SaaS sprawl and shadow subscriptions: what IAM teams miss

TL;DR: More than 30% of SaaS spend is wasted each year, according to Zluri research, while the post argues that unused, duplicate, and abandoned subscriptions also create security and compliance drag as SaaS adoption accelerates. The practical issue is not just cost control. It is governance over app access, lifecycle, and entitlement cleanup before shadow subscriptions become shadow identities.

NHIMG editorial — based on content published by Zluri: The Story of Forgotten Subscriptions & the Birth of Zluri

By the numbers:

• 30% of the SaaS is wasted every year, every year, confirms Gartner's research.
• Only 5.7% of organisations have full visibility into their service accounts.
• 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage.

Questions worth separating out

Q: How should security teams govern SaaS subscriptions that are no longer in use?

A: Treat unused subscriptions as active identity assets until they are formally removed.

Q: Why do forgotten subscriptions create more than just financial waste?

A: Because an unused subscription can still hold live authentication links, delegated admin rights, or connected data access.

Q: What do organisations get wrong about SaaS inventory management?

A: They often track licences without tracking access.

Practitioner guidance

• Build a governed SaaS inventory Record every subscription with a business owner, technical owner, renewal date, authentication method, and revocation path.
• Tie offboarding to application removal When an employee leaves or a team changes tools, remove the subscription assignment, disable linked logins, and revoke any delegated admin access.
• Run periodic access recertification on SaaS apps Review high-value applications on a fixed cadence to confirm usage, ownership, and necessity.

What's in the full article

Zluri's full blog post covers the personal story and SaaS-management framing this post intentionally leaves for the source:

• The founder's step-by-step reasoning from personal subscription waste to a SaaS management business case
• The product framing around subscription monitoring, unused app discovery, and business-user SaaS oversight
• The operational detail behind why mid-market and enterprise teams struggle with SaaS record-keeping
• The original discussion of compliance and scalability concerns in SaaS-heavy environments

👉 Read Zluri's story on forgotten subscriptions and SaaS management →

SaaS sprawl and shadow subscriptions: what IAM teams miss?

Explore further

View Full Forum →  |  NHI Foundation Course →