A Day in the Life: Operationalizing SaaS Management

Terra Ickes: Hi, and welcome to the session A Day in the Life: Operationalizing SaaS Management. My name is Terra Ickes and I'll be leading the session today. I'm on the solutions consulting team here at Zylo. What we'll cover as part of this session is why it's so difficult to manage SaaS today and how those challenges really impact a day in the life for those key stakeholders that are involved in the management of SaaS like IT and procurement as examples. And then finally, we'll talk about what operationalizing SaaS management looks like for those stakeholders and how it helps them better manage and optimize their SaaS portfolio.

Terra Ickes: So why is SaaS so hard to manage today? SaaS management for many companies is fractured. There's a lot of decentralized purchasing and general proliferation of SaaS orgs. And SaaS is purchased in a couple of different ways commonly. The first, there's a request for an application. It goes through a procurement CLM or other type of intake process. And then that application spend is recorded in something like an AP solution. So you've added an application to your stack. Oftentimes this is the process for the really key and kind of notable apps like Salesforce or AWS or Zoom. And so you've got a manual source of truth where you understand to the best of your ability what those applications are. But SaaS is also purchased in a decentralized way. It could be through a business unit or a department and a user that expense is an app that they're also looking to help solve a business problem that they have. These purchases go through a more traditional expense solution, but because of the way they may be categorized or the low amount that that application may cost, those don't always make it onto the spreadsheet, so you've got applications that are part of that manual source of truth, but then others that exist in the organization and are used by teams but not part of that SaaS source of truth that you've tried to create. Now, regardless of whether the app goes through AP or expense, one thing is for certain, all of the critical data like contract, usage, spend data, ownership data, that is all siloed as soon as you purchase that application.

Terra Ickes: So while you've established this manual right spreadsheet, let's say to track to the best of your ability what that SaaS stack looks like, your organization is dynamic. People leave, people change applications, they move departments. Application owners move to different departments and new tools are also purchased to meet different business needs. So a manual source of truth cannot keep up with the dynamic nature of your SaaS portfolio and how it changes to meet the needs of your business. Now, when we think about those challenges that result from that manual kind of approach to managing a really dynamic SaaS environment, this hits all employees, departments and budgets, and the management of SaaS has to scale across the department to optimize. That includes especially roles like IT procurement, but also finance and security as well. Now because of those silos around those disparate kind of systems and data sources that we talked about, the key folks charged with managing SaaS applications are constantly surfaced with challenges that prevent them from really hitting their both personal goals, but also the broad organizational goals. For example, OPEX reduction.

Terra Ickes: The first thing that we'll discuss here in terms of a day in the life in current state is around managing renewals. And we'll focus on a procurement persona, Wendy, in this case specifically as part of this kind of walkthrough. Now, Wendy is... She's going to renew an application. There are a number of questions she asks herself as she says, " How do I make the most out of this renewal and hit my goal of driving value through things like cost savings and consolidation of vendors?" One of the first things that Wendy needs to know is, " What do I even need to renew?" This is where her manual spreadsheet comes in. She thinks she's got a pretty good understanding of those 15 apps, let's say this month, and Zoom is a big one that she knows is coming up. So we'll use that as our example here.

Terra Ickes: So Wendy thinks she knows what a priority for renewal is. She tackles Zoom. Generally, the next thing she knows she needs to solve for is throughout this process she needs to maximize value. She's just gotten an email from Zoom, they're going to increase her price, but they've said if she adds a few more licenses, they can work with her on it. Either way, Wendy's not sure of what a right license count looks like and kind of where they're at with usage, so she knows she needs to engage the app owner. Now, Wendy does not have this in her spreadsheet, so she spends a lot of time trying to track down who the application owner is, talks to a handful of folks. She finally finds him, it's Steve. Her colleague who owns the Zoom application. Wendy gets with Steve and says, " Who's using this and how are they using it? I'm trying to renew this application. I need to know what that actual user count is based on what that utilization looks like." Steve is not sure how to get that data. He's never looked at it before and he says, " We're actually also adding headcount. Maybe you should just increase the users. It's better safe than sorry."

Terra Ickes: Now, Wendy, along this journey, she doesn't have a great idea now in terms of usage, but she's also trying to figure out what's a fair price to pay. With only the new price offered by Zoom in hand and no other data points to really go off of, time is running out and Wendy just decides, " I'm just going to renew for these additional users." Steve said the team's growing and I'm going to avoid that per license increase by adding those additional folks. Wendy ends this process with thinking to herself, " How can I scale my efforts? I just wasted a lot of time trying to get really basic data to make this business decision, and I still think that I left money on the table." Ultimately, the results when we look at this manual process without the operationalization in the middle, it's time- consuming, it's inefficient. She was not able to do any license optimization based on rich utilization data about how folks were actually using Zoom. The contract value ended up going up, so not any cost savings to report. And all of this time she has no idea if there's other similar apps in the organization to compare to Zoom or figure out which one should be the best application to use in the org. And then ultimately, as Wendy does this once and realizes she has 14 more, she knows this is unscalable and she's not going to be able to certainly increase her procurement coverage as she continues down this manual road. So we just looked at procurement there.

Terra Ickes: Let's dig into what this looks like for someone in the IT side of the business, from a shadow IT perspective. We'll use John as our example. We're going to talk through Asana as an application entering the organization. John also has questions that if he has answers to, he can maximize the way that he does his job, hit those personal goals, which is really managing systems and applications at scale, managing to his IT budget and this governance around generally apps that come on board/ off board and the license optimization around that. So as part of that governance, John wants to know how he can standardize apps for employees. But with the limited visibility that he has also working off of that spreadsheet that he shares with Wendy, he doesn't really know their true SaaS inventory outside of those key apps that they've tried to track. And because of that, he has a lot of difficulty enforcing that app standardization. He'd also really love visibility into how business units, what they're buying, but decentralized purchasing happens across all of their departments and it creates shadow IT and redundancy that he can't seem wrap his arms around. Now, not only are business units important in terms of those approved purchases, but what are users actually buying? And that's where we start to dig into the shadow IT use case.

Terra Ickes: In John's example, he doesn't know, but a marketing manager expenses Asana, they're trying to buy a project management tool for their team to meet those needs. They categorize it as office supplies and that cost being low and miscategorized trigger any InfoSec review that would maybe get John or finance's attention. Now, John cares when he looks at that governance around the app stack if an app has gone through InfoSec, but in this case, Asana certainly didn't. And as users continued to be added, there is no InfoSec review that's happened and no visibility into what the security posture of that app is. For example, is it SOC 2 compliant?

Terra Ickes: Now, ultimately, John hopes to reduce risk. And here when we think about the proliferation of Asana in the organization, the exact opposite is happening, right? Usage is increasing, additional users are being added, and financial waste is happening because users are using an application that has never been budgeted for within the organization. And then ultimately, big picture of governance, one of John's goals is to really improve that, but he can tell right away when a shadow IT use case happens, Asana is an example, because a couple months after it enters the organization, new employees that have just started the company reach out to John and say, " Hey, can I have access to Asana?" First he's ever heard of it. And simultaneously, Asana's reaching out and saying, " Hey, we see you've got a couple dozen licenses. We'd love to move you in into an enterprise agreement."

Terra Ickes: So the opposite of that governance that he's looking for in this kind of manual reactive state in dealing with shadow IT. The result that ungoverned spent, this shadow IT and this expense on Asana as an example, redundancy in the organization exists. Little does the marketing manager know, Wrike already exists as part of the company's approved applications and it had available licenses. Compromised compliance. The app didn't go through InfoSec and it doesn't necessarily meet the security requirements, which introduces that increased risk both from security and financial perspective. And then ultimately, when they've got Wrike as the approved application that exists in the org, John wants to maximize the adoption of that and the value that's created through that application. He's not doing so or able to because those folks have chose Asana unknowingly instead.

Terra Ickes: So with the idea that there is a path forward to operationalized SaaS management, let's talk about what that could look like especially through the lens of those two personas. First, we've got to think about removing those data silos. So instead of a user going straight to purchase, whether it be through an AP solution or expense solution, what if they had a catalog like Zylo app catalog to look at the applications that exist in their organization first. The example there being Wrike. Wrike already exists and that user expensed Asana. Now with the idea that employees are still going to need new applications, there's going to be new business problems that come up, there's still that application request intake and purchase process that exists where applications are added to the portfolio within an organization. They'll also still enter through expense for the same reason. But what if instead of those really key data sources like contract data, the spend associated with the app, the usage, instead of those being immediately siloed, what if they were captured as part of a continual source of truth related to that full comprehensive SaaS inventory? And how would that change the way that this IT persona and procurement persona operate as part of their day- to- day?

Terra Ickes: Let's take a look at how that impacts first procurement when we think about a more proactive approach to renewal management through that single source of truth. And we'll use the exact same example of Zoom here. So Wendy, same question, she needs to know what she renews. Rather than referencing a manual spreadsheet, Wendy has a renewal calendar now that she's built in Zylo specifically around the apps that she owns, and she gets alerts for any renewals coming up, Zoom being one of them. So she's prepared 90 days in advance. Of course, the same way that she felt about it in the manual world. She wants to maximize value. Zoom is still going to offer her that price increase or the increase of licenses and she's got to talk to the app owner. But unlike last time, Wendy doesn't have to spend days, hours tracking down the app owner, Steve. It is part of the app information stored right in Zylo as part of that application overview for Zoom. Wendy needs to know as part of this, just as she approaches that renewal, how users are actually using the app. In this case, she and Steve both have access to this utilization data. And Zylo actually recommends through insights that over 200 licenses are inactive and there's 50 that can be downgraded because they're not using the full feature set of a more expensive license type. Wendy and Steve agree to deprovision, most of those users leaving space for those new folks that Steve said are joining the org, and they set up a workflow in Zylo to kick off that communication to start to remove those users in advance of renewal.

Terra Ickes: So Wendy feels a whole lot better at this point about what she needs to renew for in terms of licenses both number and type to maximize the value as part of that renewal. But now she wants to know what a fair price is to pay. She checks out Zylo benchmark data to gauge what that skew cost should be and what the average is, but she can also see they have similar applications in their stack. They have MS Teams. Using both of those pieces of information, she's able to negotiate 10% off the average along with less licenses because she did that optimization exercise. Now very different from last time, Wendy says, " How can I scale these efforts with this key ownership, usage, contract, and spend data in one single source of truth?" Wendy can renew every time with confidence and ease. Now, the results of this, rather than reactive are more proactive strategic renewal process, the ability to do license optimization at scale and when it really matters, which is right before that renewal. Visibility into redundant or similar applications, MS Teams is an example, to help influence and give context to that decision. And then ultimately, she was able to drive a price decrease via that benchmarking data that helped her understand what an average SKU cost should be based on best based on their needs.

Terra Ickes: Pivoting over to IT, rather than just dealing with it reactively, a day in the life with an operationalized SaaS management practice is shadow IT governance. Now, John wants to standardize those apps. This time he has that app catalog where all of the applications for an employee that are approved are available as a storefront for folks to navigate. Now, if we said, Emily, the marketing manager didn't buy an app here, the story would stop. So we're going to let her buy one with the idea that that still happens sometimes. So Emily's going to purchase Asana. Now John, he didn't used to have that visibility into what business units we're buying, but now he sees everything whether it's coming through AP or expense. And when that expense comes through because Emily purchases Asana, he's immediately receiving an alert from Zylo that says, "Hey, we've detected a new application has been purchased through expense." So rather than the months that he waited before to figure out by surprise that they had Asana in the organization, John knows right away and can tackle that.

Terra Ickes: The first thing he does is see if the app meets compliance standards, hops in to Zylo app has not gone through InfoSec and he quickly reviews the security posture, what is it compliant with SOC 2 for example, to gauge his risk and how quickly he should deal with this app. To reduce that risk, he reaches out to Emily says, " Hey, I know you just joined the organization recently. You might not know we already have an approved application for project management and it's right. And I can see in Zylo we have licenses available. I'm happy to give you access to that."

Terra Ickes: So we've got the ability for John now to really optimize and create governance around this process. John reminds Emily of that app catalog and she can easily from now on request access to applications that she needs access to as part of her role and the challenges that she needs to solve for. So the result in this case, there's a standardization of apps through that app catalog, a storefront for employees to find applications that solve their problems before making a decision to purchase, the visibility into shadow IT or decentralized purchasing when it does happen through that AP and expense, continual discovery, increased compliance with the results of immediately knowing about an application and the ability to understand if it went through InfoSec. And then of course, improved governance and overall reduced risk from a financial perspective but also from an application governance perspective.

Terra Ickes: Now, when we think about SaaS operationalization, continual discovery and a single source of truth with all key data sources is really what unlocks this SaaS operationalization and the ability to manage and optimize. This includes license optimization. Those insights that we saw on the ability through a single pane of glass to help your team optimize and drive utilization across the SaaS stack, but also cost savings and avoidance opportunity. We saw with Wendy as part of her procurement exercise, her license optimization effort and the ability to understand that they had similar and underutilized app in Zoom allowed her to capitalize on an opportunity to maximize their savings at renewal and ultimately reduce OpEx. Excuse me. And then of course, governance and risk mitigation. The visibility into shadow IT and the ability to truly reduce risk and make sure that they're compliant from an application perspective really helped John in his day in the life moving from more of a reactive state to proactive when it comes to managing shadow IT. And that wraps up our session today on Day in the Life: Operationalizing SaaS Management. Thank you everyone for joining. Enjoy the rest of SaaSMe.