Notifications
Clear all
Topic starter
12/06/2026 9:04 pm
TL;DR: A 100-employee company can spend nearly $1 million on SaaS, while 80% of employees admit using applications without IT consent, creating sprawl, redundancy, and offboarding risk, according to Zluri’s analysis of 150M+ SaaS usage transactions. The underlying issue is not just cost control but governance drift across discovery, lifecycle, and access revocation.
NHIMG editorial — based on content published by Zluri: SaaS Management What We Learnt Analyzing 150M+ SaaS Usage Transactions
By the numbers:
- A 100 employees company spends nearly $1 million on SaaS applications.
- 80% of employees have admitted using SaaS applications without the consent of the IT department.
- In some cases, it was even 13-15 times more than what they thought.
Questions worth separating out
Q: How should teams govern SaaS sprawl when employees adopt apps without IT approval?
A: Teams should govern SaaS sprawl as an identity control problem, not a procurement-only issue.
Q: Why do unmanaged SaaS applications increase identity risk?
A: Unmanaged SaaS applications increase identity risk because they often retain their own accounts, tokens, and data access outside central controls.
Q: What breaks when offboarding does not include SaaS discovery?
A: Offboarding breaks when discovery is missing because directory deprovisioning removes only the known identity record, not the unknown apps behind it.
Practitioner guidance
- Link SaaS discovery to identity governance Merge application discovery with access ownership, app usage, and lifecycle status so every SaaS record has an accountable business owner and a revocation path.
- Add SaaS offboarding to leaver workflows Require every departure process to check for hidden SaaS accounts, delegated access, and direct credentials beyond SSO before closure is approved.
- Replace spreadsheet inventories with continuous telemetry Use SSO, expense, and integration data together to detect unmanaged applications and stale subscriptions as they appear.
What's in the full article
Zluri's full article covers the operational detail this post intentionally leaves for the source:
- The layered discovery approach across SSO, expense systems, direct integrations, and endpoint signals.
- The specific examples of how Zluri spots idle applications, duplicate tools, and external apps signed up with company credentials.
- The article’s walkthrough of how access data and usage data are combined into a single SaaS view.
- The customer-facing examples of savings and governance alerts that follow from the discovery model.
👉 Read Zluri's analysis of 150M+ SaaS usage transactions and app sprawl →
SaaS sprawl and shadow IT: what IAM teams need to know?
Explore further
12/06/2026 10:54 pm
Shadow SaaS is really shadow identity. Once employees can adopt applications without IT consent, the governance problem is no longer just software sprawl. Every unmanaged app can carry its own accounts, tokens, and delegated access, which means lifecycle control has already failed before the security team sees the asset. Practitioners should treat SaaS discovery as identity discovery, not procurement cleanup.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: How do organisations know if SaaS governance is actually working?
A: SaaS governance is working when app inventory, usage, ownership, and offboarding outcomes stay aligned over time. A healthy programme can show which apps are active, which are idle, who owns them, and which accounts were revoked after departure. If those signals are missing, governance is mostly bookkeeping.
👉 Read our full editorial: SaaS sprawl exposes hidden access and governance gaps at scale
