When I accepted my job at BetterCloud earlier this year, my wife asked me one question: What is SaaSOps? I knew the answer, but didn’t do a great job of explaining it at first.
“It’s the same idea as DevOps, but for IT pros,” I said. “Or at least I think that’s what it is.”
As I read more about SaaSOps (short for SaaS operations), to give her a better idea of what my new employer does, I learned two things.
First, there’s a really obvious need for a set of processes and skills to manage a SaaS environment, especially since every organization uses so many of them. But also, it’s really interesting to look back at the series of events that got us to where we are today: A world in which SaaS operations is not just a luxury, but a necessity for any company that uses SaaS.
Let’s take a look at the brief, but insanely interesting history of SaaSOps. We’ll explore just how rapidly SaaS became a driver of innovation, the external threats against it, and how the benefits of SaaS helped IT discover a need for a more centralized way to manage all of the products its employees use in this latest installment of SaaSOps 101.
Editor’s note: This post originally appeared on Onix’s blog. You can read the original post here.
The Rapidly Accelerating Popularity of SaaS
It’s hard to imagine now, but things haven’t always been this way.
When I started my career in 2009, most applications I used for work were installed locally on my computer (If you’re curious, I’m pretty sure that machine was a Dell Optiplex 780, which felt luxurious at the time).
The only real SaaS product we used was Salesforce. Most people at that company hadn’t even imagined the concept of things like email or Microsoft Word living exclusively in the cloud—especially on the enterprise level.
In fact, there were a lot of people who thought it was a really bad idea. Richard Stallman, founder of the Free Software Foundation and creator of the computer operating system GNU, told the world in 2008 that using web-based apps like Gmail was, “worse than stupidity… if you use a proprietary program or somebody else’s web server, you’re defenseless. You’re putty in the hands of whoever developed that software.”
Things have changed dramatically since then. We surveyed over 670 IT professionals as part of our 2020 State of SaaSOps report and found that the average company uses 80 SaaS applications. By 2025, they expect 85% of the business apps they use will be SaaS-based.
There are a lot of reasons for the rapid adoption of SaaS. IT teams enjoy the freedom from supporting on-prem hardware and software, especially as they continue to be asked to do more with less. And end-users tend to agree that SaaS applications are just better than their on-prem counterparts. But as enterprises and startups move to the cloud en masse, new threats enter the picture on a daily basis.
New and Unpredictable Threats Against Organizations
As the use of SaaS applications became more widespread, so too did the threats against organizations around the world. Notably in 2015, an IT admin at a midsize company you probably haven’t heard of enabled an option in Slack that allowed users to generate document previews when employees shared Google Drive items with each other. Not a big deal, right?
Actually, it’s kind of a huge deal.
Turns out that when you put a sharing link in Slack, those documents were saved in Slack’s databases. And by integrating the two apps with just one click, the admin exposed 100 Drive accounts. Oh, and did we mention that this midsize organization is part of the General Services Administration (GSA)? Or in other words, the federal government?
Again, kind of a huge deal.
As you might have guessed, the threat has grown exponentially. In July, I took over as the editor of The Daily Monitor, our newsletter in which I round up the latest news in tech. And in those first few weeks, I noticed that most of the headlines that came across my feed were major breaches at some of the world’s largest companies, places like Twitter and Carnival Cruise Lines where you’d assume things are buttoned up tightly.
I asked my manager, who had previously edited the newsletter, if I was noticing these stories more because it was part of my job and we agreed that wasn’t the case. There were just a lot of incidents in which huge organizations were being attacked—and being attacked successfully.
A New Methodology for Managing and Securing your SaaS Environment
In 2011, Google announced that organizations with more than 10 users were no longer eligible for the free versions of Google Apps. By the end of 2018, Google reported that 5 million customers around the world were paying for Google Workspace (formerly G Suite). The popularity of SaaS has snowballed in the time since, and not just for Google. Companies such as Salesforce, Microsoft, and SAP saw their SaaS market share grow upwards of 73% in 2015.
But as more companies adopted more and more SaaS apps, IT leaders discovered that managing a stack of SaaS apps becomes far more difficult each time you add a new app. Without a centralized platform to secure a SaaS environment, IT teams had no choice but to manage each app from its native console—which, by the way, changes constantly.
In addition to growing external threats against SaaS-based organizations, our CEO David Politis started BetterCloud because everyone in his network agreed that IT needed a better way to manage and secure G Suite.
And while BetterCloud started as a platform designed to secure Google Workspace exclusively, it became abundantly clear that Google Workspace wasn’t the only thing keeping IT admins up at night.
For years, Politis used the term SaaSOps to describe the need and methodology for managing and automating IT operations. And based on what he was seeing in the market, Politis took pen to paper and unveiled the first definition of SaaSOps during BetterCloud’s 2019 Altitude event.
After announcing the definition, Politis urged IT professionals to champion SaaSOps and update their job titles to include it. That might have seemed like a big ask to some folks, but SaaSOps has become a full-blown movement since then.
Not only did the respondents to our 2020 State of SaaSOps survey agree that SaaSOps is critical to their companies’ success, but 30% now include the term in their job titles or plan to in the near future.
For many people in IT, the growth of using SaaSOps is far from surprising. 76% of respondents see unsanctioned apps as a security risk, but only 49% of IT organizations inspire confidence in their ability to identify and monitor unsanctioned SaaS usage on company networks.
As SaaS applications become more and more ubiquitous over the coming years, it will undoubtedly become a bigger challenge to manage and secure a SaaS environment—and as a result, IT leaders across the country are quickly embracing the history and future of SaaSOps.
Want to learn more about the state of SaaSOps in 2020? Download our report here.