Snow Software Survey Identifies SaaS Management Struggles

IT leaders want more insight on generative AI risks as they struggle with overall SaaS management.

Sean Michael Kerner, Contributor

August 25, 2023

4 Min Read
SaaS button amid locks
Alamy

A new report from Snow Software suggests IT leaders are seeking more guidance on managing risks associated with generative AI tools like ChatGPT, even as they continue to grapple with longstanding challenges securing and optimizing software-as-a-service (SaaS) applications.

The Snow Software SaaS Management Survey of 1,000 IT leaders found 96% remain confident in their SaaS security posture overall. However, 23% called out generative AI apps as their top SaaS security worry.

The data implies IT teams harbor anxieties about potential dangers from their collective apps, with 40% worried about data protection and privacy despite most having extensive security tools. There also appears to be some confusion over who's accountable for purchasing and managing SaaS apps, with IT asset management (ITAM)/software asset management (SAM) teams and CIOs most often cited.

list of SaaS management challenges

Snow

Meanwhile, controlling SaaS spending remains a pressing worry, though 90% expressed confidence they could identify savings.

"It's interesting that 96% of IT leaders reported they felt confident or very confident about their organization's SaaS security measures," Becky Trevino, executive vice president of Product at Snow Software, told ITPro Today.

SaaS Visibility and Management Remain Key Challenges

Related:Best Practices for Companies Struggling With SaaS Management

Although the vast majority of organizations are confident in how SaaS is handled, that confidence could well be misplaced.

What Snow Software has found when it runs its SaaS management solution in a new environment is that nearly all IT leaders are shocked by the number of SaaS applications they didn't know were in use in the organization, according to Trevino. That reality would seem to indicate a severe visibility gap between what IT knows is running and what end users are consuming, she said.

"In future years, this visibility gap is going to present a higher risk for IT than it ever has before," she said.

Generative AI Is Compounding Security Concerns

The rise of generative AI with ChatGPT is a top-of-mind concern for respondents to the Snow Software SaaS Management Survey. The data shows 23% of IT leaders view generative AI applications as the top security threat among SaaS apps. This outpaces concerns over other technologies like open source or file sharing. More than half of respondents also indicated alarm if a vendor used generative AI without informing them.

While IT leaders in last year's Snow SaaS survey had general SaaS security concerns, generative AI has emerged as the main driver of uncertainty in 2023. The unknown risks posed by generative AI are causing substantial anxiety, more so than other innovations.

SaaS Shadow IT and Cloud Accountability Risk

A key observation in the Snow Software report is that there isn't clear consensus on accountability overall for SaaS.

Trevino pulled quote

Trevino-Snow

Trevino noted that most organizations lack a single owner for SaaS management in the organization. This responsibility is typically delegated to individual business units and/or heads of operations within functional units. In these scenarios, IT organizations typically manage the larger applications, such as Salesforce or Microsoft 365.

"In our view, the CIO is the one person in an organization accountable for all SaaS usage and spend regardless of where the application is used or procured," she said. "The reason we think this way is that the CEO and the board need their own person in the organization responsible for the safe use of technology, and that responsibility falls under the CIO."

Trevino emphasized that CIOs who do not take an active role managing SaaS — even if the spend sits in the business units — are failing their role. Snow Software's recommendation is that the IT department identify a group in its organization, whether that be IT asset management or FinOps, to take ownership of SaaS management. That group should then manage governance in partnership with finance, procurement, and individual business units or operational heads of business.

How to Better Manage SaaS Cloud Spend

Organizations also continue to face challenges when it comes to controlling SaaS spending. Part of the challenge stems from a lack of visibility.

"There's an old saying in IT: You can't manage what you can't see," Trevino said. "The first step is to define an owner and quickly after that is to get visibility of what SaaS is running in the environment both in terms of spend and actual usage."

According to Trevino, there are many SaaS freeloaders in an organization. These are the people who use up a license but rarely use the application. IT needs to have tooling in place to discover SaaS applications, measure usage, and optimize spend.

"With this tooling in place, IT leaders can rein in SaaS sprawl to better manage costs and also identify the hidden risks from SaaS sprawl and usage of generative AI tools like ChatGPT," she said.

About the Author

Sean Michael Kerner

Contributor

Sean Michael Kerner is an IT consultant, technology enthusiast and tinkerer. He consults to industry and media organizations on technology issues.

https://www.linkedin.com/in/seanmkerner/

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like