Since the new coronavirus's emergence, painting the town red has become passé, and staying in is now the new cool. With the northern hemisphere now entering spring, many are even starting to grow their own fruit and vegetables. Sports events are cancelled. Logistics are on lock down and isolation is the watchword. Handshakes and fist bumps have been waved away with namastes. We are keeping our distance from each other. And one of the biggest changes has been the rapid increase in working from home.
The world starts working from home
Silicon Valley companies have already begun to show the way. In recent weeks, staff who can work from home are being told to do just that. For example, just a few days ago, Twitter told its 5,000 staff members to work from home, providing their reasons for this decision in their blog:
“We understand that this is an unprecedented step, but these are unprecedented times.”
If you thought that sounded dramatic, think again. It’s becoming the standard. Google, Amazon, Facebook, and several other big tech companies have also taken the same steps to protect their staff in an attempt to react the right way to the pandemic. And the rest of the US business world is set to follow suit. Here Juliet Beauchamp of IDG TECHtalk explains why some companies are faring better than others in the face of a potential global health pandemic.
But this has not come without some teething troubles. Already problems are emerging. Just yesterday, Microsoft’s chat and communications tool, Microsoft Teams, went down across Europe for over two hours. Against the backdrop of the developing epidemic, this latest outage coincided with remote workers around the world attempting to sign in to their service.
Unfortunately, this came hot on the heels of Microsoft forgetting to renew an important SSL security certificate in February - making this the company’s second major outage this year.
There are lessons to be learned. Probably the most important is that these events could well become more commonplace as we continue to distance ourselves from each other. Real-time control and oversight are sorely needed.
How do employers control their SaaS apps?
In short, very few do. Not because it isn’t important. It just hasn’t been important enough - until now. Although working from home is by no means a new concept, it is clear we are still in the early stages of this global experiment. And there are several reasons why IT departments are concerned.
Their main worry is that they cannot track which cloud apps their employees are using. Policies for managing cloud service consumption are lacking, with few security policies and standards in place.
That leaves employees with carte blanche to sign up to whatever cloud apps they can pay for, leaving IT departments back footed and always one step behind.
Then there is the issue of compliance. If the customer provides personally identifiable information that is breached while in the SaaS vendor’s environment, this can leave companies liable under legislation such as SOX, CCPA, HIPAA, GDPR, PCI-DSS and SOC 2.
That's why it is critical to an organization’s success that its CIO understands their SaaS portfolio. The alternative is to risk disseminating sensitive internal data to unvetted vendors.
There are immediate costs to be saved too. With Enterprise SaaS spend growing at a rate of 25% year-on-year, it already ranks as the second biggest expense for many organizations. However, even this outlay would be dwarfed by the expense of any security or compliance breach.
As the SaaS industry has steadily grown over the years, these questions have always been there. But the coronavirus has now escalated matters that perhaps weren’t quite as important before this seismic shift in working activity.
What about SaaS security?
When considering what could go wrong with a remote working culture, Cleanshelf’s developers and IT staff are all agreed. Security takes first place.
Backup and recovery, and the reduced security available on mobile devices are just some of the security challenges enterprises face. But even something as simple as the ability to track and manage cloud-based software like SaaS presents its own particular challenges too. The key problem here is misinformation. On average, enterprises underestimate the number of SaaS apps they own by 50%.
Unfortunately, this lack of visibility, and resulting absence of control, means that CIOs have no reliable SaaS intelligence available. That’s why this part of the cloud has become a growing security challenge for enterprises. And the recent surge in remote working has only accelerated this urgency.
Controlling the remote working paradigm
With a typical enterprise in the US using over 1,000 cloud apps across the organization, and 97% of CIOs unable to see all of their SaaS stacks, the situation is serious. Without visibility, it is clear why security threats have become a major problem.
Last year, the number of cyber attacks continued to rise. In total, 61% of businesses reported a breach – and the average cost per incident has now ballooned into hundreds of thousands of dollars.
Leading commentators often cite third party risk as the main reason for this trend. Now, following a 2020 study from the European Journal of Operational Research, it is clear that improving communication among supply chain partners is the best way to avoid difficulties. And that starts with understanding what software you own and pay for.
Trying to keep pace with your SaaS security is difficult. But it’s important to remember that this race to close loopholes is winnable. Although your employees routinely bypass your IT department, it’s also important to note that they aren’t trying to be difficult. They want to be proactive, improve operations, enhance customer experiences, and push your business forward.
Since there are few obstacles to doing so, they try SaaS, and naturally lose track of their experimentation, licenses and subscriptions. This simply underlines the need for security awareness to be encouraged, and this is an issue finance and technology leaders can escalate.
Cleanshelf: the SaaS management fix for enterprises
Although the problem is riddled with complexity, we prefer to make SaaS management simple. In this spirit, we have broken down our holistic approach into four key steps. Once achieved, the CIO gets back in control.
The path toward SaaS intelligence starts with discovery. It’s far easier said than done but, once you have a system in place that automatically identifies your SaaS services, then life instantly becomes easier. Not only does Cleanshelf help you see every license owned by every employee, you can also fully understand how much you are spending on each SaaS app used. Seeing is believing.
Assessments, or SaaSsessments as they are increasingly becoming known, means measuring your software utilization can begin in earnest! Understanding your risk exposure and immediately seeing exactly where you are wasting your SaaS subscription spend is a critical first step to becoming less wasteful.
Less waste leads to greater optimization. To help you achieve this crucial goal, we use machine learning and AI to understand which of licenses you don't use, under use or should not be using. You will quickly identify all duplicate licenses, overlapping functionality and other examples of waste.
And all of this feeds into the control that CIOs need. Only through a thorough SaaS management tool can enterprises hope to get the visibility, intelligence and actionable insights they require.
Ready to start controlling your enterprise SaaS?
The need to fully understand and oversee our SaaS has always been there but enterprises have been slow to respond. However, with employees increasingly scattered and dislocated, this is slowly changing. And that nagging need to regain control will continue to become more pressing as each day passes.
The parallels with coronavirus are stark. According to the New York Times, our success in managing this threat comes down to how we choose to react.
The explosive spread of coronavirus can be turned to our advantage, two infectious disease experts argue: “But only if we intervene early. That means now.”
A stitch in time saves nine, and the same applies for enterprises looking to regain control of their SaaS management. That's why we're here. To help give CIOs the control and visibility they need to let our remote working culture flourish. It's time to act now.