Flexera logo
Image: SaaS Platform Management

SaaS platform management: what you don’t know will cost you

Managing SaaS products for your company might seem like a straightforward prospect – at first. As the overall decision-maker, maybe you start out with a simple evaluation process to determine business needs, associated costs, and risk. Once each department goes through the motions and determines the SaaS platforms that tick all the boxes, the process concludes. End of story, right?

Not so fast. Even with a robust evaluation process, there are still factors that can slip through the cracks, causing significant damage to your budget or corporate risk profile. At Flexera, we’ve been in your shoes and learned the hard way, through the purchase of countless SaaS applications. Here are just a few of the SaaS surprises we found after the contract was already signed.

Total per-vendor SaaS costs are difficult to evaluate.

In the early days of cloud platforms, SaaS products were pretty basic – and so was the pricing. Most SaaS platforms were priced based on the number of users or the volume of usage. Complexity in pricing was generally limited to pricing tiers – i.e., if you buy 10-50 users the price is X, and when you move up to 51-75 users, the price jumps to Y.

That level of complexity still exists, but now there are some additional layers that make it hard to understand and manage costs. Take Salesforce, for example. Businesses can purchase several different types of licenses – mainly partial or full licenses, depending on the Salesforce capabilities they need.

But it doesn’t stop there. With the addition of the AppExchange, users can bolt on extra apps to their original Salesforce license – for a fee, of course. And apps on the AppExchange can quickly drive spending out of control. Imagine that you’ve signed a Salesforce contract for 100 users at $120/user. With add-ons in the AppExchange, your per-user price goes from $120/user to $1,200/user. And to top that off, you’re not sure who needs (and who is using) which apps on the AppExchange.

Related: How to Get the Most Out of Salesforce Using SaaS Management Practices

And Salesforce isn’t alone here. Office 365 offers three tiers for enterprises – E1, E3, and E5. They don’t look terribly different at the outset, but they have some hidden complexities. The E1 tier covers web-only versions of a select group of Microsoft Office applications, but it has a lot of the same features as the E3 tier. And the E5 tier’s differentiating features seem to be business intelligence, higher threat detection, and a calling plan for domestic and international calls.

How do you evaluate who can manage with web-only Microsoft Office applications, and who has a verified need for desktop applications? And now you have a calling plan added to the mix, when you’re already paying for phone lines. What’s the added benefit there, and is it worth the extra cost? If you’re negotiating a contract for 2,000 users for example, the difference between E1 ($8.00/user/month) and E3 ($20.00/user/month) can more than halve (or double) your costs.

Security gaps multiply with specific types of SaaS.

When you evaluate SaaS vendors’ security practices, you’re probably looking for a standard set of protocols – how they store and protect your data, mainly. In addition, you’re reviewing their privacy policy, incident response plans and notification procedures, and any third-party certifications they have.

Related: Understand these security protocols when evaluating SaaS

What you might not have considered is this: with the explosion of new types of SaaS platforms, there are a plethora of new risk areas. Many of these risks can be triggered by employee actions.

Think about Slack, or any other SaaS-based collaboration and chat tools you use. Your employees use it to communicate with each other, share files, create groups, etc. And those employees are increasingly working with contractors. What better way for them to easily communicate with those contractors than by adding them to Slack?

Those additional accounts are free with your contract, but remember – those users have access to all the same conversations in Slack as your employees. Let’s say your CEO posts some information to Slack about your public company’s earnings, which haven’t been released yet. A contractor finds this information on Slack, goes out and shorts the stock, and boom – you’ve got a situation on your hands.

Dropbox and Box have similar issues. Maybe your company has a contract with Dropbox for 10 accounts, but the enterprise license is more expensive. So you let other employees purchase and expense personal licenses for Dropbox. What happens when that personal license (with your confidential corporate data) gets compromised?

Businesses must protect themselves in our changing SaaS landscape.

It’s no longer as easy as just choosing a set number of licenses, or assuming the risks are covered in SaaS vendor security procedures. As SaaS complexity grows, opportunities for exponential costs and risk-related missteps increase.

Want to learn how Flexera SaaS Manager can help identify unnecessary spend and target high-risk areas? Contact us for a demo today.