Why is this important

Technology is in many ways like water – it will eventually flow into all edges of your company. The use of technology is at the same time becoming more important than ever. In modern companies, we have already experienced the bring-your-own-device (BYOD) revolution. The benefits of allowing employees to use the devices they want to use to do their jobs leads to many benefits, including efficiency in the task skilled workers need to do as well as employee happiness Meanwhile, IT and risk/compliance functions in companies, if any - are either lagging or even completely side lined in their efforts to manage BYOD in an efficient way. The next wave in empowering employees in companies is the Bring-your-own-software (BYOS) wave which has been progressing silently, especially due to several reasons. Some of these reasons are

• Maturity of SaaS-solution

• Technology competence amongst employees

• Younger people with higher level of technology adaptation

• Increased availability of SaaS

• Increasing complexity in the work that needs to be done

Recent surveys show that in companies with twenty-five employees you will have an average of 110 SaaS-solutions. These solutions are in more than 75% of the cases purchased directly by business units or employees with their credit cards and usually reimbursed. The purchase and use of these employee-purchased IT-solutions is often referred to as Shadow-IT. Therefore, many important tasks as well intangibles like information, intellectual property, market insight, financial data as well as other confidential information or even whole processes exists in SaaS-resources with low level of control.

Why is this difficult?

BYOD is hard enough, and when you combine it with BYOS the complexity in keeping sufficient control of you company’s resources, managing accesses as well as cost is for most companies now turning into an impossible task without traditional tools and processes. The reasons of why it is turning into an impossible task is e.g.,

• Traditional processes and tools for managing control of resources is made for IT or other centralized parts of the organization and is based on them controlling resources used in the company. The reality however is that most purchases and management of SaaS is completely outside the control of IT and not conducted centralized. It is in the hands of the employees.

• Existing tools for managing resources are not rigged for a distributed management of resources and accesses. They rely on centralized control from e.g., IT or procurement.

• Business unit employees are less interested in as well as skilled in using complex management tools with poor UX made for advanced users.

• Employees are not exposed to the resource management processes and do not have an awareness around the importance of resource management.

To sum it up, employees in business units are becoming the biggest purchaser of IT-solutions. Still, they are not empowered with the knowledge, access to the process or user-friendly tools to manage their must-needed SaaS-resources in an efficient way. On the other side, we see IT, procurement or other centralized parts of companies trying to win an unwinnable war to apply processes and tools made for centralized management.

What are the consequences

Given the cold tug-of-war between employees wanting to have the best software tools for their job and IT and procurements need to manage software with processes that require centralized management, the result is often a complete lack of control. Some of the consequences and risk with the lack of control is

• Security breaches due to weak account or data protection policies

• Redundant subscriptions and uncontrolled costs

• Lacking reuse of data or processes implemented in external SaaS-solutions

• Former employees or partners left with unauthorized access

• Poor management of unused licenses and stalled subscriptions

• Regulatory breaches by storing data like personal information outside of permitted geographies.

• Interruption in business continuity due to lacking payment of subscription by the employee

And to round it off, one of the biggest risks however might be that the employee with administrative access ends their engagement and leaves without passing the rights to another employee and stops paying for the service.

How to manage employee purchased SaaS solutions.

This chapter is still under consideration. In the meanwhile, feel free to register for Concid’s Beta program.

Concid is a solution which addresses all these pain points and gives you hassle free resource and access management, even for of employee purchased SaaS-solutions.