Did We Overeat on Software?

It’s been a little over a decade since Marc Andreesen famously declared that software was eating the world. He was right. Now, we’re in a new phase: There is powerful software everywhere we look, and we’ve been consuming it without much regard for the long-term effects. So much so that, today, we’re faced with an ironic question: Did we overeat? 

Our plates are certainly filled with every type of application imaginable, and they’re all so tempting. Do you know how many apps you’ve ever signed up for? Maybe dozens, or even hundreds? The average number of apps deployed per Okta customer has risen 22% over the past 4 years. Heads of IT I talk with often joke that their companies have more SaaS apps than employees.

This can be a problem and you should care about this. Organizations that let their appetites grow unchecked face three major risks:

• Costs: With remote work becoming the standard, we’ve seen software become the second biggest expense line for many companies. However, up to 25% of SaaS apps and licenses go unused. If your company’s top two expenses are people and technology, you’re wasting a bunch of money on one of your top expenses.
• Compliance risks: To sell cloud-based software or store client data in the cloud, you need to become or stay SOC2-, ISO 27001-, or even SOX-compliant. Think of your company and its data as a castle. You need to prove to auditors that it’s well protected. Now, picture every app as a window, doorway, bridge, or entrypoint to your castle. The more apps, the more scrutiny you’ll receive from auditors.
• Operational efficiency: The difference between a good chef and a world-class chef is all about how they manage their staff to deal with all the ingredients at hand. Your team is certainly not collaborating well when they use multiple types of the same app, such as Monday, Jira, Asana, or ClickUp. Also, internal support tickets grow exponentially with the number of apps used.

Nevertheless (and to push the food metaphor one step further), many of the apps your company uses actually are the ingredients for building a great product. After all, building a technology company is complicated. And to do it effectively you need the right components and tools. However, the trick to taking advantage of them — to becoming a 3-star Michelin restaurant of software — is to think about how to masterfully manage all your software. 

One method of accomplishing this, of unlocking your company’s full potential through technology, is to change the priorities of IT, security, and procurement — the teams that generally care about software operations. Instead of making them fix problems (e.g. resolving IT tickets), help them create infrastructure that empowers employees to operate software themselves and to become a self-governed workforce.

The appocalypse. Or is it …?

But first: How did we get here, to this present day when companies are living on SaaS and living through what I jokingly refer to as the appocalypse? What are the causes of our software addiction?

Better UX of modern software has unbundled traditional enterprise software

Employees use more and more specialized apps to be successful at work. We used to use Microsoft products for almost everything. Now, we use Airtable instead of Excel, Notion instead of Word, Pitch instead of PowerPoint. To put some numbers behind what many of us see in our day-to-day lives: Over 42% of Okta’s Office365 customers now also deploy Zoom instead of just using Microsoft Teams, and 26% of them also utilize Box despite having OneDrive.

Individuals are using more apps due to easy and free adoption

Traditionally, enterprise products were sold top-down: The CIO decided to buy Salesforce or Microsoft Office and they became the defaults for the entire company. But startups like Slack and Dropbox popularized bottom-up growth, and, today, 67% of developer companies (e.g. Datadog or AWS) have a free plan or trial. We don’t need to set up a call with salespeople or ask IT for permission anymore — we simply sign up for the free version of the tool.

In short: Apps are here, there, everywhere. But did we overdo it? Are we, in fact, using too many apps? I don’t think so. To the contrary, software can give us superpowers to drive the business forward faster. 

Treat technology as a business driver

Think about your car. It requires 30,000 parts to create just one car. But rather than scaling back on the number of parts, car manufacturers instead developed the most effective method to assemble the car. The innovation came from how they brought different parts together. For example, the Toyota Production System, also called “lean manufacturing,” became a core competitive differentiator for Toyota. One principle was to minimize waste and continuously improve operations by bringing problems to the surface quickly. Agile software development and the “lean startup” methodology were inspired by the Toyota system of “build, measure, learn.” 

Similar to Toyota, companies should think about how to change their operating principles around software and turn them into a competitive differentiator. Traditional approaches to managing technology aren’t sufficient. Companies often think that centralization is the answer but, in this case, it’s not. There are simply too many apps to contend with, in addition to other factors such as security and compliance.

Centralized software administration is the enemy

In 1944, the Central Intelligence Agency published a guide on how to sabotage your workplace. Point No. 1 was to never take shortcuts and always go through a centralized “channel.” Think about the last time you needed access to an app or a permission. You had to go through a channel created by an IT ticket, and were stuck waiting. Or what about the last time you needed to buy a new piece of software? It can take 2 to 3 months until you get all the necessary approvals to purchase an application. 

Here’s why centralization doesn’t work, and why approaches to fixing it can miss the mark.

Centralization creates bottlenecks

More than half of all apps are procured and managed by subject-matter experts in different teams — many of whom just want to acquire their tools and get to work. However, departments like IT, security, or procurement need to help with most of those requests. From what we’re seeing, between 40% and 60% of all IT tickets are related to software-access problems, which, on average, take about 19 hours to resolve. Employees are stuck waiting, and admins are getting crushed by busywork such as account creation. The management overhead increases with each additional app. 

Centralization leads to leaky buckets

Companies also centralize oversight to mitigate cost, compliance, or security risks. The logic is sound, in that employees shouldn’t just purchase duplicate software or receive excessive admin permissions. However, reviewing hundreds of apps and thousands of accounts is not scalable with a centralized approach — it creates leaky buckets, where employees still receive and keep unnecessary access to apps without anyone knowing. For example, 25% or more of software goes unused within most companies. Or, Segment’s security team showed last year that 60% of its 669 admin roles were not actively used.

More headcount is not the solution

Often, operation teams object that they are not as well funded as other departments, which makes them move slower than they actually want to. So, why don’t we just continuously grow admin headcount with the number of apps that we are using? However, the issue lies exactly in that question and with the assumption that the problem can only be solved by centralizing help and oversight. It’s a solution that doesn’t scale.

Centralization of software administration is a weird thing. It tries to make things easier but, somehow, it makes things worse for everyone as the number of apps increases. So, how can we reimagine the roles of the teams that care about software operations — namely IT, security, and procurement?

Make the compliant path the easy path

Let’s face it: employees will almost always take the easiest path to value. If your approach to managing software remains centralized with lots of bottlenecks, then employees will continue to work around your policies by doing things such as secretly buying software. It’s a vicious cycle. In order for many individuals to act responsibly — and to change the relationship between IT/security/procurement and the rest of the organization — the compliant path needs to become the most convenient path. 

Self-governance is the new approach to manage software

Tackling this complexity can only happen if we give control and responsibility back to employees and their teams. Instead of handing people food, you teach people how to cook without burning themselves. Basically, the goal is to find a way where incentives are aligned so that employees that act in the most cost-efficient and secure way also solve their own problems most quickly. 

We’re already conditioned to do-it-yourself when it comes to buying food and gas — and even checking in for a flight — so why not with managing enterprise software? Instead of asking IT for support (or working through “channels,” as the CIA described in its guide to workplace sabotage), IT could enable employees to help themselves quickly and responsibly. Instead of being the centralized execution arm, security, procurement, and IT need to become the company-internal platform that enables employees with the right infrastructure.

Automation is great, but it requires centralized support and that doesn’t scale with hundreds of apps.

Adopting a process and structure for self-governance is an important problem to solve because it directly affects the bottom line. Organizations that don’t focus on evolving from their systemic centralized setup to one of self-service risk wasting huge amounts of money on unused software, tanking the next compliance audit, and having the whole organization run inefficiently. It’s a leadership priority to change how your organization works, so it can unlock its full potential by strategically using third-party applications instead of getting overwhelmed by them.

The question companies should be asking themselves is how to encode self-service in as many places as possible. For example:

• Once IT creates workflows around who should approve which app, employees can request apps, permissions, internal tools, or even developer resources without IT help. 
• If procurement builds a system around who needs to approve what type of software purchase, employees can go ahead and use that self-service system. 
• If security implements a way to grant access to sensitive apps or permissions just for a certain time window, they won’t need to centrally review access all the time.

Incorporate self-governance into your goals

All these examples show how the role of software operation teams can change: Instead of resolving support tickets or alerts, they could focus on encoding the system in the right way and coaching the whole organization along the way. Beyond that, another approach for changing technology management through a self-governed workforce is to encourage all of your team leaders across your organization to incorporate self-service into their OKRs or V2MOM process. 

For example, IT usually has a goal around reducing operational headcount requirements through automation. Automation is great, but it requires centralized support and that doesn’t scale with hundreds of apps. Instead, IT could attempt to reduce operational headcount requirements through self-service. Or, IT sometimes adds a goal around reducing the time it takes to respond to tickets. Again, this goal is made under the assumption that help needs to be centralized. Instead, try adding a goal to reduce the percentage of requests that don’t require a first touch from IT.

Up to 25% of SaaS apps and licenses go unused. If your company’s top two expenses are people and technology, you’re wasting a bunch of money on one of your top expenses.

Self-governance can also start with a small exercise to decrease SaaS spend. Managing hundreds of vendors centrally is impossible, but it might work to do something as simple as sending every Outreach.io or Smartsheet user an email explaining that you are trying to save on software spend. Request a 👍 if they don’t use the software anymore so that you can reclaim the license.

Or, ask all your app admins to help reduce overspending. Create a shared spreadsheet of software apps and annual costs, then ask them to reduce as much cost as possible by either removing licenses or canceling apps altogether. To make this a team challenge and align incentives, offer a prize for each unused or redundant app they delete, and a monetary incentive to the top three admins who reduce SaaS spend the most. This approach gives you a first glimpse into what it means to have a self-governed workforce.

Are we full yet?

Building a technology company is complicated — especially today. Rather than bemoan all the tools we’re using, a better use of energy might be creating an efficient way to manage both your tools and their underlying processes. Empowering your teams and employees through self-governance can become a competitive differentiator. Not only will employees feel like an integral part of the process and therefore have a stake in its success, but those in IT, security, and procurement will become true enablers instead of ticket or alert resolvers. 

So, yes, we may have an all-you-can-eat SaaS buffet in front of us, but we have the tools and knowledge to satiate our appetite and make all those choices work in our favor. It just takes the willpower to change our relationship with software.

• 

  Andrej Safundzic is the co-founder and CEO of Lumos, an identity startup. Previously, he co-founded DigitalService4Germany, the German Federal Government's central digital transformation unit.

  Follow Twitter Website