Licenses are where “quiet” overspend hides—unused seats, the wrong tiers, duplicate tools, and orphaned accounts. The goal of license optimization isn’t just to slash costs; it’s to align entitlements with real usage while preserving security, compliance, and user experience.

Below is a field-tested playbook you can apply across Microsoft 365, Google Workspace, and your broader cloud/SaaS stack.

1) Foundations: Get Clean Data, Then Act

Inventory & normalize

  • Pull a complete user roster (employees, contractors, service accounts).
  • Normalize identities across HRIS, IdP (Entra ID/Google), and each app to remove duplicates.

Measure actual usage

  • Track last sign-in, feature consumption (e.g., Teams/Meet, SharePoint/Drive, advanced security), storage, and app add-ons.
  • Build simple KPIs:
    • Active-to-licensed ratio per app
    • % of users inactive >30/60 days
    • $ per active user per month by app/tier

Define licensing personas

  • Map roles to baseline tools: e.g., Frontline, Knowledge worker, Power user/Analyst, Admin.
  • For each persona, list must-have capabilities and acceptable lowest-cost tier.

2) Microsoft 365: Fast, Safe Wins

Where to look

  • M365 admin: Usage reports (last activity), Product licenses, Service plans per user.
  • Entra ID: Group-based licensing and dynamic groups to automate assignment.

Tactics

  • Right-size tiers: Many users can run on Business/Frontline or E3-level capabilities; keep E5 (or E3+security add-ons) for security/compliance/power users.
  • Trim service plans you don’t use (e.g., disable individual workload toggles under a suite where appropriate).
  • Convert leavers to shared mailboxes (no license) and set retention properly.
  • Harden JML (Joiner-Mover-Leaver): automatic assignment on hire; downgrade on role change; reclaim on last day.
  • Audit add-ons (Audio Conferencing, Power BI Pro, Project/Visio, Teams Phone) for true usage.

Automation ideas

  • Entra ID dynamic groups for department/location/role → auto-apply licensing personas.
  • Scheduled job to flag users inactive >30 days for downgrade/suspension review.
  • Quarterly access review for high-cost tiers and admin roles.

Common pitfalls

  • Accidentally removing a service plan that underpins retention/ediscovery.
  • Over-licensing shared or resource mailboxes.
  • Duplicate security spend (buying an E5-equivalent stack and third-party tools).

3) Google Workspace: Seats, Storage, and Add-Ons

Where to look

  • Admin console: Users (last sign-in), Licenses, Storage reports, Groups/Org Units.
  • Consider GAM / Admin SDK for exports and automation at scale.

Tactics

  • Right-size editions: Business Starter/Standard/Plus vs. Enterprise; align storage, security, and compliance to personas.
  • Suspend vs. delete: Suspend immediately on exit; keep data under retention; transfer Drive ownership.
  • Voice & other add-ons: Ensure only active users on the right tier; reclaim unused numbers.
  • Shared drives governance: Remove abandoned drives; set lifecycle policies to contain storage costs.

Automation ideas

  • Org Units + Groups = persona-based license assignment.
  • Script to downgrade inactive users (after grace period) and notify managers.
  • Quarterly storage review with lifecycle actions (archive, delete, move).

Common pitfalls

  • Paying Enterprise for users who only need mail/calendar/Drive basics.
  • Retaining suspended accounts indefinitely without a timeline.
  • Letting storage growth drive you into higher tiers prematurely.

4) The Rest of the Cloud & SaaS Stack

Find and tame SaaS sprawl

  • Use SSO logs, CASB, or expense data to discover unsanctioned apps.
  • For each app: assign an internal owner, map a persona, and define renewal/true-up dates.

Eliminate overlap

  • Consolidate duplicative tools (e.g., multiple chat, video, project tools).
  • Standardize on one stack where possible; document exceptions.

Renewals & vendor leverage

  • Keep a renewal calendar with 90-/60-/30-day alerts.
  • Track adoption vs. commitment; negotiate lower tiers or flex terms if usage lags.

BYOL / platform commitments (high level)

  • Where cloud platforms allow, align committed use (e.g., annual seats, credits) with forecasted need, not wishful thinking.
  • Avoid lock-ins that outpace realistic adoption.

5) 30-60-90 Day Roadmap

Days 0–30: Baseline & quick wins

  • Export rosters & usage for M365, Google, top 10 SaaS.
  • Identify: inactive users, over-tiered users, orphaned/shared mailboxes, unused add-ons.
  • Action: reclaim leaver licenses, convert mailboxes, disable unused add-ons, right-size obvious outliers.

Days 31–60: Automate & govern

  • Implement persona-based, group licensing (Entra/Google).
  • Stand up a downgrade/suspension policy for inactivity (with manager approvals).
  • Create a renewal calendar and assign app owners.

Days 61–90: Institutionalize

  • Quarterly license review cadence (dashboards + approvals).
  • Add JML integration with HRIS so seats are created/changed/removed automatically.
  • Review overlapping tools; start consolidation plan.

6) Metrics That Prove It’s Working

  • Active users / licensed users ≥ 90–95% for core suites
  • % users inactive >30/60 days trending down each quarter
  • $ / active user / month by app, down and stable
  • % seats in highest-cost tier limited to defined personas
  • Time-to-reclaim after offboarding ≤ 24 hours

7) Risk Controls to Keep You Safe

  • Change management for license downgrades (capture approvals).
  • Preserve legal hold/retention before modifying service plans.
  • Enforce MFA and least privilege for license admins.
  • Keep an audit log of all license changes.

8) Simple Savings Model (use for approvals)

Let:

  • C = current monthly license cost
  • r = over-licensing rate (e.g., 0.20 for 20%)
  • s = recoverable share after optimization (e.g., 0.70)

Estimated monthly savings = C × r × s
This keeps forecasts conservative and defensible.

9) Quick Checklist (copy/paste)

  • Export users + last sign-in + current tier for M365/Google
  • Define 3–5 licensing personas with minimum viable tiers
  • Reclaim leaver accounts; convert eligible mailboxes to shared
  • Disable unused add-ons; cut duplicate tools
  • Implement group-based licensing; automate JML
  • Create renewal calendar and assign app owners
  • Review KPIs monthly; adjust personas and tiers

Bottom Line

License optimization is a continuous discipline, not a one-time cleanup. With clean data, persona-based assignment, automation, and a steady review rhythm, most organizations reclaim meaningful budget—without hurting productivity or compliance.

Related articles:
Microsoft 365 vs Google Workspace: A comprehensive analysis