Table of Contents
Building on the company’s existing SaaS Monitoring capabilities, LastPass SaaS Protect introduces a set of policy enforcements that enable organizations to move from passive visibility into proactive access control.
Business benefits include:
- Real-time SaaS governance: Quickly restrict access to unsanctioned or high-risk SaaS apps and guide user behavior with custom warnings.
- Audit-ready compliance: Generate governance reports with SOC 2 and other compliance frameworks in mind.
- SaaS cost optimization: Identify duplicate or over-licensed apps to help reduce spend and tech sprawl.
SaaS Protect is now available in beta to current LastPass Business and Business Max customers and will be included at no additional cost in the Business Max bundle, with general availability expected in early Fall.
SaaS Sprawl is putting small and mid-sized businesses at elevated risk
According to Zylo, small and mid-sized businesses now use an average of 275 known SaaS applications, but IT teams oversee just 26% of that spend, with the rest driven by business units and individual employees. In addition, recent studies show organizations may be using 10 times more SaaS apps than they realize, with shadow IT and shadow AI tools pushing the actual footprint to hundreds of applications.
This mix of sanctioned and unsanctioned tools creates a sprawling, fragmented attack surface that most smaller organizations lack the resources to monitor or secure. Alarmingly, around 78% of users reuse the same password across multiple accounts, and when those reused or weak credentials tie back to unmanaged apps, credential risk can skyrocket. IT can’t protect what they don’t know exists, leaving sensitive data exposed, compliance at risk, and productivity strained by fragmented access and limited support.
“Small and mid-sized businesses are facing a perfect storm of complexity: unknown risks living within unknown apps and AI services,” said Don MacLennan, Chief Product Officer at LastPass. “We built SaaS Protect to turn that chaos into clarity. It’s designed specifically for resource-constrained businesses that need visibility, policy enforcement, and credential protection without adding operational overhead.”
Transforming visibility to action
Launched in May 2025, LastPass SaaS Monitoring gave organizations and LastPass Partners a consolidated view of application usage and credential hygiene. But visibility alone isn’t enough. With 75% of employees expected to use unauthorized tech by 2027, businesses need a way to intervene quickly.
That’s where SaaS Protect comes in. Building on the foundation of SaaS Monitoring, SaaS Protect gives businesses the ability to act on how tools are being used, spot risky behavior, and make informed decisions about which apps to allow, restrict, or retire.
All of this happens without disrupting the workforce. No device agents. No heavy deployments. The feature operates via the browser extension on employee devices, with activity data and policy enforcement results populating directly in the admin console.
Democratizing secure access experiences
SaaS Monitoring and SaaS Protect are part of the broader Secure Access Experiences approach from LastPass, a framework that unifies visibility, credential hygiene, and access control into one intuitive experience. It’s built for organizations that need to move fast, stay secure, and manage access based on their own policies, not just passwords.
