惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
大猫的无限游戏
大猫的无限游戏
爱范儿
爱范儿
Martin Fowler
Martin Fowler
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Register - Security
The Register - Security
IT之家
IT之家
博客园_首页
Microsoft Security Blog
Microsoft Security Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 三生石上(FineUI控件)
I
InfoQ
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Jina AI
Jina AI
Apple Machine Learning Research
Apple Machine Learning Research
M
MIT News - Artificial intelligence
博客园 - Franky
C
Check Point Blog
T
The Blog of Author Tim Ferriss
V
Visual Studio Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
T
Tailwind CSS Blog
Recent Announcements
Recent Announcements
云风的 BLOG
云风的 BLOG
美团技术团队
The Cloudflare Blog
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
MyScale Blog
MyScale Blog
The GitHub Blog
The GitHub Blog
D
DataBreaches.Net
Google DeepMind News
Google DeepMind News
V
V2EX
aimingoo的专栏
aimingoo的专栏
GbyAI
GbyAI
G
Google Developers Blog
S
SegmentFault 最新的问题
Hugging Face - Blog
Hugging Face - Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
U
Unit 42
罗磊的独立博客
量子位
MongoDB | Blog
MongoDB | Blog
Last Week in AI
Last Week in AI
Stack Overflow Blog
Stack Overflow Blog
小众软件
小众软件
D
Docker
人人都是产品经理
人人都是产品经理

Blog on 1Password Blog

Why secure-by-design is an incentives problem, with Bob Lord | 1Password NIST and AI agents: 1Password’s approach to agent identity | 1Password Go beyond device health with External Checks in 1Password Device Trust | 1Password Natoma and 1Password help enterprises scale AI securely with governed agent access | 1Password New integrations between 1Password SaaS Manager and EPM | 1Password A first step toward post-quantum security | 1Password RSA 2026: Leading the way to secure agentic AI | 1Password How 1Password is Building a Culture of AI Fluency Through AI Champions | 1Password 1Password vs. Keeper Security: A comparison | 1Password 1Password vs. LastPass: Which is right for you? | 1Password Secure MCP credentials with 1Password and Runlayer | 1Password The next layer of AI security | 1Password Building the next chapter of Go-to-Market in EMEA | 1Password Automating SOC workflows with 1Password Enterprise Password Manager | 1Password Automated Provisioning hosted by 1Password: A Simpler, Smarter Way to Manage Access | 1Password Introducing 1Password® Unified Access: Identity Security for Humans and Their AI Agents | 1Password Next-generation automated provisioning, without compromising zero-knowledge security | 1Password Bitwarden vs. 1Password: Which password manager is right for you? | 1Password Password Manager for Families, Enterprise & Business | 1Password | 1Password How to wrangle SaaS contract renewals | 1Password Stop trusting consumer browsers with work credentials | 1Password IAM stops at sign-in. Your credentials do not. | 1Password Your digital pit crew: a 10-minute pre-race security checklist | 1Password 1Password Device Trust is coming to EMEA | 1Password The identity transformation: Analyst and CIO insights | 1Password Why now is the moment to join 1Password Go-To-Market | 1Password Identity and Accountability in the Age of AI Agents | 1Password How 1Password secures agent architectures | 1Password 1Password becomes the first global partner to transact through Express Private Offers in AWS Marketplace | 1Password Start Learning on 1Password Academy | 1Password Expanding Programmatic Access to 1Password | 1Password Zero knowledge vs. a malicious server: A look at ETH Zurich’s research | 1Password Agents are making filesystems cool again | 1Password Black History Month employee spotlight: Joseph Ojelade | 1Password 1Password's new benchmark teaches AI agents how not to get scammed | 1Password Streamlining SaaS onboarding and offboarding | 1Password 3 common SaaS Management challenges and how to avoid them | 1Password How 1Password Is Evolving Its Partner Ecosystem | 1Password How to build secure agent swarms that power production-grade autonomous systems | 1Password From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password Solving the unsanctioned SaaS problem | 1Password 1Password and 60 Day Hustle: cybersecurity for small businesses | 1Password Security advisory for AI-assisted browsing interactions with the 1Password browser extension | 1Password It’s incredible. It’s terrifying. It’s OpenClaw. | 1Password Managing the risks of social logins | 1Password What’s the first security tool your small business should buy? | 1Password As AI Supercharges Phishing Scams, 1Password Introduces Built-In Protection | 1Password How to interview with confidence at 1Password | 1Password Five tips for successful SaaS Management | 1Password SaaS Manager | 1Password Why SaaS License Waste Is a Cost and Security Problem | 1Password AI is changing the IDE. With 1Password, security keeps up | 1Password How IT teams can get a handle on shadow IT | 1Password Bringing secure, just-in-time secrets to Cursor with 1Password | 1Password The Chasing Entropy Podcast Season One is in the Books | 1Password Now available via QBS Software: 1Password Enterprise Password Manager – MSP Edition | 1Password The role of credentials in the AI espionage campaign reported by Anthropic | 1Password The hidden offboarding step draining your budget | 1Password AWS and 1Password: Innovation in AI and beyond | 1Password Simplifying credential security on OpenAI Atlas | 1Password From Social Work to Social Impact: Growing at 1Password | 1Password Improving in-page notifications in the 1Password browser extension | 1Password Now available via Renaissance: 1Password Enterprise Password Manager – MSP Edition | 1Password Behind the wheel at Oracle Red Bull Racing | 1Password Securing MCP servers with 1Password: Stop credential exposure in your agent configurations | 1Password What’s new in 1Password Enterprise Password Manager - Q4, 2025 | 1Password Belonging as a catalyst for high performance | 1Password Password habits are worsening, but leaders see a path to passwordless | 1Password A simpler, faster way to unlock 1Password | 1Password Oracle Red Bull Racing Episode 4, CIO Matt Cadieux | 1Password 70% of IT and security pros say SSO is falling short | 1Password 1Password's Phishing Survey: Avoid Holiday Phishing Scams | 1Password Securing the Win | 1Password SaaS optimization: How to maximize value and reduce costs | 1Password The enterprise AI crisis: Unsanctioned tools and unenforced policies | 1Password An Identity Security taxonomy for Agentic AI | 1Password Introducing new .env file support in 1Password environments | 1Password Speed and security: Mark Hazelton on protecting Oracle Red Bull Racing’s most valuable asset – its data | 1Password 1Password for Good: Giving back during cybersecurity awareness month | 1Password Utah Mammoth and Utah Jazz score with identity security | 1Password Oracle Red Bull Racing CEO and Team Principal | 1Password Three signs you need a SaaS Management Platform | 1Password Closing the credential risk gap for AI agents using a browser | 1Password Microsoft and Dropbox password managers are sunsetting: What it means and what to do next | 1Password From hackathon nerves to internship wins: Kavya’s journey at 1Password | 1Password 1Password now available in Comet, the AI-powered browser by Perplexity | 1Password 1Password announces new integration with Zscaler | 1Password Breaking the mold: Why more women should consider a career in sales | 1Password What security leaders need to know about mergers and acquisitions | 1Password Clickjacking: What it means for 1Password users | 1Password AI and security at Black Hat: 5 key takeaways from a security expert panel | 1Password Blog | 1Password Do any CISOs feel lucky? | 1Password How to lead with confidence in the AI era: a conversation with Nancy Wang, VP, Engineering | 1Password New Device Trust Check makes browser extension enforcement easier | 1Password Purpose, performance, and trust: Inside the culture powering 1Password’s next chapter | 1Password Now available on Pax8 Marketplace: 1Password Enterprise Password Manager - MSP Edition | 1Password The security principles guiding 1Password’s approach to AI | 1Password Choosing the right SaaS management platform for your business | 1Password Simplify access reviews with 1Password SaaS Manager | 1Password How great usability tripled Duke University's password manager adoption | 1Password
Password Manager for Families, Enterprise & Business | 1Password | 1Password
info@1password.com (Chris Fowler) · 2025-11-20 · via Blog on 1Password Blog

Security leaders are under pressure to manage an expanding number of SaaS apps and shadow IT. Automation transforms the fight for visibility into a framework of continuous monitoring.

Virtually every company runs on more SaaS than it can see, and spends more on it than it can control.

From analytics tools to HR platforms and AI agents, every new license improved productivity while expanding the surface that IT and security must protect.

For years, Identity and Access Management (IAM) and Identity Governance and Administration (IGA) systems formed the backbone of enterprise security, authenticating users, enforcing policies, and governing access. But the perimeter they were designed to protect no longer exists.

In today’s open SaaS workplace, anyone with an email address can add a new application outside SSO and beyond IT’s visibility. Security’s role is shifting from rigid enforcement to managing visibility and flexibility.

There are now three distinct categories of SaaS that every organization runs: 

  • Managed apps behind SSO and IAM

  • Business-managed apps owned by teams, even if not centrally managed

  • Unmanaged apps and AI, a.k.a. shadow IT, operating invisibly

The amount of work happening on unsanctioned tools and outside of policy is alarming. The 1Password Annual Report 2025: The Access-Trust Gap found that:

  • 52% of employees admit to downloading work apps without IT approval.

  • 37% admit they don’t always follow their company’s AI usage policies

  • 70% of security leaders say SSO is insufficient for managing employee identities. 

Addressing these gaps between access and trust has spread IT teams thin and created the need for SaaS Management Platforms (SMPs). SMPS are tools that help organizations maximize efficiency from SaaS and AI while reducing risks from third-party services and managing the compounding complexity of SaaS sprawl.

What IAM can’t see and how SaaS management closes the gap

SSO is an essential first line of defense for authenticating users and revoking access, but it stops at the login screen. It doesn’t reclaim unused licenses, delete dormant accounts, or monitor the countless unfederated apps that employees adopt outside its environment.

An SMP extends IAM’s reach across the full SaaS ecosystem. SMPs continuously discover applications, automate onboarding/offboarding, and manage licensing to offer a comprehensive view of every app, every user, and every dollar spent under a single pane of glass.

SMPs like 1Password SaaS Manager connect IAM, governance, and finance systems by replacing manual oversight with automation that enforces policy, improves compliance, and creates a flexible, dynamic platform to verify and manage access. 

The first step in that process is discovery. SMPs uncover every application in use across the organization. By integrating with IdPs, HR and finance systems, and browsers, they reveal the full scope of SaaS activity that IAM alone can’t see, allowing teams to effectively govern access and control costs.

Risk hides in unmanaged SaaS and AI

The rise of SaaS accelerated innovation, but it also fragmented control. Employees create accounts faster than security can track them. Many apps bypass an IAM, creating an invisible layer of shadow IT and quietly expanding the attack surface. 

When left unchecked, uncontrolled SaaS creates four broad types of risk: security and compliance gaps, operational inefficiencies, and financial waste.

Closing IAM security gaps

Apps are more than a convenience; they’re an access decision, a compliance liability, and a governance responsibility. In the hands of an IT admin managing a dense workload, the risks are most present at key moments within employee lifecycle management. 

1Password’s 2025 Annual Report, "The Access-Trust Gap," found that 38% of breached organizations linked incidents to unmanaged applications

Without a solution to track shadow IT and sanctioned apps, or standardization and automation to make workflows consistent, it can often be a guessing game of who had access to what. 

Manual Joiner, Mover, and Leaver (JML) processes can lead to orphaned accounts, lost data, and excess SaaS spending. In fact, 1Password found that 38% of employees have accessed accounts from a previous employer

SaaS Manager closes these gaps by automating application discovery, license revocation, and offboarding. 

When using SaaS Manager to automate deprovisioning, Flipdish found that the average employee uses 40-50 apps and was able to deactivate accounts and reclaim licenses to improve security from unfederated SaaS. 

With a clear view of who has access to what, and what has access to what, teams can ensure employee data, emails, files, and licenses are properly handled through consistent, audit-friendly workflows, and leavers can no longer access business apps or data that may result in material risk or a potential breach, taking a huge amount of pressure off security teams. 

Continuous compliance at scale

Sensitive information spreads through managed and unmanaged SaaS and AI tools alike with no audit trail, creating risks that IAM alone can’t govern at scale. This lack of visibility makes it difficult to meet SOC 2 requirements around data security, availability, and integrity, especially for shadow IT operating outside central control.

Equally important is data governance. 

Each SaaS vendor manages data differently, and without centralized oversight, control quickly breaks down. SaaS Manager extends IAM and IGA solutions by automated policy enforcement for data storage, access, and sharing, through an approved hub of applications that teams can access. With a clear log, the path to compliance with international standards, like ISO 27001, is much clearer.

For ElectroNeek, centralization with SaaS Manager made the SOC 2 audit process faster, easier, and less stressful for everyone involved.

“Instead of presenting auditors lots of confusing, interrelated spreadsheets, we now use SaaS Manager to quickly show exactly which people and roles have access to which systems and applications,” said Oleg Lekuchev, Vice President of IT.

With an SMP in place, compliance becomes a consistent, continuous process where security and governance operate in sync.

When manual control slows IT down

The Access-Trust Gap found that 73% of employees are encouraged to use AI for some part of their workload, and 30% say they are “encouraged to experiment with generative AI for any task.”

As employees adopt more tools to move faster, the processes that manage those tools have not kept pace. 

In many organizations, a single offboarding can take hours of coordination between IT, HR, and department leads, often managed through tickets and spreadsheets, just to ensure accounts are deactivated and licenses reclaimed. This keeps teams from doing the work that actually drives the business forward and introduces risk when steps are missed or delayed.

SMPs like SaaS Manager eliminate that inefficiency by automating the manual processes that slow IT and security teams down. It replaces ticket-based onboarding, offboarding, and license updates with policy-driven workflows that ensure every access change is secure, auditable, and immediate. By removing human bottlenecks and standardizing repetitive tasks, SaaS Manager gives teams time back while reducing the risk of error or oversight.

At Moonpig, SaaS automation replaced up to three hours of manual work per departing employee with just 25 minutes of repeatable, verifiable processes. “SaaS Manager allows us to focus on value-added projects and support our end users in the best way possible,” said Bill Penberthy, Head of IT.

Automation with SMPs offers teams the productivity promised by SaaS and AI tools without slowing anyone down.

The financial costs of incomplete identity governance

Managed or otherwise, SaaS licenses increase in price over time; it’s part of the model. Without oversight, licenses linger, renewals go unchecked, and redundancies arise.

At ElectroNeek, SaaS Manager escalates anomalies and unexpected SaaS expenses to offer granular cost-control to the rapidly growing business.

1Password’s report found that on average, 34% of a company’s apps aren’t protected by SSO. That means even when IT revokes access through SSO via their IdP, accounts can remain active and billable. Automation is the only scalable way to manage SaaS risk because you can’t control the SaaS you can’t see.

SaaS Manager automates every stage of lifecycle management, including provisioning and revoking access, reclaiming unused licenses, and tracking renewals to create a single, auditable system for visibility, compliance, and control.

And when you free IT admins from repetitive, error-prone tasks, you give them more time to focus on the crucial steps of retiring duplicated apps and identifying and removing unused licenses that mean real, tangible financial gains to the organization.

With SaaS Manager, Zuora was able to:

  • “Right-size” licensing across five of its most widely used applications

  • Downgrade 20% of accounts that weren’t using paid features for immediate and significant cost savings

  • Discover and eliminate redundant tools, cutting renewals for its enterprise file-sharing app by more than 50%.

Automation as a strategic driver

Ask any IT or security leader what they need more of, and they’ll tell you the same thing: time. 

Automating SaaS management reduces risk and gives teams more time, replacing manual tasks with policy-driven workflows that enforce access governance continuously.

As part of 1Password’s Extended Access Management suite, SaaS Manager expands visibility across SaaS and AI tools, closing the Access-Trust Gap that IAM leaves behind. 

SaaS Manager continuously discovers SaaS and AI tools across the business, integrating with IdP, HR, and finance systems, as well as browsers, to maintain an up-to-date inventory of every app in use. That ongoing visibility turns SaaS management from a reactive cleanup process into proactive governance.

For scaling organizations, it integrates with Okta, Microsoft 365, and Google Workspace; connects to finance systems, expense tools, and browsers; and offers more than 300 direct integrations and a library of 40,000 applications to uncover what’s happening beyond SSO.

By automating the work that once demanded constant coordination and scrutiny, teams can focus on strategy instead of spreadsheets. The outcomes are controlled spending, reduced oversight, faster operations, lower risk exposure, and a governance model that scales with the pace of SaaS adoption. In the modern enterprise, governance must enable efficiency, not restrict it.

The first step

Watch our webinar, What successful IT teams get right about SaaS management, to learn how IT leaders are transforming SaaS management with automation.