Skip to content

Reducing the Risk of SaaS Sprawl with the Power of Automation


January 13, 2022

2 minute read

ReducingSaaSSprawl FeatureImages

The number of SaaS apps an IT manager must wrangle just keeps growing—and quickly, too. In 2017, the average company used 16 apps. In just five years, that number has ballooned to over 110.

To make life even more difficult for IT, that number only represents how many apps are sanctioned by IT. Sanctioned apps are the ones employees are supposed to be using, carefully chosen and vetted by IT to fulfill specific business functions. 

In a perfect world, no one ever logs into anything but sanctioned apps with their work credentials. However, the real world poses far more risks and challenges for IT.

Unsanctioned apps are increasing the threat landscape

Every time an employee creates an account with a new, unsanctioned app—or worse, grants it access to a core, sanctioned app (i.e., Google Drive or Dropbox)—they increase the chances of a data breach.

“At BetterCloud, we have found over 20,000 applications across our customer base that have access to their file system. This can be a huge risk from a security perspective… if any of these SaaS vendors gets compromised, that means your user data is potentially at risk.”

Michael Praino, Strategic Solutions Engineer at BetterCloud

A proactive approach for identifying and managing SaaS apps

To mitigate this risk, the best approach is a proactive one. With BetterCloud, you can set up alerts to notify you whenever someone logs into an unsanctioned app using their work credentials. To stop employees from logging into risky apps before they cause trouble, you can also automatically revoke their access and send them an email to let them know their actions are putting company data at risk.

With BetterCloud, you can also use these insights to improve employee experiences and optimize your SaaS licenses. When you can see all the apps everyone is logging into within a single view, you can easily identify which ones might have overlapping functionality. 

For example, if you have multiple apps for marketing performance or project management, you can strategically consolidate usage. Not only have you saved your company money by not paying for two solutions, you have also added more employees to a single app, where they can more easily collaborate.

Build automated workflows to protect your environment from risky apps

At Altitude 2021, two BetterCloud experts presented a 30-minute workshop on the challenges presented by SaaS sprawl, and how to overcome them with IT automation. Michael Praino, a BetterCloud Strategic Solutions Engineer, starts the workshop with a look at the challenges of Shadow IT and best practices for proactively managing apps being brought into your environment. 

Chelsea Stephenson, a Senior Implementation Specialist at BetterCloud, then shows you how to use to BetterCloud to:

  • Browse the Applications Grid to learn about the apps in your IT environment
  • Create a workflow that revokes OAuth access whenever someone logs into an unsanctioned app
  • Create a second workflow that automatically emails IT whenever someone is added to an app, such as Office 365, with elevated permissions
YouTube video

Altitude 2021 was filled to the brim with in-depth sessions just like this one, from topics that range from custom integrations to addressing new IT security risks. You can browse additional workshops and keynote videos in our Altitude 2021 resource library.