The numbers continue to roll in about how organizations are managing SaaS sprawl—and the findings are bleak.
While SaaS applications promise to boost productivity and business outcomes, the unchecked surge of subscription applications in the enterprise is putting a heavy strain on budgets, complicating compliance, and compromising security. Gartner’s recent Magic Quadrant for SaaS Management Platforms (SMP) shines a light on these issues, providing insights into why IT departments are struggling to manage SaaS sprawl effectively.
In this article, we’ll explore the scope of the SaaS sprawl problem and what’s causing it.
The Financial Impact of SaaS Sprawl
With the rapid expansion of SaaS tools, organizations are spending more than ever on software subscriptions. According to Gartner’s report, SaaS spending per employee now averages $1,370 annually—a 55% increase since 2021. This increase translates to an additional $500 per employee each year spent on SaaS, which can quickly add up in larger organizations.
However, a significant portion of this investment is going to waste. Gartner’s report finds that up to 25% of these licenses go unused. Block 64’s own data shows that 47% of users are not fully utilizing Microsoft 365 products, for example.
When SaaS applications go unused or are underutilized, they quickly become a financial drain rather than an asset. Furthermore, SaaS sprawl often results in overlapping applications across different departments, with multiple teams paying for similar tools that perform the same function. This fragmentation drives up costs even further, creating hidden expenses that IT and finance departments may struggle to track.
Cybersecurity Risks and Compliance Gaps
SaaS sprawl is not just a budgetary issue—it also poses significant security risks. According to Gartner, organizations that do not centrally manage their SaaS life cycles will be five times more susceptible to data loss or cyber incidents by 2027, largely due to fragmented visibility into SaaS applications and configurations.
Alarmingly, most organizations are only aware of about 40% of the applications in use across their SaaS environments. This lack of oversight leaves numerous applications, including shadow IT tools, under the radar of IT departments, heightening the risk of data breaches, insecure integrations, and regulatory non-compliance.
Security gaps from unmanaged software are a serious concern. Block 64’s recent data, from our Benchmarks for CIOs report, shows that 74% of endpoints have at least one critical vulnerability with a CVSS score over 9.0. This risk level underscores the vulnerabilities created by SaaS sprawl and the lack of centralized management.
Shadow IT: A Growing Challenge
One major contributor to SaaS sprawl is shadow IT—when employees or departments independently subscribe to SaaS applications without involving IT. Gartner found that IT departments now manage only 28% of SaaS spend and 17% of applications, a decrease from the previous year. Shadow IT not only creates compliance and security issues but also drains budgets as untracked software expenditures go unreported and unmanaged.
Employees may turn to shadow IT solutions to meet their immediate needs, bypassing IT policies to access specialized tools more quickly. This decentralized adoption becomes problematic when these applications are not configured or monitored for compliance, security, or efficiency. According to BetterCloud, 80% of employees admit to using SaaS applications at work without IT approval, and 67% of teams have introduced their own collaboration tools without informing IT. This widespread use of unapproved software underscores the need for more structured oversight to manage security and compliance risks effectively.
Unchecked SaaS Growth: Unsustainable Situation
The unchecked growth of SaaS applications has led to a complex and costly environment for many organizations. Rising SaaS expenses, often driven by overlapping tools and under-utilized licenses, are putting unnecessary strain on budgets. Beyond the financial impact, SaaS sprawl introduces significant security and compliance risks, especially when shadow IT flourishes.
In our next article, we’ll explore practical solutions to these challenges, including the benefits of centralized SaaS management and the tools available to help IT teams regain control.
Subscribe to our LinkedIn Newsletter today to stay on top of these trends.
