it is a closed system with many integrations.
Open Architecture vs. Closed Systems
As the SaaS management industry matures, it’s not just about what these platforms can do today; it’s about what they’ll be able to do tomorrow. Sure, different focuses like Spend Management or Security are important, but let’s zoom out for a moment. The real issue at hand is the architecture of these platforms. Are they open systems that allow for growth and adaptability, or are they closed systems that box you in?
Closed systems often lack API access or frameworks for building custom integrations and apps. They’re like a pre-furnished apartment—what you see is what you get. While they may excel in their specific focus areas, their lack of flexibility can be a significant drawback as your organization evolves. Imagine your needs suddenly change, your security requirements shift, or you try to adopt a new SaaS tool that doesn’t cooperate with your current SMP. With a closed system, you’re stuck trying to fit a square peg into a round hole.
On the flip side, platforms that offer resources for customizing your experience allow you to adapt and grow. They allow you to build custom integrations or even develop bespoke apps tailored to your unique needs. This adaptability can be a game-changer, especially for IT managers who need to think long-term and consider the ever-changing tech landscape.
So, as you evaluate different SaaS Management Platforms, consider whether you want an app to solve a specific problem today or a platform that offers potential for future adaptability.
Critical Capabilities for SaaS Management
Now that we’ve covered the primary approaches let’s talk about the non-negotiables. These are the features that should be on your SMP shopping list, no matter what your primary focus is. Consider this your “must-haves vs. nice-to-haves” cheat sheet.
Must-Haves
Visibility: If you can’t see it, you can’t manage it. Your SMP should offer a comprehensive dashboard that shows all your SaaS subscriptions, usage, and costs. Ensure that your tool has multiple methods of discovery, not just a few, and consider the methods of discovery. For example, does it require a desktop agent or access to emails? Tools like this often compromise endpoint device performance or security measures.
Security Compliance: GDPR, CCPA, SOC2, HIPAA—these aren’t just alphabet soup. They’re regulations your SMP should help you comply with. Ensure your vendor offers the security requirements that matter such as audit logs or security reports, and that they are compliant themselves!
Cost/License Tracking: Knowing what you’re spending and where is crucial. Look for real-time budget tracking and alerts, as well as tools for license utilization rates and automation for reclamation.
User Management: The ability to add or remove users, set permissions, and automate onboarding and offboarding processes, preferably with the ability to schedule events and react to triggers in real time.
Should-Haves
User-Friendly Automation Engine: Most success stories with SMPs depend on custom workflows. If you want to see long-term success, ensure your tool has an automation layout that you will actually enjoy using.
Open Platform Capabilities: The easiest way to know if a system has open platform capabilities is to ask about an integration or action with an external app that the SMP doesn’t currently offer. If the only way to add that action/integration is through their internal product development, then it is a closed system. However, if there is a route to building it yourself, this indicates a more flexible system. Ask about
Integration with Key Systems: If the SMP can play nice with your existing tech stack, that’s a cherry on top. Especially your key workplace apps like your IdP, HR management, etc.
24/7 Support: Because problems don’t always occur between 9 and 5.
Artificial Intelligence: While not essential, AI tools will accelerate the efficiency of IT teams and you’ll want to ensure your vendor is already implementing strategic AI features where they matter most.
Pitfalls to Avoid
Overbuying: Don’t get dazzled by features you don’t need.
Ignoring Scalability: Your SMP should grow with you, not become a bottleneck.
Neglecting User Experience: If it’s not user-friendly, it won’t get used. Simple as that.
Indecisive Approach: High-regret buyers usually start without a clear objective and get caught overanalyzing and delaying the buying process.
Elongating the Process: Longer buying cycles often correlate with higher regret.
How to Select Your SMP
Alright, you’ve got your compass points—now, how do you navigate through the options to find your perfect SMP match? Let’s break it down.
Step 1—Establish Goals: What pushed you to this point? Security breach via an unsanctioned app? Budget KPIs you need to hit yesterday? Are offboarding processes taking too long? Identify the goals, both short-term and long term for your organization.
Step 2—Identify Requirements: These requirements fit into three categories:
- Direction: You need a company committed to continuous improvement in the areas you care about.
- Capabilities: You need a company that delivers on all the technical requirements you need to make the pilot program, purchase, and lifespan of the app a success.
- Reputation: You need a company with a reputation that you are comfortable aligning yourself with.
Step 3—Vendor Shortlist: Based on those key features and goals, evaluate the vendors. Use industry reports to hear from analysts, but also check user reviews from places like G2. Also, use case studies and documentation to validate your evaluation of these vendors.
Step 4—Demo Time: Have vendors walk you through scenarios based on your tech specs. For example, don’t ask if they have a feature, give them a real scenario that you currently face and ask them to demonstrate how to resolve a problem or uncover the data. This will help manage expectations and ensure that you know exactly what you are buying. Debrief with your team post-demo.
Step 5—Decision Matrix: Create a weighted matrix to evaluate vendors. During each debrief, have your team go through and rate the vendors. This will help ensure you have a clear method of remembering which vendor shined in each area. We’ve got a template for you, ready to go. Remember to adjust the weighting based on your goals.
Step 6—Seal the Deal: Whether it’s signing on the dotted line or running a pilot, make sure you test the platform end-to-end based on your unique use case.
Remember, this isn’t one-size-fits-all. Adapt these steps to fit your unique needs.
Secure Buy-in From Other Stakeholders
Depending on your situation, you might need to secure buy-in from different groups within the organization. Navigating the complex maze of gaining approval can be a challenging step when implementing a SaaS Management Platform (SMP). Each department has its unique focus and objectives, which makes securing buy-in a multi-dimensional task.
Here’s how to approach it, broken down by department.
Procurement
Key Points to Address:
Highlight the cost-saving potential of an SMP, particularly in automating license optimization and contract renewal processes. For procurement, emphasize how an SMP can eliminate nasty surprises and give them visibility. Procurement teams are often frustrated by going into negotiations without adequate preparation—talk about how data like license utilization rates will finally give them a leg up in contract renewal discussions.
Starting the Conversation:
Kick-off discussions with a straightforward question: “How can we optimize our current vendor contracts and software licenses for cost-efficiency?” This primes them for the solution you’re about to introduce.
Human Resources
Key Points to Address:
One of HR professional’s greatest concerns is ensuring new hires have the right tools right away. Slow downs can generate a less pleasant first impression with new hires, this friction reduces employee retention. Focus on the efficiency an SMP can bring to employee lifecycle management. Immediate license access on day one—no squabbling or contacting IT for logins. Show how automating access privileges can both expedite the onboarding process and safeguard company data when employees leave. Discuss compliance metrics that are directly relevant to HR responsibilities.
Starting the Conversation:
Initiate dialogue by identifying mutual challenges in employee onboarding and offboarding, such as, “How can we ensure that new hires have immediate access to the tools they need?”
Security/Compliance
Key Points to Address:
Underline the security and compliance features inherent in an SMP. Talk about shadow IT detection, risk assessments based on app integrations, and the automated enforcement of user privileges. Highlight how an SMP complements existing security measures by adding another layer of defense and visibility, helping the organization maintain compliance with data protection laws.
Starting the Conversation:
At the heart of an SMP’s security offering is visibility, especially over shadow IT. Start the conversation there, “What measures do we currently have in place to ensure employees only use sanctioned applications?”
Finance
Key Points to Address:
Speak to the Finance team’s bottom-line orientation by demonstrating the cost efficiencies that an SMP can deliver. Elaborate on features like automated expense allocation, chargebacks, and license optimization, which directly contribute to more effective budget management. Use metrics to show how these efficiencies translate to dollars saved, making sure to relate this back to overall business objectives.
Starting the Conversation:
Get the ball rolling by focusing on a shared concern: “How effective are we in tracking our SaaS spend against ROI?”
C-Suite
Key Points to Address:
Here, the focus should be on the strategic alignment between an SMP and the company’s long-term goals. C-Suite is typically concerned about SaaS in two specific ways—security and spending. Discuss how risk mitigation measures in the SMP can safeguard company data and assets and how the SMP also provides increased spend visibility, including a better understanding of the utilization rate (value) and expense of the app.
- 75% of CIOs believe that wasted SaaS Spend is a top threat to their organization’s long-term success, and 73% do not believe their organization has a strategic framework for app rationalization and license usage.
Starting the Conversation:
Start high-level, asking something like, “Are we fully aware of the long-term operational risks associated with our current SaaS usage?”
Common Thread: Data-Driven Insights That Relate
Regardless of the department, data and relevance are your greatest assets for securing buy-in. Real, actionable data that directly pertain to their specific pain not only gives weight to your argument but also offers each department specific insights into how an SMP can solve its unique challenges. Whether it’s a detailed cost analysis for Procurement, compliance rates for HR, or risk assessment metrics for the C-suite, data bridges the gap between the SMP’s capabilities and each department’s needs.
By tailoring your approach and speaking directly to the unique needs and languages of each department, you stand a much better chance of securing the cross-organizational buy-in needed to successfully implement an SMP.
Decision Matrix Template
A decision matrix is a simple but useful tool to help you maintain focus throughout the vendor evaluation period.
Simply create your list of criteria. Assign a weight to each criterion (for the easiest calculation, the total of all the weights should equal 100%), and then score each vendor on a scale of 1-10.
Tip: You might want to include a disqualification threshold for different criteria. For example, “vendors must have at least a 4/10 in App Discovery.”
When it’s time to calculate the final score, you can use the formula =AVERAGE.WEIGHTED in Google Sheets or Excel to get a weighted average of each vendor based on your evaluation criteria.
Here’s a sample decision-making matrix:
| Criteria | Weight | Vendor A | Vendor B | Vendor C |
| App Discovery | 15% | 7 | 9 | 6 |
| Automation | 20% | 8 | 7 | 9 |
| Cost-Savings | 10% | 9 | 8 | 7 |
| Time to ROI | 5% | 4 | 6 | 8 |
| Leadership | 15% | 8 | 9 | 6 |
| Integration | 10% | 7 | 9 | 8 |
| Support Team | 10% | 6 | 9 | 7 |
| Future Vision | 15% | 2 | 8 | 4 |
| Total Score | 6.6 | 8.2 | 6.8 |
More to Consider: Integration Capabilities
So, you’ve got your eye on an SMP. But wait, how well does it play with others? Integration capabilities are the unsung heroes of effective SaaS management. If you want a platform and not just another tool, it is essential that your SMP be able to augment and improve your work across multiple tools.
Importance and Benefits
Integrations aren’t just a nice-to-have; they’re a must. A well-integrated SMP can talk to your HR system, your accounting software, your IdP, and more. This is where the future of SaaS Management is made, it’s not just about collecting data but about the capabilities to take action with those insights.
Ultimately, saves time, reduces errors, and makes life easier for everyone involved.
Depth vs. Breadth
Integrations can vary tremendously in terms of efficacy. You can think of it like breadth vs depth. Many vendors will provide a massive list of integrations, but the majority of those tools only pull data. While this is good, it can offer a false sense of coverage. Other vendors will focus more on providing depth, meaning powerful capabilities with core apps. Again, this is a balance because you will want the right amount of coverage and usefulness.
Make sure to ask not just if the integration exists but also what the integration does.
So, when you’re evaluating an SMP, don’t just look at what it can do—look at what it can do in concert with your existing tools. Because in the orchestra of your organization, the SMP isn’t just a player; it’s the conductor.
Security Considerations
As mentioned previously, SaaS Management Platforms are not generally security experts, but they can provide significant coverage and added visibility for your security team! If you want to double down on security, here are some important capabilities that your SMP should include:
Discovery as Key
Your first line of defense is knowing what you have. An effective SMP should be able to discover and catalog all SaaS applications in use, authorized or not. It’s like a security camera for your software; if it’s in your network, you should know about it. Ensure that the tool uses multiple methods of discovery and that those methods do not undermine your existing security.
Data Access Control:
When evaluating a SaaS Management Platform (SMP) for your organization, understanding its security capabilities is crucial. Here’s what to look for:
Gathering Control Data
You need to collect proof of control data essential for compliance audits, like SOC 2.
Onboarding New Employees
Ensure you are able to automate the onboarding process to ensure that the team is alerted, appropriate access is provisioned, they are assigned to the correct user group, and they automatically receive all the procedural checklists and policy guidelines.
Annual Access Review
Gain real-time visibility into user activity and access rights for your crucial applications. This should allow you to streamline user management by removing outdated access, adjusting admin privileges as needed, and issuing alerts for unauthorized or risky application use.
Offboarding Terminated Employees
Look for automated offboarding capabilities that take care of multiple tasks at once: sending automated alerts to remove the employee from all applications and providing real-time reporting and auditing of the entire offboarding process.
Vendor Management
Opt for comprehensive vendor management features that store all relevant details like contracts, contacts, and use cases. The system should also notify you of upcoming renewals and have archiving capabilities for audit and historical reference.
Confidentiality Agreements with Vendors
The platform should enable you to store and manage all confidentiality documents, such as NDAs and DPAs, at the application level, ensuring that vendor relationships adhere to your organization’s confidentiality standards.
Keeping an Audit Trail
Invest in a platform that includes robust audit capabilities. This should cover onboarding and offboarding actions, application discovery, document storage, and change logs to make auditing a breeze rather than a battle.
Storing Data for Easy Use and Discovery
Your chosen SMP should act as a centralized repository for all SaaS applications, becoming the Source of Truth across your organization and increasing operational visibility.
Planning for the Next Annual Review
Ensure your SMP has tools for efficient data collection, maintenance, and sharing, enabling you to prepare for periodic reviews like SOC 2 with the least amount of friction.
By focusing on these requirements, you’ll set the stage for a SaaS Management Platform that aligns with your security objectives rather than just checking off boxes. Choose wisely to establish a foundation for ongoing success.
Understanding Pricing Models
Pricing models can vary. Here’s how to make sense of it all.
Common Pricing Models
- Per User – This is a straightforward headcount scenario. The more users, the higher the cost. Ideal for businesses with a fixed employee count where scaling isn’t an immediate concern.
- Feature-Based – Think à la carte. You pick features. The more you pick, the higher your cost.
- Tiered – Here’s your hybrid model and, by far the most common across SMPs, a combination of user and feature-based pricing. Tiers often come in attractive packages like “Basic,” “Pro,” and “Enterprise,” each adding a layer of complexity, capability and cost.
- Usage-Based – Less common but increasingly popular, this model charges based on actual usage stats. If your organization’s application use fluctuates, this could be a cost-effective route.
- Flat-Rate – One price for all you can eat. Simple, but ensure the offering aligns well with your specific needs; otherwise, you might pay for services you never use.
Factors Influencing Cost: The Add-ons and Ifs
Scalability
The ability of the platform to expand its capacity as you grow is invaluable. But remember, extra seats at the table aren’t free.
Customization
Does the platform allow you to move the furniture around? Tailoring to fit your unique needs is usually a premium service. Involve stakeholders to determine what’s a need-to-have versus nice-to-have.
Support and Training
Ah, the concierge service of the software world. Some SMPs provide basic support within the initial pricing, but the white-glove variety? That’s often an extra line item.
Data Storage
Big data comes with its own price tag. The more data you need to store, the steeper the potential costs. Plan your storage needs meticulously.
Integration Costs
The SMP has to fit into your existing ecosystem, which could involve third-party apps and APIs. Sometimes this seamless fit requires a bit of tailoring, adding to your overall investment.
Always Consider the Total Cost of Ownership (TCO)
When sizing up the pricing models, think marathon, not sprint. TCO includes not just the immediate costs but also long-term investments like scaling, support, and potential add-ons like advanced analytics or enhanced security features.
Implementation and Support
You’ve made the savvy choice, toasted to the future, and now it’s time for the operational magic to happen. Implementation and ongoing support are the pivotal stages that transition you from decision to action.
The Typical Process
Initial Setup
First impressions matter, even for software. Here is where you ensure your SMP integrates seamlessly with your existing infrastructure. You’re setting permissions, configuring workflows, and building the stage for all subsequent acts.
Discovery System Implementation
Once you’ve got the basics squared away, your next job is to enable the discovery system. This is your SMP’s eye in the sky, collecting data about application usage, license renewals, and much more. It’s the reconnaissance phase where you arm yourself with valuable intel.
Data Migration
Old systems might hold crucial data. Transferring this without loss of integrity or security is paramount. You’ll be moving configurations, user data, and perhaps years of accumulated knowledge. Your SaaS Management Platform should become your SaaS System of Record.
Adding Expense Data
Import expense data to set up for monitoring, analysis, and ultimately, cost-saving strategies. Make sure your finance team is involved at this juncture; their input is invaluable.
Uploading Contract Information
Contracts hold not just legal protection but also critical data. Ensure that both are safely uploaded within your SMP. This helps to track renewals, ensure compliance, and negotiate future deals. Remember, legal oversight is key here.
User Training
A tool is only as good as the craftsman who wields it. Staff training ensures your team is empowered to make the most of the new system. This includes not just navigating the platform but also understanding its strategic applications.
Conclusion
You’ve made it to the end of this guide, and if you’ve been taking notes, you’re now armed with a wealth of knowledge to make an informed SMP choice. But remember, knowledge isn’t just power; it’s a tool. And like any tool, it’s only as good as the hands that wield it.
So, what’s next? Take this information, apply it to your unique situation, and start the journey toward better SaaS management. Whether you’re an IT manager looking to tighten the ship or a director aiming for strategic growth, the right SMP can be a game-changer.
Final Thoughts
Know Your Needs: Different strokes for different folks—or, in this case, different SMPs for different needs.
Do Your Homework: Research, compare, and then research some more. Your due diligence will pay off.
Think Long-Term: Your choice of an SMP isn’t just for today; it’s a long-term relationship. Choose wisely.
The landscape is ever-changing, and staying updated is key. So, keep learning, keep adapting, and most importantly, keep pushing the boundaries of what your SaaS stack can do for you.
