Get above the cloud A primer for IT, finance, and procurement leaders: how to gain the visibility you need to cut and control cloud costs

IT Spend Rapidly Shifting To The Cloud

What’s your company’s cloud spend trajectory?

Most companies find themselves spending more and more on cloud services. IDC research estimates cloud spend will increase 23% in 2018 to $160B. By 2021, they predict the total will be $277B spent on cloud services.

If you work in IT, Finance, or Procurement, you likely have mixed feelings about cloud software.

While SaaS has many advantages over onprem software, it can be hard to find and manage. And you can only cut costs from what you can see.

…But No One Really Knows What’s Inside The Cloud

How many times have you discovered someone in your organization using software you were not aware of? It could be happening more than anyone realizes:

How Does Mystery Software Spread?

Here’s how we understand the most common way shadow IT spreads, based on our experience working with many IT compliance and security professionals.

What Cloud Software Costs Could You Expect To Cut?

If you’re not already an expert in cutting cloud costs, it helps to know what to look for. In this section, we discuss the kinds of costs you might find and why they tend to crop up.

• Just Plain Wasteful Costs
• Costs That Occur Because No One is Watching
• Scary Things to Avoid at All Costs
• Sneaky Soft Costs

Just Plain Wasteful Costs

Extra Licenses (Shelfware): Sometimes contracts stipulate a number of licenses. But when they do not, extra licenses can add up, and make ideal cost-cutting targets.

Inactive Users (Including Former Employees): Some people never use software. And if IT does not manage an app, some employees could still need to be de-provisioned, even if they’ve been gone months or years. In our experience, some organizations have hundreds or even thousands of inactive accounts.

Duplicate Apps Or Multiple Instances: Some employees or departments decide to get their own apps, in spite of any existing corporate subscriptions for a similar apps. Likewise, sometimes employees start separate accounts for an app that’s already paid for.

Unoptimized Licenses And Off-The-Shelf Pricing: Some licenses cost more than others, offering access to more advanced features. But what if not everyone accesses these premium features? Those people should use less expensive licenses. Without visibility into actual application usage, these cases can be hard to find.

Shelfware’s Impact

Over the course of a 4-year study of 1,800 companies, researchers found that, year after year, companies wasted 37% of their software spend on unused licenses. Here at Alpin, we help companies save up to 30% on their cloud costs.

Costs That Occur Because No One Is Watching

Tiered Pricing, Easy Signup: Whether it’s the number of emails, transactions, contacts, or another metric, some software prices change based on volume. If users can easily sign up on an enterprise account and use more of the app… suddenly you’re at the next tier and paying substantially more than anticipated.

Non-Compliant License Fees: You’re supposed to pay for every license. But some employees may start using a freemium version. Or the marketing department shares one login using their marketing@ email address. Little did these users know, the software provider will charge you significant fees for these violations after they audit your account. Oops.

Expensed Subscriptions: Some users or departments sign up on their own and simply expense the cost with little or no question as to how the software purchases may fit in a larger purchasing strategy.

User-Initiated Upgrades: Users can start signing up for premium features with little tracking or oversight until money has already been spent.

Bonus: Converted Free Trials Or Free Tiers: This might surprise you, but “free” trials are meant to entice future spending. When free trials end, charges may start automatically. Or as more people sign up at a free tier, the software may switch to a paid model. And as people have made the software essential to their workflows, they demand the software stays.

Scary Things To Avoid At All Costs

Regulatory Fines

What if unsecured cloud software contains sensitive data and a regulator finds out? They may fine you, substantially. GDPR alone could result in a fine of 4% of revenue or €20m (whichever is greater).

Merger Madness

Basically, take all of these problems and multiply them in a merger scenario. As the merger shakes out, tracking cloud software may not be anyone’s highest priority, but the bills still get paid.

The App Was Hacked, But No One Knows

If an employee leaves but the data they uploaded to a cloud remained there, does a hacker care? You could potentially be exposed to ransomware-like situations from software no one knew about – until it was too late.

You Need Control In Dangerous Situations

Government actions or mergers can make small problems big problems. Shadow IT may not feel like a big problem alone, but it could quickly become one. If you want to avoid scrambling to adjust budgets after a big fine, it starts with getting visibility into who uses what software.

Sneaky Soft Costs

Managing Issues And Relationships

If IT, procurement, or finance do not manage a software vendor relationship, who does? Invariably, department heads or other staff take on this burden, often to the detriment of their other responsibilities.

Tracking And Audits

At the very least, cloud expenses should be tracked by someone. If that person tracks manually, it drains time and resources for them and the departments they work with. Who wants to waste time running around with a spreadsheet?

Don’t let costs – and software – ghost you

“Well, somebody’s got to do it.” Dealing with software vendors takes time and energy. It’s hard to manage them centrally without a single place to see them all. Information is power in vendor management.

The Four Major Areas Where You Can Cut SaaS Costs

Everything starts by gaining visibility into your cloud environment. While you could choose to do it manually, Alpin makes SaaS discovery a whole lot easier.

This guide covers four areas:

1. Find Freemium, Trials, or Paid Apps
2. Cut Wasteful Spend and Optimize License Costs
3. Manage Renewals and Leverage Information in Negotiations
4. Prevent Unnecessary Costs

1. Find Freemium, Trials, or Paid Apps

Manual Discovery And Asking Nicely

Foster positive relationships with all department heads, and if your organization is very large, potentially a few of their subordinates as well. Essentially, this would come down to asking people to help you know what SaaS they’re using, whether all licenses are active, etc. You can also look at financial reports. And analyzing network traffic could assist you, if you have a way to efficiently parse the data.

Overall, manual discovery is difficult, time-consuming, and not even close to comprehensive. But if you have very little in your SaaS environment and are feeling up to a lot of data entry, you may be interested in this Excel template we created as a starting point.

Automated Discovery And Management

Alpin uses several methods to discover cloud applications, including API integrations with leading apps, connections with SSO platforms, data extraction from accounting and expense systems, browser plugin, on-device agent, firewall log analysis, and email scanning.

In other words, Alpin allows you to choose from many powerful options to scan your cloud landscape and automatically discover just about everything out there, whether free, paid, active, or inactive

2. Cut Wasteful Spend And Optimize License Costs

How do you currently handle extra software licenses, inactive users, duplicate apps, multiple instances, or complicated mergers? Alpin helps you navigate these issues. We also help you fix cloud expenses that aren’t severe, but could be managed better: overpaying for basic users, catching user-initiated upgrades, streamlining audits, and reducing IT support requests.

Manual Surveying And Investigation

Cutting and optimizing costs requires additional work of digging and inquiring about what tools are in use. You or someone on your team has to be responsible for this work. It requires gathering contracts and invoices to understand software charges. Then someone needs to discern how actual usage compares to billing. Surveying users or department heads about their usage, last login, or who pays the bill (to see if multiple bills are being paid for the same app) may be helpful in trying to get at this next layer of information.

Automated Cost Optimization With Alpin

You can not only simply see licenses, but view and organize license types assigned to each user. The best part? If there’s some manual configuration needed to add custom license types, costs specific to your enterprise contract, or specific renewal dates, Alpin will handle the legwork for you.

Additionally, you can see what apps that employees use most often. This enables IT to prepare to support and even proactively communicate about these apps. IT can ask employees to transition to a better-supported app or by sending help articles for common issues to pre-empt time-consuming support requests.

Finding And Cutting Wasted Spend In Alpin

After extensive discovery, finding ways to cut wasted spend becomes much easier.

Extra licenses and/or inactive users

Alpin’s Users To Be Reviewed tool helps you see inactive users (defined as no activity within your chosen timeframe), and we can immediately show when an app has unused licenses, depending on the discovery method.

Duplicate apps or multiple instances

Our extensive library has tens of thousands of categorized apps, so you can see all applications within a given category, like “project management” or “chat.” From there, you can see the people associated with those apps, and take action to consolidate your SaaS environment

Complicated mergers

Alpin helps you view and manage apps for multiple entities within one or more Alpin instances, so you can take a combined view, or keep them separate.

3. Manage Renewals And Leverage Information In Negotiations

Avoid Unexpected Costs With Alpin’s Renewal Calendar And Alerts

Since you’ll have a catalog of all apps in Alpin already, we added a renewal tracking system. Why’s that?

Our customers have seen hundreds or thousands of previously-unheard-of cloud applications. Research from Gartner and others suggests similar levels of as-yet-unknown software are present in many companies. It’s messy to keep track of all that.

Plan Your Renewal Negotiations With Your Own Data

Information is power in negotiations. And you get that information through Alpin. Imagine a scenario where you ask a vendor for a renewal negotiation meeting before they do. And you know just as much or more as they do about usage, users, and more. That puts you in a position of power for negotiations with the vendor.

4. Prevent Unnecessary Costs

Monitor for potential changes in pricing tiers, non-compliant licenses, free trials that turn into paid subscriptions, exposed data that could lead to regulatory fines, and more.

Ongoing Monitoring Of Many Types Of Activity

In this area, manual monitoring becomes unreliable at best. Automated monitoring and alerts that highlight new activity can help prevent spiraling costs.

Someone started a free trial? You can see that. You also have the option to blacklist the app in order to prevent further attempts to use it.

Want to know what folders are shared publicly, especially if they contain words like “financials?” You can see that and hopefully prevent a costly data breach. Read more about our data loss prevention (DLP) tools that integrate with popular cloud storage apps.

Want to know if some people are using a freemium account instead of the license type approved in the contract? You can see that too.

Usage tracking is also possible, so you’re aware if additional activity may send you into a higher usage tier.

Have G Suite? Block Users or Blacklist Entire Apps With Alpin

Alpin enables G Suite admins to revoke user’s tokens for any app they use G Suite to access.

Likewise, with a couple clicks, admins can blacklist apps from ever being accessed by users in their company’s G Suite account.

Real-Life Shadow IT, Shelfware, And Cost Scenarios

While you may be convinced of the need to better manage cloud software, maybe someone you report to or work with needs some extra convincing. We’ve included some real-life stories here, with important details removed for privacy, to help convince colleagues that our tool will help your company.

Expensing Apps, Paying For Employees 3-Years Gone

An expense and approval system kept IT and procurement in the dark about cloud software purchases. A manager approved employees’ software expenses without intervention or detailed audits of purchases.

A large technology company’s ex-employees – up to three years gone – had access to multiple cloud apps, including the company’s CRM. Not only was this a waste of money, it put years of potentially sensitive information at risk.

Solution: Alpin discovered these mystery users and programs. With knowledge in hand, administrators could address or correct these issues.

Untrustworthy site had access to executive emails

A gaming site subscription, based in a country known for malicious hacking, had full access to many company email inboxes. This included access to CEO and CFO inboxes and all their sensitive content.

Solution: Alpin discovered the offending app and permissions that led to the situation, and provided the tools to secure sensitive information.

That shouldn’t be shared… with search engines

A finance director, through a cloud file storage app, was sharing a root-level folder with outside parties. That inadvertently provided access to detailed financial statements that would never be released publicly or shared. Salaries, P&L, and more were unintentionally exposed.

A team’s files, folders, and discussions were made completely public rather than internal and read-only – this made financial files and other sensitive information indexable by search engines.

Solution: Alpin’s discovery and cloud Data Loss Prevention (DLP) tools provided the information needed to pinpoint the data leakage and change the relevant settings.

License compliance and cost overruns – Many duplicate apps

At one company, many teams had their own Slack domains, and they were all unaware that a corporate Slack account existed. Costs overlapped and added up.

Similarly, another organization found not one, but five duplicate project management apps, spread throughout the company. This created massive cost overlap and security vulnerabilities (we don’t know how much sensitive data may have been stored in the other apps).

Solution: Alpin’s extensive discovery tools identified these hidden instances, giving administrators the data and contact information needed to remedy the issues.

Surprise – Let’s all use this expensive solution

A department head started a small trial of a video conferencing app quickly spread departmentwide. That same department head shared the solution with other departments and even committed IT to supporting the new application.

This all took IT by surprise, and it was an expensive solution that was not subject to negotiation or cost controls.

Solution: Alpin can track down all instances of the new application to help sort out the prickly situation. In this case and others, knowledge is power.