SaaS sprawl and shadow IT: what IAM teams need to fix

TL;DR: SaaS adoption has expanded far beyond the one-app era, with more than 240,000 applications now available and many organisations losing track of applications, users, spends, and processes according to Zluri. The governance problem is not just cost leakage: unmanaged SaaS sprawl also expands shadow IT, unauthorized access, and control blind spots across identity programmes.

NHIMG editorial — based on content published by Zluri: SaaS Management Mastering SaaS Cost Optimization, a strategic playbook

By the numbers:

• In 1999, most companies used just one SaaS application, but today more than 240,000 such applications are available.
• 70% of applications within organizations remain unknown to IT departments, making it impossible to manage what isn't visible.

Questions worth separating out

Q: How should teams govern SaaS applications that users can adopt without central approval?

A: Teams should treat user-led SaaS adoption as both a procurement and identity issue.

Q: Why do unused SaaS licenses matter to IAM and governance teams?

A: Unused licenses often indicate more than wasted spend.

Q: What breaks when SaaS inventory is split across finance, IT, and security tools?

A: Control breaks when no single team can prove what is deployed, who uses it, and who approved it.

Practitioner guidance

• Map SaaS inventory to identity ownership Correlate app discovery with SSO, HR, finance, and contract records so every subscription has a named business owner and an accountable technical owner.
• Review unused licenses as access anomalies Investigate whether inactive subscriptions reflect dormant users, failed offboarding, duplicate tools, or approvals that were never cleaned up after role changes.
• Tie renewals to recertification decisions Require access certification and business justification before renewing significant SaaS spend, especially where usage data shows underutilisation or shadow adoption.

What's in the full article

Zluri's full blog post covers the operational detail this post intentionally leaves for the source:

• The phased SaaS optimisation model across discovery, rightsizing, usage control, renewals, and purchasing
• The platform's nine discovery methods for mapping apps, users, transactions, and contracts
• Workflow and recommendation features for approvals, renewals, vendor management, and license optimisation
• Examples of how the vendor connects usage monitoring to contract and renewal decisions

👉 Read Zluri's full SaaS cost optimisation playbook →

SaaS sprawl and shadow IT: what IAM teams need to fix?

Explore further

View Full Forum →  |  NHI Foundation Course →