Are you good at managing your SaaS account when you leave the company? - 3 misconceptions

Let's take a look at 3 facts that can easily be misunderstood as being good at deletion/management of SaaS accounts when leaving the company.
March 18, 2024
4 min read
Megazone PoPs

If an employee leaves the company, it is necessary to manage the SaaS account, such as taking back the software account they were using and reallocating the existing account to another employee or employee. You can prevent confidential information from being leaked by immediately revoking the access rights of employees who have left the company, and reduce costs without wasting licenses by deactivating accounts for employees who have left the company. Additionally, SaaS accounts used by employees who have left the company can be reassigned to other employees to improve efficiency.

The above information applies to corporate IT managers, security personnel, and human resources personnel. They prevent security issues by immediately deactivating accounts for employees who have left the company, manage licenses to optimize costs, assign necessary accounts to new employees, and more.

In this article, we include real-life examples where people working in IT management jobs must check to see if this is something that is happening in our company as well. Let's take a look at 3 facts that can easily be misunderstood as being good at deletion/management of SaaS accounts when leaving the company.

31% of all employees still access corporate SaaS

New York-based software company DoControl analyzed the SaaS environment of companies in various industries with more than 1,000 employees”The State of SaaS Data Security 2024According to”, 31% of all companies said that an employee who left the company had access to assets stored in SaaS applications.

Since the pandemic, cloud and SaaS usage rates have increased rapidly, and employees can access multiple accounts and sensitive data at any time. If accounts and user rights aren't properly managed, this can lead to data breaches. In the case of retirees, in principle, it is correct to dispose of accounts and related information, but there are many cases where they are left for convenience due to various factors such as business continuity. In order to protect the business from security threats, SaaS account management must be carried out properly, such as removing access rights and deleting accounts.

If an employee leaves the company after creating and assigning an account, it is important to ensure that permission is taken back, such as deleting all accounts used by the employee. It's easy to think you're doing a good job in SaaS management if there is a set process for granting SaaS accounts, but if handled manually by an IT administrator, there may be accounts or licenses that cannot be deleted.

In fact, in the “SaaS Management Status Survey” conducted for approximately 300 existing customers on Megazone Cloud, more than half of the responses were “We are managing it well according to the process set when granting an account,” but about 50% responded that “the status of SaaS usage cannot be easily grasped.” This shows that licenses, number of accounts, and costs per SaaS are not well managed after account allocation. In the end, it can be inferred that the problem is that they want account management to be a 'process' rather than a 'tool'.

3 misconceptions about being good at managing SaaS according to established processes

When managing with a spreadsheet

Published by Zylo, an American SaaS management platform company”2024 SaaS Management IndexAccording to”, 70% of companies use spreadsheets to manage SaaS. It's common for IT professionals to use spreadsheets to manage SaaS applications. This is because using spreadsheets can feel more economical in the short term than using IT management software, and they are familiar with it.

[alt text= Survey results on SaaS management tools used by companies]

However, spreadsheets inherently have limitations. The moment a spreadsheet is created, it becomes an outdated version of the data, so real-time data cannot be viewed and processed at a glance. As the amount of data grows, it becomes difficult to manage. Maintenance is labor-intensive and inefficient. Additionally, data silos are likely to occur, hindering collaboration and effective decision-making between relevant departments.

If your company first started adopting SaaS, managing SaaS with spreadsheets might have been enough. Of course, it's better to track SaaS accounts and usage in spreadsheets rather than not managing SaaS at all. However, spreadsheets don't provide an overview of SaaS usage.

When permissions are assigned and deleted on a daily basis for each SaaS

When an employee is hired, we investigate the SaaS they are using according to the relevant department. Request permission for SaaS A, confirm the license, and then grant the permission. Authorization is also requested for SaaS B, and authorization is granted after the license is confirmed. SaaS C, D, E... Repeat the assignment of permissions for each SaaS required per employee.

What about the process of leaving the company? Similarly, permission revocation must be repeated one by one for each SaaS. For each SaaS, access an administrator account to assign and delete permissions one by one. At this time, is it possible to confirm that all rights have been properly recovered and that no data has been leaked? In the first place, recommendations are manually assigned and deleted for each SaaS, so there is a high possibility that human errors will occur, and there is a limit to applying security policies one by one.

If the number of SaaS to be managed is small, IT personnel may be able to manage according to a set process, but as the number of SaaS increases, manual management methods are bound to be inefficient.

When SaaS management is limited to account creation, assignment, and deletion

Problems also occur because the linked accounts are not deleted even if all SaaS accounts used by the retiree are deleted. An example is AWS IAM (Identity and Access Management). IAM is a web service that allows you to securely control access to AWS resources, and creates IAM when you create an AWS account. The AWS account of the employee who left the company is deleted, but IAM is sometimes unable to delete it. In this case, there are also cases where server costs 10 million won per day, such as when retirees connect through IAM to mine bitcoins.

Unorganized accounts and Access Keys that never expire can lead to major incidents such as cost bombs or information leaks. POPs (POPs) are role-based access (RBAC) that frees IT personnel from AWS IAM management. Register required roles such as developers, engineers, designers, and operators, and assign roles to those responsible for each job. Administrators will no longer need to manage accounts issued to individuals, and practitioners will be able to access AWS with a single click in the POPs Launcher role.

PoPs(팝스)는 역할 기반 액세스(RBAC)로 SaaS 접근을 관리할 수 있음을 설명한 이미지

<PoPs Launcher에서 RBAC 기반으로 AWS Console에 로그인하는 화면>

[alt text=Image explaining that POPS (POPS) can manage SaaS access with role-based access (RBAC)]

What does the case where the employee's account was deleted but connected to the server via IAM suggest? SaaS management must ensure visibility of SaaS usage by managing the entire lifecycle of each employee's SaaS usage, not limited to simple account creation, assignment, and deletion.

The need for a SaaS management platform

I feel the need for SaaS management within the organization, and I need to check whether the processes I've created are working well. Manually updating account status in a spreadsheet has clear limitations in gaining multi-faceted SaaS visibility. The more accounts are managed manually for each SaaS, the greater the burden, inefficiency, and security threats on IT tasks.

As the use of SaaS increases and IT environments become more complex, there is a growing need for a SaaS management platform (SMP) that can simplify processes, increase accuracy, and enhance security. It's time to optimize the SaaS resources you're using using an SMP that's right for your organization.

'POPs' help secure retirement process by automating account management

POPs (POPs) is a SaaS management platform based on single sign-on (SSO) and two-factor authentication. User provisioning automatically adds the SaaS accounts required for hires and automatically deletes those leaving the company. The SaaS used by the organization is managed in one place, and the assignment and retrieval of permissions is simplified, saving IT staff time and allowing them to focus on more important tasks. The overall SaaS cost and usage can be viewed at a glance, making effective SaaS operation management possible.

If you have any questions about POPs, feel free to contact us. 👉 Contact POPs

SaaS 사용 현황을 파악해야 할 때입니다.
데모를 신청하시면 PoPs를 통해 조직에서 사용하는 SaaS를 어떻게 통합하고 관리하는지 알 수 있습니다.
데모 신청하기
Megazone PoPs

유용한 SaaS 관리 트렌드를
메일함에서 만나보세요.

구독해주셔서 감사합니다.
이메일 주소를 다시 확인해주세요.
"구독하기" 버튼을 눌러 이메일을 제출하시면 마케팅 활용을 위한 광고성 정보 수신 동의한 것으로 간주하며 이는 선택사항으로 미 동의시에도 MegazonePoPs 서비스 이용에는 지장이 없습니다.
[필수] 개인정보 수집·이용 동의 안내
PoPs는 아래 내용에 따라 귀하의 정보를 수집 및 활용합니다. 다음의 내용을 숙지하시고 동의하는 경우 체크 박스에 표시해 주세요.
1. 개인정보 수집자 : 메가존클라우드㈜
2. 수집 받는 개인 정보
[필수]이메일
3. 수집/이용 목적
- PoPs 뉴스레터 제공
4. 보유 및 이용 기간 : 개인정보 수집일로부터 3년(단, 고객 동의 철회 시 지체없이 파기)
※ 개인정보 이용 철회 방법
- 안내 문자 등의 동의 철회를 이용하는 방법 : 이메일 수신 거부 링크 클릭 또는 안내 문자 내 수신거부 연락처를 통한 수신 거부 의사 통보
- 개인정보 처리 상담 부서
- 부서명: Offering GTM Team
- 연락처:offering_gtm@mz.co.kr
※ 동의거부권 및 불이익
귀하는 동의를 거절할 수 있는 권리를 보유하며, 동의를 거절하는 경우 상기 이용 목적에 명시된 서비스가 제공되지 아니합니다.

[선택] 개인정보 수집·이용 동의 안내 (마케팅 활용 및 광고성 수신 정보 동의)
PoPs는 아래 내용에 따라 귀하의 정보를 수집 및 활용합니다. 다음의 내용을 숙지하시고 동의하는 경우 체크 박스에 표시해 주세요
1. 개인정보 수집자 : 메가존클라우드㈜
2. 수집 받는 개인 정보
[필수]이메일
3. 수집/이용 목적
- PoPs 뉴스레터 제공
※ 본 동의문에는 이메일을 활용한 광고성 수신 동의 내용이 포함되어 있습니다.
4. 보유 및 이용 기간 : 동의 철회 시 까지
※ 개인정보 이용 철회 방법
- 안내 문자 등의 동의 철회를 이용하는 방법 : 이메일 수신 거부 링크 클릭 통한 수신 거부 의사 통보
- 개인정보 처리 상담 부서
- 부서명: Offering GTM
- 연락처: offering_gtm@mz.co.kr
※ 동의거부권 및 불이익
귀하는 동의를 거절할 수 있는 권리를 보유하며, 동의를 거절하는 경우 상기 이용 목적에 명시된 서비스가 제공되지 아니합니다.

Realize SaaS Cost Optimization.

Gain visibility into your SaaS usage with centralized management to see your new costs.
Request a Demo
Respond within 3 business days
Demonstration of SaaS integration and management within your organization