6 received ideas (or not) about Shadow SaaS


In a few years, SaaS solutions have won over almost all organizations. Sometimes even without them knowing it, insofar as any collaborator can take out a subscription and access the solution without restriction via a simple browser. Invisible uses for CIOs and enterprise architects that are not without risks: misconceptions and truths about shadow SaaS in organizations.

Shadow SaaS is the modern version of shadow IT

Fake – Shadow IT is a notion identified and conceptualized for a long time in organizations. In the vast majority of cases, its origins go back to the empirical and unstructured construction of information systems more than thirty years ago. A lack of rationalization which led to loss of visibility on the existing and therefore to risks and excesses, particularly in terms of costs.

Shadow SaaS is the use by business users of SaaS solutions, without referring to the IT department. A situation made possible by the intrinsic principle of the SaaS mode, which combines functionalities and infrastructure in a single subscription, which businesses can subscribe to directly. Shadow SaaS is therefore an element of shadow IT, which remains the most complex to track because outside of the IT department and its own budgets.

The only risk of shadow SaaS is financial

Fake – The financial risk is of course significant: without visibility or management capacity of the IT department, there are many redundant applications and unused subscriptions within the multiple business or support departments. But the risks to the data are also major.

Starting with the risks related to personal data (“data privacy”). Without mastering SaaS applications, it is impossible to meet the obligations of the GDPR, for example. In particular at the level of the identification of uses, places of storage and modes of processing of personal data in the organization.

In the same way, shadow SaaS can create risks on sensitive data: customer information, industrial secrets, etc. In this case too, the IT Department must imperatively retain control to limit additional risks, particularly in terms of business or image.

The SaaS phenomenon is growing in organizations

True – Collaborative platforms, management of expense reports, HR tools, customer relationship management, instant messaging, conversational robot: many applications exist today to help businesses in their daily lives. Easy to access, with subscriptions that are often reasonable and sometimes even free for limited needs, these different applications in no way require the intervention of the IT Department to be implemented.

Moreover, there is generally no malicious intention on the part of users: from their point of view, it is a question of being effective quickly.

Majority of CIOs have sufficient visibility into SaaS applications

Fake – SaaS applications can be used through a simple browser and can be directly subscribed by the business lines, without any consultation with the IT department.

As a result, organizations of a certain size – ETIs and large companies in the lead, but also some SMEs – can discover, during audits via SaaS management platforms, that 60 to 70% of SaaS applications are completely invisible to the DSI. The latter therefore having only a very partial visibility does not have the capacity to manage and rationalize the applications used by the company.

Architecture professions will evolve with the growth of SaaS

True – The business architect will of course continue to exercise his main missions, in particular analysis and advice in terms of transformation and optimization of the information system.

On the other hand, the solution architect will focus more on business needs than on infrastructure issues – hosting, deployment, operation of applications and data – which will be increasingly delegated externally, as far as the very principle is concerned. of SaaS.

Since the risk is shifted to the external service, the challenges of the architecture will relate to the definition of the business architecture, the functional layers, the rationalization of the existing applications and functionalities – and less to the aspects of technological deployment.

Shadow SaaS risks will be limited to advanced users

Fake – With users becoming increasingly comfortable with digital, projections suggest that 80% of organizations’ applications could be used in SaaS mode by 2031 (compared to 17% today).

The risk of seeing shadow SaaS deployed throughout the company is therefore very real. It will only be contained on the condition that business architects and IT departments have sufficient visibility to be able to manage all of these applications – and thus optimize their uses and costs.

In this, they will be able to rely on specific SaaS Management tools (which 50% of organizations already plan to implement by 2026 according to Gartner) and IT transformation planning. Future “SaaS Management directors” will also emerge, positions that will no doubt grow in the coming years.





Source link -97