Notifications
Clear all
Topic starter
12/06/2026 9:31 pm
TL;DR: As remote work expands tool adoption, SaaS stacks are becoming broader and harder to govern, with apps spanning collaboration, CRM, automation, accounting, design, and HR according to Zluri. The identity risk is not the apps themselves, but the uncontrolled access surface they create across users, integrations, and shadow pathways.
NHIMG editorial — based on content published by Zluri: IT Teams SaaS Stack for SMBs and Enterprises
By the numbers:
- Loom is used by over 100000 companies for communication via video or screen sharing.
- Pipedrive is used by over 95000 companies.
- DocuSign is used by over 250000 companies in 150+ countries.
Questions worth separating out
Q: How should security teams govern SaaS sprawl without slowing the business down?
A: Start by treating SaaS adoption as an identity governance problem.
Q: Why do SaaS integrations increase identity risk even when users are well managed?
A: Because integrations often use service accounts, API keys, and delegated tokens that sit outside normal human access workflows.
Q: What do teams get wrong about managing SaaS access at scale?
A: They often focus on the visible login experience and overlook the entitlement, integration, and lifecycle layers behind it.
Practitioner guidance
- Build a complete SaaS identity inventory List every business application, its owner, authentication model, integration dependencies, and review cadence.
- Classify every integration as a governed identity Tag API keys, delegated tokens, and service accounts with business purpose, system owner, and renewal date.
- Tie offboarding to cross-app revocation When an employee changes role or leaves, remove access across the full SaaS footprint, not only the directory and primary collaboration tools.
What's in the full article
Zluri's full article covers the operational detail this post intentionally leaves for the source:
- A category-by-category SaaS list for collaboration, CRM, automation, accounting, design, and HR teams.
- Product-specific descriptions and use cases for each platform mentioned in the article.
- Pricing and trial details that help procurement and application owners compare deployment options.
- Vendor-by-vendor examples of how different departments use each tool in practice.
👉 Read Zluri's guide to SaaS tools for SMBs and enterprises →
SaaS stack sprawl: what it means for IAM and access control?
Explore further
12/06/2026 11:39 pm
SaaS sprawl is an identity surface issue, not a software catalogue issue. The article frames a broad business tooling landscape, but the deeper governance problem is that every new SaaS subscription adds another access domain with its own lifecycle burden. Once collaboration, CRM, automation, accounting, and HR tools are all in play, the identity perimeter expands faster than most programmes can track. The implication is that SaaS inventory now belongs in identity governance, not just IT procurement.
A few things that frame the scale:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: How do IAM and IGA teams keep offboarding effective across a large SaaS stack?
A: Link offboarding to a full application inventory and require revocation evidence for every high-risk app, not just the directory. The hardest failures happen when access lingers in niche business tools or automation paths. Offboarding is complete only when the entire SaaS footprint has been checked and deprovisioned where needed.
👉 Read our full editorial: SaaS sprawl is the identity surface problem SMBs keep underestimating
