Transcript
Hi Mike Matchett with Small World Big Data and we are here today talking about SaaS apps. And you've heard me talk about SaaS apps before from a data protection perspective. Like you have to protect the data. That's your corporate data. But today we're talking about just getting a hold of getting a hold of the management of them, getting getting your arms around how many you have, what their usages are, and more importantly, to a lot of people, how much is it costing you? And can you get that financial management aspect around all your SaaS apps, or are you just leaking money out the window every day? Hold on a second. We've got Calero coming in and we'll talk about it in some more depth to. Go. Hi, Stephanie. Welcome to our show. Thanks for having me, Mike. Uh, so we are talking about SaaS. We're talking about really? Uh, I said financial management, but it's more than that. It's license management. It's usage management. It's fine. It all kind of goes together. Uh, let's just start about, uh, that that that topic, uh, in for, for especially for it people, uh, they don't usually think about it, financial management. But but this is an important aspect of things. Whoo hoo! When Calero goes into a company, who do you are normally dealing with and. And do you like those people? Yeah, we love them because they all have a problem to solve. Right. And you're right that that entry point comes from different places depending on where you are in the company. But every company we talk to out there has got a SaaS problem, usually starting with visibility, maybe for security reasons, maybe for financial reasons, maybe because they've got a lot of M&A and they need to understand an inventory those assets quickly. There are a lot of entry points. Um, but oftentimes we're talking to software asset managers. We might be talking to IT asset management professionals. Um, we're often talking with procurement or infosec teams. Um, and increasingly, we're seeing FinOps at the table. Uh, the FinOps Foundation now has a SaaS domain, and we're seeing that that cross between how you've managed your your cloud spend and, um, uh, corresponds really well to how you manage your SaaS applications. All right. Let me ask you this. Uh, we're talking about SaaS apps. What are some of the things that are going wrong with, you know, the shadow SaaS usage or the growing SaaS usage that it doesn't have their hands around that's not actively managing? What sort of the main symptoms that someone might look around and say, hey, we have that going on here. Yeah. Most organizations have got a few centrally managed SaaS apps that probably represent the lion's share of their SaaS spend. So your, um, 365 Adobe, Salesforce, etc.. Um, and, uh, you know, some have those really well under control, a lot don't. But even if you have those under control, you still have this long tail of hundreds of apps running in your environment. The it knows nothing about SaaS management is inherently decentralized, right? Anybody can sign up for that freemium product. Anybody can put a SaaS application on their corporate card. And today, 60% of SaaS applications in use are unknown or unmanaged by it. So that's that. That's where the problem shows up and it creates a whole bunch of trailing problems. So you've got redundant and orphaned apps with no no owners. Um, you've got unused licenses and oftentimes over licensed users, um, you've got competing contracts, overlapping contracts that cause you to have lost buying power. Um, you end up with blind or missed renewals or particularly auto renewals where you realize you've paid for something for the past three years that nobody in your organization uses. And of course, you've got compliance issues. Um, and the security, uh, angle. Right, which is that every single one of those unmanaged SaaS apps represent an entry point for bad actors or data leaks, and that most of the data breaches that companies experience come from those third parties. Uh, apps one and four are coming from those, um, those unmanaged third party SaaS applications. So there's a lot of problems that show up. But the the core is that it's, um, it's decentralized by nature. Right. And I guess, you know, if you bucketed all those areas of risk up together, you're going to come up with a possibly a significant dollar amount of risk if you translate it to money. Uh, but, uh, you know, I also previously mentioned the data breaches, the data protection concept of unmanaged SaaS. Uh, but IP loss, um, uh, just, uh, the vulnerabilities you're opening up the, the the the social phishing that can happen when people are using SaaS apps and just talking with chatbots on another on another thing. And we haven't even gotten to that. So there's definitely a lot of risk to be managed here if you're just talking about risk. But also obviously the point of Calero to a lot of people is to get a handle on the money to handle the finances. So. So what? Let me just back up again a little bit. So tell us a little bit about what Calero's focus is and what attracts you to Calero. Why, you know, what gets you out of bed in the morning? Yeah. Well, a while back I worked at a little company called DocuSign. Uh, you might have heard of. And, uh, I was there during the pandemic. Um, and, you know, the interesting thing about being at that particular SaaS company during the pandemic is everybody needed us overnight. Um, and I saw firsthand the explosion of SaaS usage where this department is buying DocuSign over here. They have no idea that this other department in their organization is buying it over here. Um, and, uh, being a part of that really made me realize that there needed to be a correction point at some point. Right? With all of this proliferation of SaaS applications, both from a spend and a risk perspective, there needed to be some self-correcting force. And I got very interested in that problem. Um, and, uh, was landed at a couple of companies snow software Flexera now Calero um, who are solving the problem in different ways. And for me, Calero really approaches that problem, uh, in the way that I find, um, most meaningful with, with the customers that I've worked with and that it is about utilizing the discovery sources that you already have that are already sanctioned by it. You're talking about your SSL, your casb, your endpoint security tools. Right? We're we're digging into that discovery and that data that you already have in your organization and layering it in a way that drives fast time to value. Um, so when I looked at, um, the, the weight of solutions compared to the ROI that they delivered for me, um, was really the clear place where I wanted to solve that problem. All right. So, you know, it sounds like it sounds like, uh, you know, Calero known for doing things in endpoint mobility management, telecom management, some other, some areas of financial control over usage of IT assets and so on. Yeah. That's our bread and butter. Started getting into the SaaS. This is SaaS area in a big way. The time to value is one of the big things right. So you just you just tell us a couple examples about about, uh, doing agentless approaches and so on. Um, what else, what else about SaaS, would you say sort of has an advantage with versus people doing things in a more heavyweight way? What what what does that help someone do if they say, I gotta get hold of my SaaS estate? Uh, when I got to do it fast and I got to do it, uh, fairly quickly. Yeah. The two other things I would tell you is that our platform is uniquely built on best practices. So rather than getting an empty box, for example, we we are building in policies, um, and have a library of policies that allow you to get quick value. So as soon as you plug into those discovery sources, you're automatically going to start to see recommendations based on the policies that you turn on. And of course, you can customize those policies and have them as granular as possible. But it's an important starting point to be able to say, where are my big categories, for example, disabled. So users or really standard one where nine times out of ten if you've got disabled. So accounts, they also need to be deprovision from all of your other apps, because those are people who have left the company. So we can automate those kinds of things out of the box very easily. Um, and, and we really make that gap between seeing what you have and knowing where to act and how a lot easier. I mean, just even drilling down on that, I could tell lots of anecdotal stories that people have told me about. Someone has left the company. They've managed to go into Active Directory and remove their permissions there. They've managed to to, to go and and find the stuff on their personal computer and archive the things there. Uh, but then they have no idea about the 60 different SaaS apps that person was using and all the data that might be out there, much less taking them off those SaaS apps. Just, just there's just so many levels of risk there. Uh, if you don't if you don't have a management control over what the SaaS apps are, who's using them and maybe what usage they've actually done to them. Right. So you've got to bring that all together. So. Yeah. And we think it's important to guide folks through that process as you get in and start getting visibility. There's going to be some low hanging fruit there you can turn on and start getting value right away. There's going to be some other things that take more time and more governance and more data, right. So we really guide folks through our platform to make sure that we're targeting the right outcomes and getting that value delivered on a continuous basis. Um, the other way that we do that is, is that we've got a, a three tier approach to our platform. So you're paying for the value that you're getting at any time. We start with visibility. That's low barrier to entry. Uh, you know, it's it's easy to get in and start seeing and understanding your data. Uh, and then we'll move you to control, uh, where you're starting to act on that data and really do a cleanup of your site, get control over some of that, that spend and that risk. Um, and then then you've got optimize, uh, where you'll start to actually automate some of the governance that you have, which is a really important step. Um, because if you're just doing SaaS management as a one time project, those weeds are going to regrow, right? You're going to weed your garden, it's going to look good, and you're going to come back two months later and and see it all falling apart. So being able to guide our customers through those tiers and allow them to level up to the kind of functionality that they need at that given time, is an important way that we're responding to the market. Yeah. I mean, just approaching it from a spreadsheet kind of mentality is not going to work because you're going to look at that spreadsheet again, it's a one and done thing. You've got to have a system that's dynamic and keeps going and keeps monitoring and managing, things. And especially Mike, as we start to look at the trends in the that SaaS vendors are coming up with in terms of their pricing and packaging. Um, we're seeing a move towards consumption based SaaS, right, and consumption based licensing. And in order to take advantage of that and not have it take advantage of you through surprise bills and things like that, you have to have that continuous usage and continuous telemetry to make sure that that you're making use of what you're paying for, and also that you're not going to end up with a surprise bill under those pay as you go structures. That's awesome. Uh, so there's a lot to talk about. And at some point, we'd love to have you come back and give us a demo of of what this actually looks like. Uh, beyond beyond just a spreadsheet. Right. What does it look like to actually control something and then optimize it? Uh, but if someone wants more information now, if they are saying, yeah, we've got a lot of SaaS apps and we need to recover some money, and we've got probably a lot of risk and vulnerability leaking out there, and we'd like to get started with something that's fast and easy. What would you point them at? Yeah, we we'd love to get a demo and we'd love to do a POC, but if you're really at that point where you're like, you know, we have a problem and we're not quite sure how to get our hands around it. Um, we actually have a free visibility offer, so it's feature limited, really focused on discovering and inventorying what you have. Um, that, uh, is live on our website right now, and that's a great starting point to get in there and with no risk, no signup, no credit cards, start to understand exactly what your exposure looks like and what you need to tackle next. All right. And that's Calero.com. So thanks, Stefan. Thanks for being here today. All right. So go take a look at your SaaS estate. You probably have some issues you don't even know about. You've got some free offers here from Calero. You've got no excuses left. Uh, go to it. Take care folks. Thanks, Mike.
