If your company is bleeding money from unused software licenses and other forms of software sprawl, I’d bet you’re trying to fix the problem by tightening your IT procurement process. After all, if you know exactly what’s entering your IT estate, you can’t be caught off guard by it, right? Wrong. Because the leak probably didn’t start in procurement. Chances are much greater that it started the last time someone left the company. Offboarding is the single most predictable event in the employee lifecycle, and it’s still the moment most companies lose track of what they’re paying for.
The moment offboarding breaks down
I still remember the meeting where our Finance lead pulled up a software spend report and asked, half-joking, “Why are we still paying for a design tool for someone who left the company months ago?” Nobody in the room had a good answer. HR had processed the termination. IT had disabled the laptop. Nobody had touched the twelve SaaS seats tied to that person’s name.
I’ve seen this same pattern repeat itself at nearly every company I’ve worked for: offboarding is treated as an HR checklist and an IT checklist running in parallel, but the two remain disconnected processes. HR closes the employee record. IT marks the devices as returned. The actual software licenses sit in a third system nobody owns, silently renewing itself after each cycle.
When I first noticed this, I started keeping an informal list of every “ghost license” we found during quarterly audits. By the third quarter, the list had over 40 names. It included people who hadn’t worked at the company in months, some over a year.
What the data says about software waste
If you’re embarrassed about how your organization has failed to catch these leaks time and again, I do have some good news: you’re far from alone. According to Zylo’s 2026 SaaS Management Index, 46% of applications at the average company go underutilized or unused. This amounts to roughly $19.8 million in losses per organization each year. Other industry estimates have put the number even higher.
If you think this is a problem that only affects other companies, I’d push back on that instinct. I did too, until an audit of our own stack turned up exactly the kind of waste these numbers describe. None of this is really about bad software or careless people. It’s about a handoff between HR and IT that nobody owns, which is exactly what the next section gets into.
Why HR owns more of this problem than it thinks
It’s easy for HR leaders to write this issue off as an IT or Finance problem. After all, our department has been clearing its offboarding checklist every time someone leaves, so how is this our problem? I used to think this way too, until one reframe changed how I run offboarding: HR is the only team that knows the exit is happening before it happens. We set the last day. We know the termination date, the resignation notice period, and the layoff list. IT and Finance are reacting to information HR already has.
That means if HR doesn’t treat the exit date as a trigger for a license review, nobody downstream has a reason to move quickly. At one company I worked with, we didn’t fully fix this until HR started sending a structured “exit packet”, and not just to IT, but to whoever owned the software budget. The packet was sent on the same day a resignation was accepted, not the employee’s last day. Just moving the trigger earlier meant licenses that used to take weeks to reclaim were getting reclaimed in a matter of days.
If you’re the IT leader this piece got forwarded to: this isn’t an argument for taking offboarding off your plate. It’s an argument for a cleaner handoff. One where you’re not the last line of defense against a process nobody upstream is accountable for starting on time.
The real cost isn’t just the subscription fee
It’s easy to think of a departed employee’s old licenses renewing themselves as just a minor budget leak. But the risk is bigger than that. Login credentials that outlive their job are a real security risk.
A 2022 Beyond Identity survey found that 83% of former employees still had access to at least one account from their previous employer after leaving. To size up how exposed that leaves most companies: OneLogin’s 2017 “Curse of the Ex-Employee” research found that one in five businesses had already been breached by a former employee, and among that group, nearly half said more than a tenth of all their breaches traced back to people who’d already left.
I’m not sharing these numbers to be an alarmist. What I’m trying to do is reframe the problem. Unused SaaS licenses belonging to former employees aren’t just wasted seats; they’re unlocked doors. The danger posed by a forgotten software license isn’t just about a department losing money. It’s a login that still works, for someone who no longer has any reason to use it and no obligation to tell you they still can.
What a good offboarding-to-license handoff looks like
After several attempts to figure out an exit process that doesn’t introduce new vulnerabilities for the company, my team landed on a sequence that works every time, whether it’s a resignation, termination, or layoff. This is what it actually looks like when HR treats the exit date as the trigger, instead of waiting for IT to catch up:
- HR logs the termination date as soon as it’s confirmed. Not the last working day, not the day before. It’s logged the moment it’s known.
- That date automatically triggers an alert. No manual emails, no in-person reminders, no relying on someone remembering.
- A full inventory pull happens immediately. The alert triggers data extraction for every license, seat, and piece of hardware associated with the departing employee’s name.
- Access is revoked on a defined schedule. Some seats can be filled the same day; others remain open until the final working day, depending on sensitivity and job requirements.
- Reclaimed licenses are logged as available in whatever system tracks seats, so they’re reassigned or canceled before the next renewal rather than being silently rebilled.
- Every step gets a timestamp, so if an auditor asks “when was this access removed,” there’s an answer that isn’t “we think pretty quickly.”
This process doesn’t hold up when run manually. Manual offboarding processes are simply too time-consuming and prone to human error. This is exactly where AssetSonar’s IT Graph earns its keep: it’s the connected layer that already maps a departing employee to their assigned hardware, software licenses, and access records, so the reclamation step isn’t dependent on someone remembering to check a spreadsheet.
Conclusion
I don’t think unused software licenses are such a problem because companies and their employees lack discipline. Most businesses simply haven’t connected the dots between “someone left” and “something’s still being paid for.” If you haven’t looked at your own offboarding-to-license handoff recently, it’s worth an hour of someone’s time to check. It’s most likely you’ll be surprised by what’s still active. If you want to see what a fully connected version of this looks like, AssetSonar’s offboarding workflows are a reasonable place to start.

![[How-to] Automate Offboarding Workflows using Member Automations in AssetSonar](https://cdn.ezo.io/wp-content/uploads/2025/05/06122406/Member-Automations-in-scaled-1.webp)
![[How-to] Implement Seamless, Proactive Employee Offboarding With AssetSonar](https://cdn.ezo.io/wp-content/uploads/2022/02/ffboarding-alerts-support-blog-scaled.jpg)