The Rise of SaaS in the Enterprise and the Shifting Role of IT

Enterprise technology is evolving. Adoption of cloud applications such as Evernote and LogMeIn – consumer-grade tools employees depend on for day-to-day productivity – is booming, but as more users embrace these tools, organizations face a perilous double-edged sword.

While most Software-as-a-Service (SaaS) apps result in heightened user productivity and satisfaction, the simple fact that they’re readily available for download and can be used instantly means many employees procure them without ever involving their IT departments. This creates a headache for IT managers, as they lose control of their IT environment and the transfer and storage of sensitive company data.

Cloud and Bring Your Own Device (BYOD) are not only trends, but the new normal for doing business in the Information Age. So what can an IT manager do when anyone with Internet access can instantly purchase and deploy the software they want?

Rather than fight the new reality, IT managers must re-establish their impact as cloud service brokers – enabling, rather than resisting, the use of SaaS in the enterprise. Failing to change will only encourage the further growth of shadow IT and rogue SaaS use. But in order to change, IT managers must first understand the needs and habits of their end users.

In our recent study, Shadow IT in the Enterprise, we leveraged data from our specialized SaaS TeckCheck assessments on thousands of corporate devices to uncover the depth and breadth of SaaS in the workplace.

Security and/or Agility

We found more than half of organizations are running SaaS apps on corporate devices whether they know it or not. This number is only going to grow, leaving IT managers with the challenge of striking a balance between back office security and front office agility. Failing to do so often leads to extreme results, from employees going “rogue” and circumventing IT, to blanket corporate bans on SaaS applications. Neither scenario is ideal.

Approaching this challenge with a service broker mentality, IT managers must make a deal with front office employees that if they keep IT abreast of their technology needs, then IT will ensure the speedy deployment of suitable, secure, and enterprise-friendly apps they need to do business.

Enterprise-friendly SaaS options

Even applications seemingly suited for the enterprise can pose a threat to corporate security. Microsoft’s SkyDrive, for example, with a user penetration of 79 percent, seamlessly integrates with business apps like Windows 7 and Outlook.

Set to become even more deeply embedded into Windows with the introduction of Windows 8 and SkyDrive Pro, saving sensitive or proprietary data in an easily accessible cloud will become more reflexive. The truth is, however, even apps from trusted names like Microsoft and Google can threaten corporate data when used outside of a secure network. Managing employee app access through a secure cloud portal, and more effectively communicating the potential risks of improper app use are necessary in order to mitigate these widespread challenges.  Organizations will also want to look at solutions that can manage the applications, so the apps and their data can be removed from all of the users’ client devices, if need be.

By more closely integrating with the other lines of business to gauge their tech needs and challenges – and openly discussing vulnerabilities – IT departments will worry less about applications existing without their knowledge or consent.

Safely entertaining remote access

As workplace flexibility and BYOD behaviors become commonplace in the enterprise, remote access apps have become permanent fixtures, with 83 percent of organizations employing them. Yet, employees’ ability to tap into their personal PCs from the office puts an incredible strain on IT departments to govern internal tech behaviors and encourage safe use.

Part of IT’s new role is to know when to enable employees’ app use and when to firmly say “no.” IT leaders should assert their broker role by outlining new plans and policies that fully protect corporate data. Part of this means determining enterprise-approved remote access apps. Another option, which could eliminate the need for remote access all together, is to implement a company-wide cloud portal. Creating a secure, one-stop enterprise tool for employees to access apps, and save and retrieve information from anywhere and any device, puts IT departments back in control and minimizes end users’ reliance on consumer-grade remote access apps.  That being said, it’s never wise to bet all your chips on 100-percent user compliance. Solutions to enforce policies while enabling users are still required.

Putting it all together

SaaS in the workplace offers numerous opportunities, but also a bevy of potential challenges. In order to negate the shortcomings of various consumer-centric apps, IT departments must strive to seek out the best options for employee and employer.

This starts with analyzing and thoroughly understanding which SaaS apps already exist in corporate environments and why, giving IT departments the context they need to communicate any risks that could arise and to promote the appropriate solutions.

Specifically, this means IT must enable, not surrender to, SaaS’s evolving use in the workplace. Taking a more consultative, not authoritarian, approach with the other lines of business gives IT the opportunity to break out of the gatekeeper role and strategically propel the business forward.

Mike Kane is the Director of Cloud and Client Solutions at Softchoice. Interested in what else Softchoice discovered in Shadow IT in the Enterprise: Softchoice SaaS Study 2013? Click here to download the full report.