SaaS sprawl and license waste: what IAM teams are missing

TL;DR: Hidden SaaS spend, unused licenses, renewal drift, offboarding gaps, compliance exposure, and manual IT work all erode ROI when organisations lack visibility and lifecycle control across their application estate, according to Zluri. The broader lesson is that SaaS cost optimisation and identity governance are now inseparable, because access, licences, and accountability move together.

NHIMG editorial — based on content published by Zluri: Zluri Features 6 Ways To Achieve Immediate ROI With Zluri

By the numbers:

• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.

Questions worth separating out

Q: How should organisations reduce SaaS spend without weakening identity governance?

A: They should connect app discovery, ownership, usage, renewal, and offboarding into one lifecycle model.

Q: Why do unused licenses often become a security issue as well as a cost issue?

A: Unused licenses usually indicate that the organisation has lost track of who still has access and who should no longer need it.

Q: What should teams do when renewals are approaching but usage is unclear?

A: They should freeze automatic approval and require an evidence check against ownership, usage trends, and business need.

Practitioner guidance

• Unify app discovery across finance, HR, SSO, and CASB data Reconcile every SaaS source into one entitlement inventory so duplicate apps, dormant subscriptions, and hidden charges can be reviewed against actual usage, not anecdote.
• Gate renewals on usage evidence before contract lock-in Require an owner to confirm active business value, user counts, and feature consumption before a renewal calendar can roll forward a subscription or payment.
• Trigger offboarding from authoritative lifecycle events Connect HR departure events to license removal and reallocation workflows so app access and spend recovery happen together, not as separate tasks.

What's in the full article

Zluri's full article covers the operational detail this post intentionally leaves for the source:

• The nine discovery methods used to surface SaaS applications across HR, finance, SSO, and endpoint data.
• The renewal calendar workflow, including reminder timings and prioritisation logic for contract decisions.
• Examples of reclaiming licenses from departing employees through HRMS integration and centralised dashboards.
• The vendor's automation examples for onboarding, offboarding, and employee app store workflows.

👉 Read Zluri's ROI playbook for SaaS spend reduction and lifecycle control →

SaaS sprawl and license waste: what IAM teams are missing?

Explore further

View Full Forum →  |  NHI Foundation Course →