A lack of visibility in IT creates costly gaps in access, compliance, and security. Discover the causes, impacts, and solutions to regain control.
Modified on Feb 05, 2025 | 4 minutes
Modern IT environments have inevitable gaps and inefficiencies due to fragmented tools and complex configurations in each tool.
The result is a lack of visibility of these gaps and opportunities, often unrecognized for months or, sometimes, years. The impact is security gaps, reduced employee experience, or missed cost savings.
IT teams have to manage 10s to 100s of tools including Core IT tools such as Okta, JAMF, Active Directory, company-wide tools such as Slack, Zoom and Office365, and function specific SaaS tools like Salesforce, Asana, and Airtable.
And core tools in particular have complex configurations - intricate webs of employees, contractors, apps, groups, and channels.
This results in a mesh that’s incredibly hard to decipher, and hence, gaps abound.
But never fear! At Stitchflow, we’re focused on fixing these issues for IT teams. We’ve seen consistent themes in the gaps caused by lack of IT visibility.
In this article, we lay out the exact tests you need to perform on your IT environment to ensure everything is in tip top shape for 2025!
The 4 types of visibility gaps in IT environments
First, let’s lay out the 4 categories of gaps you need to test for in your environment.
We’ve summarized the gaps, key areas of risk, impact on an organization’s productivity, security and cost, and the typical size of these gaps we see in IT teams.
Category of Gap
Description
Impact
Typical Ranges Seen
Employee Management
Improper access to resources
Security, Audit, Cost
- 5-10% of employees with access after leaving company
- 10-15% of employees without required access
Resource Drift
Group and channel membership errors
Employee productivity
- Over 10% inconsistency between communication platforms
- Issues with Slack/Teams channels, Okta/AD groups, and Google group membership
- Most concentrated in high-turnover teams (especially Sales)
Compliance and Device Security
Security and compliance gaps
Security, Audit
- 2-5% of employees without MFA
- 5-10% of devices with no MDM, AV, or backup
- 2-5% of devices without FileVault
SaaS App Gaps
Unused and underutilized SaaS
Cost
- >25% of all SaaS licenses under or unutilized
Your detailed checklist to avoid these gaps
To mitigate these risks, we've compiled a comprehensive list of tests to run in your organization. These tests cover categories across all 4 types of visibility gaps and should be run once a month to once a quarter.
Employee Management
Category
Description
Reconciling Systems of Record
Compare membership of AD, Okta, Google Workspace, MDMs, and any other employee systems to find users missing in each.
Incomplete Offboarding
- Deprovisioned Okta/AD users with 1 or more active apps.
- Offboarded users with active accounts in tools (for each tool).
- Offboarded users with admin roles.
- Offboarded users with active group and channel membership.
- Offboarded users with active devices.
Incomplete Onboarding
- Missing attributes for users in systems of record (e.g., type of employee).
- 2FA/MFA not set up.
- User never logged in.
Github (or Other Code Repos)
- Github teams membership with write access.
- Github users - External users.
- Github users deprovisioned in Okta/AD (non-external).
- Github users not in Okta/AD.
Google Workspace/Office 365
- Google/Office365 group access levels.
- Google/Office365 group membership with external members.
- Active Google/Office365 users deprovisioned Okta/AD.
- Google admin roles and users.
- Google/Office365 group memberships and roles.
- Suspended Google/Office365 users in 1 or more Google/Office365 groups.
- Suspended Google/Office365 users with active OAuth tokens.
- Suspended Google/Office365 users with Google/Office365 admin roles.
- Suspended Google/Office365 users with Owner role in Google/Office365 groups.
Group Permissioning
Verify permission levels for each Okta/AD/Google group.
Slack/Teams
- Active Slack users deprovisioned or missing in Okta/AD (non-external).
- Slack user access: External users (non-company-domain.com).
- Slack/Teams guest accounts.
Zoom
- Active Zoom users deprovisioned or not in Okta/AD (non-external).
- Zoom user access: External users on Zoom (non-company-domain.com).
Resource Drift
Category
Description
Missing Members
- Missing from Google/Office365 group: Various departments and custom orgs.
- Missing from Okta/AD group: Various departments and custom orgs.
- Missing from Slack/Teams channel: Various departments, including Customer Success, Engineering, Sales, Marketing, and People Managers.
Compliance and Device Security
Category
Description
Device Health
- Anti-virus not up to date or responding.
- Back-up not up to date or responding.
- Devices with older model years.
- MDM devices and details.
- MDM devices with last boot > 1 month.
- MDM devices with last check-in > 1 month.
- Okta Managed Devices.
- Suggestion: Computers with memory <16 GB / older processors.
Security
- Blacklisted IP for Okta/AD.
- Devices with iOS versions.
- Installed apps / OAuth apps with known threats from public sources.
- Installed software out of date.
- MDM Blueprints/configuration profiles not set up.
- MDM device with FileVault not enabled.
- Okta users not enrolled in MFA.
SaaS App Usage
Category
Description
All Tools
Identify unused software licenses (no authentication or usage in the last 3 months).
Clean-Up
Category
Description
Clean-Up
- Empty or unused Google/Office365 groups.
- Empty or unused Okta/AD groups.
- Slack channels with 0 members.
- Slack groups with 0 members.
You can fix these gaps manually, or Stitchflow can do it for you automatically!
Stitchflow completely eliminates the manual work involved and addresses all of the gaps in IT environments due to a lack of visibility. The platform connects every IT tool into a single pane of glass giving IT teams 360 visibility across their entire environment.
Stitchflow automatically applies over 100 checks across user access, drift in enrollment between groups, apps and channels, device health, compliance checks, and unused apps.
Stitchflow identifies exactly what needs to be fixed, enables remediation in bulk, and then automates maintenance so gaps are addressed as soon as they are found.
20 IT teams from incredible companies like Drata, Forma and Starburst Data have been using Stitchflow since May and are seeing daily value - hours saved every week in spreadsheets, quick identification of gaps in their environments, and the ability to rectify painful issues in bulk.
Stitchflow’s free pilot is commitment-light, requiring no set-up; All you have to do is authenticate your tools and Stitchflow generates a gap analysis.
Book your demo to see how Stitchflow gives you instant visibility into your IT environment and have confidence in the continuous correctness of your IT environment going forward.
Jay Srinivasan
Co-Founder and CEO of Stitchflow
Get expert-led insights on SaaS management, delivered weekly.
