Romolo Tavani - stock.adobe.com

Keeping control of SaaS costs

The ease with which someone with a corporate credit card can buy a SaaS product can lead to runaway costs and data leakage risks

Like other public cloud services, software-as-a-service (SaaS) providers make it extremely easy to purchase their products. This means SaaS-based application subscriptions can easily become unmanageable, leading to decentralised IT and uncontrolled, wasteful, unnecessary IT expenditure.

In the past, the software asset management (SAM) team was tasked with ensuring the IT systems deployed across an organisation had the correct software licences. Their role enabled better decision-making in terms of purchasing volume licence agreements and preventing the unauthorised use of software.

According to Flexera, which recently conducted a poll, SAM responsibilities include tracking the use of SaaS (56%), providing data and analysis to support security (56%), preparing for software contract renewals (58%) and maintaining an accurate inventory of licensed software use (72%). Flexera recommends that IT asset management (ITAM) professionals should increase their collaboration with FinOps teams as the use and cost of SaaS and cloud eclipse that of on-premise software.

Thanks to SAM, IT departments used to have a good idea of software spend. The installation of commercial packaged applications could be regularly audited to ensure the organisation complied with software licence terms and help it get the best value from the licences it had already purchased. In an ideal world, software developers would also be provided with access to an approved suite of developer tools and software libraries.

Keeping count of cloud costs

Public cloud has changed IT cost control and the IT landscape has evolved to the point where IT engineering teams that embark on cloud-native initiatives are making use of cloud-based services and microservices to build applications far quicker than was possible previously, as Dale Vile, co-founder of Freeform Dynamics, points out.

“The number of moving parts and activity streams you need to account for to form an accurate view of costs is pretty daunting nowadays,” he says. “Allocating those costs to different departments, systems and business initiatives is a huge headache given the amount of infrastructure, resource and service sharing that has become normal over recent years.”

Not only is keeping track of these assets an ongoing concern, some SaaS and cloud-based services that work well in pilot deployments may not prove to be the best technology choice when accounting for the costs associated with peak usage and large-scale deployments.

In fact, a Forrester survey of modern technology operations found that only 37% of all digital and IT professionals (and 43% at enterprises) agreed that their organisation’s software is well controlled and managed by a software asset management team

Two years ago, Gartner analyst Lydia Leong warned that most organisations focus on the elimination of “waste” in cloud expenses, usually in the form of idle or under-utilised resources. At the time, she urged IT leaders to implement performance engineering techniques, once waste has been eliminated, to improve application performance using fewer or less-expensive resources.

For instance, if an application team is driving towards a quick product launch, Leong says the business may be willing to incur high initial cloud costs to reduce time to market. “The application may then need to go through a cost-optimisation cycle to achieve acceptable long-term costs and improve the product’s profit margin,” she adds.

FinOps for managing product development costs

At FinOps X 2024 in June, Elly Rauch, manager of cloud FinOps at The Walt Disney Company, used her presentation during the keynote session to discuss the company’s approach to balancing costs with product development.

Initially, financial forecasting was based on reviewing the role of a service to understand how it supports Disney products. “We then took the data and ran regression models trained on historic data to forecast future costs,” she said.

While this worked well initially, over time, Rauch said the relationship between cost and drivers began to change. For instance, the tech team developed new initiatives, such as the Disney ad server, while other teams were optimising their usage. The model, she said, was unable to predict new work. While technology improved at Disney, the ability to forecast costs accurately based on the model became harder. “Finance is a forecasting job, and there was not a clear pipeline to request software and usage,” she said, describing FinOps as “an endless game of whack a mole”.

The big challenge was how to control costs associated with thousands of tech services running at Disney, while, at the same time, being asked to reduce costs. “The organisation needs to operate differently, and we took an opportunity to start over. FinOps becomes everyone’s job,” she said. This means teams in finance and IT engineering need to be involved. For Rauch, getting the tech engineering people involved is crucial as they have a close understanding of how IT resources are consumed.

According to Leong, the greatest trade-off usually concerns application developer time. “Time that is spent performing cost optimisation is time that isn’t being spent on adding new application capabilities, and some business leaders exclusively prioritise new capabilities without paying attention to how cloud costs affect product margins.”

Although cloud costs are usually intricately linked to organisations’ use of infrastructure and platform public cloud-based services, SaaS costs can quickly get out of hand, unless controls are put in place to curb unauthorised applications and usage. For instance, Netflix’s much publicised clampdown to password sharing illustrates the ease with which anyone with just a password can access premium services. In the corporate world, IT security and governance policies will often treat password sharing as a serious infringement due to the data loss and cyber attack risks associated with such behaviour. Password sharing is likely to fall foul of SaaS contracts and lead to uncontrolled costs.

Managing IT assets across the board

In its Why you must rethink your software asset management practices report, Forrester recommends that IT leaders focus on developing an integrated IT asset management strategy to support the increasingly complex IT environment, which spans the cloud, edge and changing licence structures.

One of the terms that will crop up as IT leaders explore options for managing SaaS costs is the idea of FinOps (see box). The FinOps Foundation, which provides a framework and best practices for financial management of cloud-based resources, defines FinOps as an operational framework and cultural practice which aims to maximises the business value of cloud and enable timely data-driven decision making. FinOps creates financial accountability through collaboration between engineering, finance, and business teams. The goal is to plan for appropriate use, which minimises over-deployment (a compliance risk) or under-deployment (shelfware/waste).

This is a collaborative effort. Gartner’s Cloud financial management collaboration guide to extend efficient FinOps report urges business leaders and application teams to work together to budget for and forecast cloud costs.

The overall goal, from Gartner’s perspective, is to ensure cloud budgets and forecasts are aligned with the business planning cycle. Gartner says sourcing, procurement and supplier management teams should use these projections to negotiate pricing and discounting with the cloud providers. The analyst firm also recommends that the head of finance and other executive leaders should be given reports that align cloud costs to business metrics so they can make informed decisions.

SaaS management is very much part of software asset management. In the modern era of highly distributed software and a workforce that is no longer fully office-based, IT departments need to ensure they offer the breadth and depth of applications, software tools, microservices and, increasingly, access to data sources that people require to work effectively.

Working closely with line-of-business managers can help to identify what is missing from the corporate IT software portfolio, avoid hidden costs associated with shadow IT SaaS purchases, and understand what technical resources the software engineer teams are consuming.

Read more about SaaS management

  • The proliferation of SaaS has created a real challenge for IT teams trying to get a handle on all their apps. See why a SaaS management platform might be the right fix.
  • Enterprise architect specialist LeanIX expanded its portfolio through the purchase of SaaS management startup Cleanshelf and the introduction of a Microservice Intelligence tool.

Read more on Software licensing