SoftwareONE

Flexera SaaS Manager

Flexera SaaS Manager provides visibility of SaaS in an organization, via discovery of SaaS spend. SaaS Manager integrates to Single-sign On applications to monitor SaaS and report on usage, to expense data to track unauthorized SaaS spend and manages SaaS contracts and renewals.

Features

  • Identify more than 32,000 SaaS applications via expense data.
  • Get detailed SaaS usage and cost data by user.
  • Allocate SaaS investments by department for financial reporting.
  • Detect unauthorized SaaS apps.
  • Centralize reporting and help track illusive users.
  • Protect against unauthorized access to proprietary data.
  • Manage the SaaS subscription life cycle for each vendor.

Benefits

  • See full SaaS usage in your organization.
  • Understand SaaS usage and make informed decisions on SaaS.
  • Cross-charge and allocate SaaS expense accurately.
  • Eliminate duplicate SaaS applications and related costs.
  • Have central view of SaaS usage and costs.
  • Remove access by unauthorized SaaS Users.
  • Be aware of SaaS contract renewals and expiry.
  • Implementation. Large-scale enterprise implementation measured in days not years.
  • Scalability. Can scale to hundreds of thousands of users.
  • Integrations. Using web services ensure tight linkages with all systems.

Pricing

£8.63 per device

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

9 9 7 2 0 0 2 8 2 6 6 9 9 8 3

Contact

SoftwareONE

Tom Hook

+44 203 005 0238

technology-products.uk@softwareone.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
None
System requirements
  • Supported Browser is required.
  • Integration to systems as needed (e.g. SSO, expense, SaaS)

User support

Email or online ticketing support
Email or online ticketing
Support response times
This would depend upon Severity and negotiated Support contract. Typically for Gold Support, responses are elicited within 30 minutes for Sev1, or up to 8 business hours for Sev4.
More information on Support Levels (Gold / Silver) can be found by contacting Flexera.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Flexera offer two levels of support for FlexNet Manager Cloud - these are 'Gold' and 'Silver'. More details can be found on the Flexera website - https://community.flexera.com/t5/Flexera-Community/ct-p/Flexera_Community.

A 'Customer Success Manager' is provided for customers to drive success at each account. The CSM is typically not charged for.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Flexera offer both onsite and web-based training for customer, with most web-based training videos being free for customers.
Extensive documentation for Flexera SaaS Manager exists, both in PDF format or in-context HTML for accessing when using the Web UI.
Onboarding Services are also offered and can be defined in accordance with requirements, as customers see fit. These services can be delivered via Flexera Professional Services, or via 3rd party.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Users can export data via a number of methods from the Flexera SaaS Manager, such as via the Admin UI's - into standard formats such as CSV/XLS.
End-of-contract process
SoftwareONE

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
Flexera SaaS Manager provide a web-based browser interface to the service, using standard browser controls and access to obtain the information in SaaS Manager.

Flexera SaaS Manager offers several ways to authorize Direct Connect Integrations for adding SaaS applications to the Flexera SaaS Manager application catalog.
Once the method is decided for integrating SaaS applications into Flexera SaaS Manager, different approaches are used to provide the required information needed to integrate a specific application. this can be via API, or import of CSV file, or others.
Accessibility standards
None or don’t know
Description of accessibility
Users primary involvement in SaaS Manager is to view data and reporting of SaaS usage in the environment and make intelligent decisions based upon this data. Flexera SaaS Manager provide a web-based browser to this end, using standard browser controls and access to obtain the information in SaaS Manager. Accessibility of data for users is within the capability delivered via the browser.
Accessibility testing
No specific testing on assistive technology.
API
No
Customisation available
Yes
Description of customisation
The Flexera SaaS Manager service is designed to be constructed and customized to the users requirements. Customization occurs initially during the integration phases, where data models and therefore data presented can be customized (data added / removed). Within the UI, different data fields can be sorted / filtered and data extracts can be performed. User customize the service via the browser based interface only (no other customization is required). User Roles exist within Flexera SaaS Manager to define who has access to customization capability.

Scaling

Independence of resources
Flexera SaaS Manager utilizes Amazon Cloud Front, a leading provider of distributed computing technology for global Internet content, streaming media, and application delivery, to increase the scalability, performance, and availability of the SaaS Manager application and content. These benefits are realized via Amazon’s Cloud Front service and both HTTP and HTTPS Content Delivery, which includes built-in technologies that ensure consistent, predictable application performance on a global scale, even under the most challenging Internet conditions. Using route optimization, Amazon CloudFront identifies the fastest and most reliable path back to SaaS Manager servers to retrieve application content.

Analytics

Service usage metrics
Yes
Metrics types
SaaS Manager’ Status Site is a client-facing dashboard that provides system status by swim lane. It contains both live and historical information on server operations and system availability. The site is accessible to clients and partners at http://status.metasaas.com
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Flexera

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Most data is presented via the administrative Web-UI, and can then be exported using built-in functions to extract to CSV formats.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
XLSX

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
SaaS Manager maintains a variety of availability strategies, tactics, and solutions. They involve a combination of short-term data recovery tactics, distribution of functionality to avoid single-points-of-failure,redundancy, business function duplication, backup processes, proven documentation, and cross training of critical personnel. Recovery Point Objectives (RPOs) have been established such that no recovery of computing or business
function has unacceptable latency. Recovery Time Objectives (RTOs) have been established so that it takes no longer than a designated amount of time to restore business functionality after declaration of a
business disaster or interruption. Critical corporate functions and personnel will be in operational readiness, but possibly operating in “degraded mode”. “Degraded mode” is where business operations
may be slower than normal and may only include mission-critical functionality.
Approach to resilience
SaaS Manager’ Disaster Recovery/Business Continuity Plan defines plans, procedures, and guidelines for the Company in the event of disaster. Specifically, the plan establishes procedures for recovering
business operations, internal data, systems, and critical internal functions to maintain SaaS Manager as an on-going concern in the face of unexpected events. The plan has the following primary objectives:
• Identify critical systems, services, and staff necessary to maintain and / or restore SaaS Manager business operations and internal functions.
• Provide guidelines for the communication of activities and status to both SaaS Manager staff and client personnel during the recovery period.
• Present an orderly course of action for restoring critical computing capability to SaaS Manager and for maintaining and/or restoring client service and support.
Data is safeguarded with real-time replication and/or log shipped databases. This provides for low latency (1 hour recovery point objective) of client transaction data. Disaster recovery servers are located in the various Amazon data centers. Database and file servers receive a constant real-time stream of updated information from the production data centers by using software based data replication.
Outage reporting
SaaS Manager’ Status Site is a client-facing dashboard that provides system status by swim lane. It contains both live and historical information on server operations and system availability. The site is accessible to clients and partners at http://status.metasaas.com

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
The SaaS Manager application is entirely rights and roles-driven. The application features many security permissions, related to hundreds of features, which can be configured to roles or individual users. For
example, general rules may be established for certain types of administrators, but each user may also be granted their own unique permissions. These permissions are all stored as part of the user’s information. Hence, users only see what they have been given permission to see. As such, their view to data in the system is constrained by their specific availability rights. Security roles are managed by Client Administrators.
Access restriction testing frequency
At least once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
AWS
ISO/IEC 27001 accreditation date
December 11, 2016
What the ISO/IEC 27001 doesn’t cover
The applications and supporting software not covered by the AWS ISO 27001 Global Certification.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Unknown
PCI DSS accreditation date
Unknown
What the PCI DSS doesn’t cover
Payment Card Industry (PCI) regulations require that SaaS Manager be in compliance with the PCI Security Standards. SaaS Manager holds no transaction information. SaaS Manager is categorized as PCI Level 4 SAQ D under the Payment Card Industry Data Security Standards. Standards include: building and maintaining a secure network, protecting cardholder data, and maintaining an information security policy. SaaS Manager takes the following measures to remain in compliance with PCI:
• Completes an annual self-assessment questionnaire (SAQ).
• Completes and obtains evidence of a daily monthly vulnerability scan
with a PCI SSC Approved Scanning Vendor (ASV). A certificate of
compliance is updated on a quarterly basis and made available to clients upon request.
• Completes the relevant Attestation of Compliance in its entirety (located in the SAQ tool).
Other security certifications
Yes
Any other security certifications
  • AWS_ISO_27001_Global_Certification
  • AWS Systems and Controls (SOC) 2 Report

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
EU-U.S. Privacy Shield Framework
Fair Information Practice Principles (“FIPPS”)
Information security policies and processes
Flexera operate a multi-faceted approach to Application Security Governance. A Secure Systems/Software Development Lifecycle is active and In addition to the mandatory corporate security training provided through our Learning Cloud, Flexera provides access and encourages training for its engineering staff through Pluralsight.  Participation in training provided through Pluralsight, this will become mandatory in 2019 for our engineering staff (to include developers and testers). A clearly defined reporting structure is in place with Senior leadership executing security governance and reviews regularly. More details can be provided on demand.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Public Cloud hosted Flexera applications are managed within a change management methodology that includes processes for the request, review, approval, and verification of changes. Flexera has an established change management committee (CMC) with responsibility for the scheduling and administration of changes. Change requests are submitted in Flexera’s CMS, reviewed by committee, and approved by management during the weekly CMC meetings. For any scheduled high risk changes, test and back out plans will be discussed before the change approval.
All changes are assessed by Flexera Data Platform security principals for security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Flexera conducts a formal risk management program to continually identify, assess, mitigate, and monitor risks, and modifies its controls as a result of this process. A risk management assessment is completed on an annual basis at a minimum. Any changes required by the risk mitigation activity will be scheduled and approved in the weekly Change Management Committee (CMC) meetings.
AWS provide a comprehensive patch management policy that is in place for mission critical devices, and ensures that software, firmware and operating system patches are identified, tested and installed in a timely manner.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
AWS public cloud hosted applications/infrastructure are monitored using monitoring applications that provide notification of critical system/app events. Customer-facing websites are monitored using different services – one for immediate event notification and another for calculation of SLAs.
Events that affect availability of AWS Hosted Cloud applications are investigated, resolved and documented according to procedure by the Site Reliability Engineering department. This team is alerted to any suspicious activity with the alert method varying depending on the severity.
Incident management type
Supplier-defined controls
Incident management approach
Predefined processes exist for Events. The first priority is for the Site Reliability Engineering team to investigate and resolve any issues affecting the availability, stability, performance, or security of the Cloud hosted application/services. If there is no resolution within 15 minutes, an email will be sent to notify members of the SRE, Engineering, Client Success and Customer Support. If after hours, customer support will be notified.
Further escalation to the Cloud hosting service provider will occur, if and when identified.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£8.63 per device
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A trial version of Flexera Data Platform Manager can be requested during a PoC. This can be supplied with demonstration data. This version is limited to a short time frame for use (i.e. during the PoC) where specific use cases are performed, according to customer requirements.

Service documents

Return to top ↑