Four Things Cloud Service Providers Won’t Tell You that Could Be Costing You Money

Cloud adoption requires adopting a new mindset to provide a return on investment.

The Bottom Line // Moving to the cloud requires a new way of thinking and managing services. Cloud adoption requires adopting a new mindset to provide a return on investment. Start with a clear goal, preferably a specific application or service, as you take your company to the cloud to minimize the cost of acquisition while your teams learn and grow in the new environment.

Download our handout and read the four things you can do to ensure the cost of acquisition is minimized and the return on investment is maximized.

Simplify Compliance Management with New Features in Cybersecurity Solution

Companies can leverage a centralized, easy-to-understand tool to align with compliance standards.

July 12, 2019, DES MOINES, IA – Trility Consulting® has launched two new features to the IronBench Compliance Navigator™ product built to enable centralized management and reporting of your organization’s alignment to standards. The Trility team originally set out to simplify how their own teams understand, implement, manage and audit today’s information security/regulatory compliance requirements while building solutions for their clients. The result of this effort rendered a number of new software products including IronBench Compliance Navigator. 

IronBench Compliance Navigator

“Our IronBench Compliance Navigator product targets organizations that want a simple, light-weight and centralized method of managing their organization’s compliance efforts without the complexity and cost many folks experience today. People want the flexibility to handle multiple standards, audits, projects and teams at the same time, understand at a glance where risk exposures exist and to know that as people come and go, data and history will not be lost because a spreadsheet left with the last exiting team member,” says Matthew Edwards, CEO of Trility.

…data and history will not be lost because a spreadsheet left with the last exiting team member.

“We’ve seen the plight of the information security folks who get left behind learning about projects, risks and issues in arrears. We’ve seen amazing people doing amazing things to keep up and ensure their organization is prepared for the next audit or attack. We think it should be easier. That’s why we built IronBench Compliance Navigator.” 

What’s does IronBench Compliance Navigator offer?

  • The California Consumer Privacy Act (CCPA) module shows companies what is required of them to meet California’s new consumer protection law and provides an intuitive, centralized method of managing and reporting your company’s status against this law today and into the future. Take a 1-minute, free assessment to determine if this law impacts your company. If it does, the CCPA module within IronBench Compliance Navigator helps you manage your ongoing compliance requirements in a simple, easy-to-understand manner today and into the future.
  • The Payment Card Industry Data Security Standard (PCI DSS) module shows companies what is required of them to meet today’s payment card industry requirements in an intuitive, centralized method of management and reporting. If your company accepts credit cards as a form of payment, you are expected to evidence compliance regularly. This module helps companies understand what is required, as well as helps manage your organization’s on-going compliance status in a low-friction, easy-to-use experience year after year.
  • The NIST Cybersecurity Framework (NIST CSF) module shows, in everyday language and concepts, private sector companies what is recommended in order to prevent, detect and respond to cyber incidents in today’s critical technology infrastructure. If you are looking for a centralized, easy-to-understand and use method of aligning your organization to the NIST-CSF, this module will guide you through the material and enables you to manage your organization’s alignment as your company, your industry and as the standard itself changes through the years.

    To get started, you can also take a free Maturity Assessment to understand where your organization is along the path to alignment with the NIST CSF. 

IronBench Compliance Navigator guides you through the process of identifying which standards apply to you, where your organization is strong and where it needs work, as well as helps you identify possible solutions to increase your preparedness along the way. Customer benefits include:

  • Track all compliance requirements, risks and responses in one secure location that’s accessible to all of your teams anytime, anywhere
  • Track your organization against multiple standards at the same time, in the same tool, year after year – change history included
  • Stay on top of new regulatory compliance standards in the marketplace, as well as changes to existing standards against which you currently manage your organization
    Delegate responsibility to others to acquire answers instead of having to personally perform each and every step manually

Create a free account to view the available tools in the IronBench Cybersecurity Suite and purchase only the ones relevant to your organization. If you’re interested in a white-label solution or an enterprise version of this tool that meets your specific needs, contact us


The IronBench Cybersecurity Suite of tools, as well as all associated patents and trademarks, are wholly-owned by IronBench LLC. IronBench and Trility Consulting, as well as all associated patents and trademarks, are wholly-owned subsidiaries of Trility Group Holdings, Inc. Trility provides strategic management consulting, digital transformation expertise and advanced technical solutions for forward-thinking global businesses.

Go For The Win

The “fail fast, fail often” mantra may NOT lead to a win in the world of digital transformation

The mantra “fail fast, fail often” is a rallying cry for technologists pushing organizations to become more Agile, more Lean, and to push teams to deliver faster. What is being delivered and how valuable it is long term, however, tends to get lost in the shuffle and “fail fast, fail often” can lead to a big fail when there isn’t a clear goal in mind. 

The 2019 FIFA Women’s World Cup was held in France and if you’ve watched any of the games, one of the statistics talked about is time of possession. During the course of a game, teams will drive forward to test an opposing defense, then pull back, sometimes all the way to the goalkeeper, and try again. However, as soon as the defense has adjusted and passing lanes are open the offensive side is on the attack again working towards the desired outcome: Score a goal.

Fail fast, learn often may not lead to a win in the world of digital transformation. You don't win if you aren't focused on taking shots at the goal. The first step is defining the desired outcome.
Fail fast, fail often may not lead to a win in the world of digital transformation. You don’t win if you aren’t focused on taking shots at the goal. The first step is defining the desired outcome.

In April 2018 Sunnie Giles, a Forbes.com Contributor, posted an article: How To Fail Faster – And Why You Should. She states, “In today’s complex business environment, where things are changing constantly, speed of execution is a lot more important than perfect execution.” She points to a concept of iterations creating positive autocatalytic feedback loops which eventually leads to radical innovation. This is a pretty common view from many leadership teams on how they want to push their organizations forward.

Radical Innovation

The words “radical innovation” stuck out when I read the article. I have had the privilege to work with a number of organizations throughout my career. In some cases, the leadership inside the organization coveted innovation and spent a significant amount of time and money building up innovation teams. The opportunity to drive the business into adjacent markets, new markets entirely, or to refine their existing market offerings to expand the organizations hold on a market. More often than not, the “radical innovation” introduced by leadership was either cut off from the rest of the organization or was actively under attack by more established parts of the organization and in the end, not effective in achieving the original business objectives.

Teams get locked into playing possession and lose focus on moving down the field and scoring a goal.

7/2/2019 World's Cup Score: England Vs. USA
This image illustrates losing focus. In last week’s game, England had more possession, more passes, and better passing accuracy but because they didn’t attack, they lost the game.

Why? Executives jockeying for power, friction between “the way we’ve always done it” vs. “the new way we want to do it now,” shrinking budgets, changes in priority to shore up existing market share. A large number of different factors all branching from a common thread: a lack of focus on the desired outcome. Teams get locked into playing possession and lose focus on moving down the field and scoring a goal.

Four Steps to Fail Fast AND Achieve the Desired Outcome

How do you prevent getting locked into playing possession? At Trility, we break the process down into four distinct stages: 

  1. Discover
  2. Definition
  3. Implementation
  4. Evolution

Each stage in the process has a clearly defined outcome to help ensure stakeholders can see the value along the way. Often companies are eager to jump straight to the Implementation stage and the “fail fast, fail often” mindset can achieve the discover and define stages – thus the desired outcome along the journey. However, unless you know where the goal is your team is just playing possession.

Welcome Rhonda to the Team!

Trility Consulting hires Rhonda O’Connor as Director of Marketing.

Trility Consulting, a Trility Group Holdings company, is proud to announce Rhonda O’Connor has joined the Trility Consulting team as Director of Marketing. In this role, Rhonda is responsible for leading and executing marketing strategies to align and meet Trility Group Holdings’ core business objectives. But if you ask her, her role is to keep everyone busy with new opportunities that will become repeat customers.

Rhonda is a strategic marketer with decades of experience formulating and executing strategies. Her most recent experiences in the tech space will assist in scaling Trility’s existing success.

“Rhonda brings a history of solving problems with strategies that deliver optimal results. Her experience in the technology space brings a deep understanding of the marketing and sales process and will help create measurable results and efficiencies in those areas,” said Peder Malchow, Chief Revenue Officer for Trility Group Holdings. “Her ability to clearly communicate the value and benefits of services and products will help our team continue to deliver positive outcomes.”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise, and advanced technical solutions for forward thinking global businesses.

For more information, contact Rhonda at rhonda@trility.io or 515-321-4829.

Welcome Alex to New Role!

Trility Consulting hires Alex T. Hart as Vice President of Risk and Compliance.

Trility Consulting, a Trility Group Holdings company, is proud to announce Alex T. Hart has joined the Trility Consulting team in a new role as Vice President of Risk and Compliance. In this role, Alex will be responsible for growing the risk, compliance and information security division of the company. Alex will build, sell and service clients in these facets of the business, as well as, work with the Trility leadership team to grow strategic customer accounts and leverage partner relationships that align with Trility Group Holdings’ core business objectives.

Alex takes on this new role at Trility Consulting after serving as an Information Security Advisor to the firm for the past two years. Alex brings a wide variety of regulatory compliance and privacy experience with him in the health care, insurance, financial services (fintech) and government industries. He also previously served as a staff member to the United States Senate Committee on Finance focused on health policy, finance and information technology.

“Alex brings a great deal of regulatory compliance, threat detection and privacy experience with him which greatly applies to the digital transformation needs of today’s companies,” said Matthew D Edwards, Chief Executive Officer for Trility Group Holdings. “I have worked with Alex in multiple past chapters. I know he thoroughly enjoys working with clients to determine what compliance standards apply to their organizations and to help put operational frameworks in place guiding their compliance behaviors thereafter. It is no small task and Alex enjoys the journey. We’re excited to have him on the team!”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise and advanced technical solutions for forward thinking global businesses.

For more information, contact Alex directly via alex@trility.io or 312-574-0939.

Welcome Kori to the Team!

Trility Consulting hires Kori Long as Talent Delivery Lead for Iowa-based and national teams!

Trility Consulting, a Trility Group Holdings company, is proud to announce Kori Long has joined the Trility Consulting team as Talent Delivery Lead based in Des Moines. In this role, Kori will be responsible for developing talent acquisition strategies and hiring plans to ensure our team grows methodically to serve the needs of our family of companies and our clients. Kori will be an integral part of our team identifying new talent, locally and nationally, as Trility Consulting expands.

Kori brings a broad range of experience from Client Service Management, Project Management and Recruiting, as well as, being an active member in many community organizations in the technology and quality spaces. Kori will apply her former experiences to her new role at Trility Consulting focusing on engaging with great people in the Business Management and Technology Consulting spaces. Kori’s work will additionally help ensure our company growth, client and employment outcomes are consistently met because of great people, great teams.

“We are very excited to have Kori on the team,” said Brenton Rothchild, Chief Operations Officer at Trility Group Holdings. “Kori has a reputation of finding great people and working with great clients. She is also an active member of the greater Des Moines community working to make Iowa one of the best places to live and work. We’re happy she chose to work with us and look forward to our team and company growth as a result of her work!”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise, and advanced technical solutions for forward thinking global businesses.

For more information about the Trility Consulting team or open opportunities, please contact Kori Long at Kori@trility.io or 641-431-1779.

Welcome Cari to the Team!

Trility Consulting hires Cari Thompson as Director of Business Development for the Des Moines and Iowa market!

Trility Consulting, a Trility Group Holdings company, is proud to announce Cari Thompson has joined the Trility Consulting team as Director of Business Development for the greater Des Moines and Iowa market. In this role, Cari will be responsible for direct sales and client engagements in Des Moines and throughout the state of Iowa. Cari has also been entrusted to grow strategic customer accounts and referral partner relationships that tactically meld with Trility Group Holdings’ core business objectives.

Cari Thompson

Cari brings a broad range of experience to her new position at Trility Consulting, including selling enterprise software and leading client implementations, to leading new business efforts and managing the Des Moines market for a national technology resource and solutions company, to launching a new sales channel to support Fortune 1000 clients with the Top 10 national recruitment advertising agencies in the US.

“We are very excited about Cari’s plans for our direct sales efforts,” said Peder Malchow, Chief Revenue Officer at Trility Group Holdings. “Cari has a stellar track record of successful engagements and is a true trusted advisor for many clients in and around the Des Moines market. She is a driven professional capable of delivering creative solutions to achieve our client’s desired outcomes.”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise and advanced technical solutions for forward thinking global businesses.

For more information or to connect with Cari Thompson, she can be reached at cari@trility.io or 515-707-3967.

FIRST Robotics and Giving Back

Trility sponsors West Central Valley High School’s Robotics Team 4646 as they head to a competition.

None of us are getting any younger. And to see the type of people, teams, companies and world in which we want to live today and in the future, we have to give back to communities and people in a way that positively influences generations after us. No matter how big or small, taking the time to help others matters.

Trility Consulting is proud to sponsor Des Moines, Iowa area Team 4646 ASAP as they head to Grand Forks, North Dakota this week to compete in the FIRST Robotics Competition! FIRST Robotics teams this year are building robots to compete with this year’s challenge DESTINATION: DEEP SPACE presented by The Boeing Company.

Teams that choose to compete in the FIRST competitions are given a six-week time limit to design, build, and program industrial size robots to play a field game against other teams. In addition to the building the robot, teams raise funds, design a team brand, develop engineering, business, and marketing skills working with volunteer mentors. In essence, young folks are learning how to create a working product, make time-based decisions and build an operational model which will serve them well as they figure out how to make their mark on this world through the years.

And Trility Consulting is additionally working with other Robotics teams in the area as well. Eric Gerling, Trility’s CTO, actively volunteers with the West Central Valley High School Robotics Team each year. Known as The Breakfast Club, the WCV Robotics Team competes in the FIRST Tech Challenge and completed their most recent season last December 2018.

While we’re all busy pursuing our careers, working to make money and improve the lives of ourselves and our families, don’t forget to take the time to think about the people that come after us. It takes much less effort than you imagine to be an encouraging teammate, coach, teacher or friend. And while the time investment may seem big to you, the return on investment in the life of one young person could very easily be a lifetime of success and opportunity.

Growth Requires a Plan

Everyone must relate their role, work to achieving the strategic roadmap.

Achieving growth, change, and success without a plan is a blessing. And these blessings lead many to believe they don’t need a plan. Said folks may even believe they are smarter than most and didn’t have a plan in the first place.

For the rest of us, achieving growth, change, and success over and over again in a predictable, repeatable manner that consumers and shareholders can bank on requires a plan.

In our personal lives, we refer to this structure as goals and plans. In companies, we tend to state things in the form of strategic objectives and roadmaps.

Plans and Goals Evolve with Age, Wisdom

When we ask kids what they want to be when they grow up, they often (understandably) have no idea, let alone what it will take to get there. Yet, they are exploring and dreaming – limited only by their imagination (Figure 1 below).

When we ask young adults how far they want to go in the sport of their choice. They often state, “We want to win it all.” And they go on the journey with an idea of a plan (the season schedule), objectives (win all of the time), and a goal (be the best). They may not understand everything necessary to get there, but they are on the road to understanding. Experience helps. These young adults are only limited by their will to win and dedication to the journey.

We ask professionals in organizations about their personal and professional goals and the answers are often crystallized into promotions, higher salary, more responsibility, bonuses, achieving professional certifications, and recognition. These folks often understand goals are composed of one or more objectives that require tasks to achieve them and are limited only by time, opportunity, and a plan. Experience breeds wisdom.

A Strategic Roadmap that Spans Organizations and People

Now consider companies themselves. Do they have strategic objectives for the coming year or years? Are there roadmaps spanning the organization that help the company achieve those objectives?

If there are strategic objectives, does everyone in the company know what they are? Should they? And if there are roadmaps, do they map to fulfilling the corporate objectives? Do all of the team members know how their projects relate to the roadmap which leads to achieving the strategic objectives?

Not having strategic objectives and a roadmap is one class of problem.

Have objectives and roadmaps without general population knowledge and understanding of what they are, what they mean, and how we’re all getting there together? Different class of problem to solve.

Can you imagine a company that has no clear objectives, no roadmap, has experienced intermittent growth, change, and success without a plan and believes working hard and being busy is actually the plan?

Figure 1. The relationship between age, wisdom, plans, and goals.

Ask any adult their plans for a holiday. They will most likely tell you exactly when it starts, where they are going, how they will get there, what they plan to do with a timeline, when they start for home, when they will be back at work, and generally how much the whole endeavor will cost.

We need to see the same attention to detail incorporate strategic objective setting, roadmaps, and projects.

“Would you tell me, please, which way I ought to go from here?”

“That depends a good deal on where you want to get to,” said the Cat.

“I don’t much care where – ” said Alice.

“Then it doesn’t matter which way you go,” said the Cat.

“– so long as I get SOMEWHERE,” Alice added as an explanation.

“Oh, you’re sure to do that,” said the Cat, “if you only walk long enough.”

Dodgson, Charles Lutwidge (pseudonym, Lewis Carroll). Alice’s Adventures in Wonderland. London. Macmillan and Co.1865. Chapter 6.

A parting thought: whether we discuss children, young adults, professionals or corporations, the journey will require much of us – including money. Most people are happy to spend money on children, young adults, and ourselves in pursuit of goals. And most folks are happy to spend their company’s money as well.

Question: If this were your company and your money, how would you feel about the company and people spending your money without clear strategic objectives and a roadmap to get there?

Pack Line Cloud Security

Cloud Security is everyone’s responsibility requires aggressive defense.

Basketball season is in full swing. I have been lucky for the last seven years to coach different levels of basketball ranging from Youth teams through the local High School team. Coaching continues to be a rewarding experience and many of the lessons I have learned working with athletes and other coaches apply directly to my work with product teams.

It doesn’t matter how much you work to perfect your craft, be it system architecture or coaching a team of fifth-grade athletes, there are always new challenges to tackle. A core tenant of sports is continuous improvement which should be applied to everything we do with technology. No one starts playing basketball ready to play in the pros, but everyone has it in them to be successful. It takes a tremendous amount of practice, a dedication to learning new things from others, and celebrating the little victories along the journey.

It is not surprising there are so many different Cloud Security analogies available on the Internet. Cloud Security is a difficult concept to describe given the wide range of tools, services, and seemingly infinite combinations organizations can utilize to solve business problems.

Playing Cloud Security Defense

If you are a fan of basketball, using different defensive schemes is a great way to describe different views on Cloud Security processes. In all cases, the goal is to prevent the offense, or in this case bad actors, from scoring while providing dynamic responses to a constantly changing product architecture and threat landscape.

Typical Cloud Security frameworks today can be compared to two classic defenses: man-to-man and zone.

Man-to-Man

Man-to-Man Cloud Security involves security controls developed around individual services of products. Each control is focused on denying the service from sending or receiving information to other services in the system and aggressively focusing on protecting a single service. Firewalls, both web application and network, focus on denying traffic to block bad actors from easily accessing services. Logging and application specific analytics can be used to build a profile of a service and alert when the service profile is not followed. The disadvantage with man-to-man Cloud Security is in its aggressive focus on the individual service and a lack of real understanding of the big picture. There is a general lack of information on what other services are doing and because of this, any weakness in the focus on a single service can lead to breakdown of the security in general and, in basketball terms, an easy lay-up.

2-3 Zone

Zone Cloud Security primarily revolves around the frameworks in place for infrastructure deployed to support a wide variety of services. We still see organizations bringing the rigid security frameworks utilized for years in brick and mortar data centers and trying to apply them to Cloud Security. Deployed like a 2-3 zone in basketball, the defensive posture is to watch a specific area of the infrastructure and report back to a central service for monitoring and support. As information travels through the zone, communication is critical to ensure nothing gets lost in the shuffle. Each position in the zone is devoted to a specific task supporting a number of different services including both perimeter and core defense. The disadvantage with any zone defense is the gaps and in the public cloud space, gaps are appearing every day.

Server-less architectures are an exciting approach to utilizing the true power of elastic capacity while providing developers easier and easier ways to deploy features to production environments. However, in reducing the amount of infrastructure under direct monitoring the threat surface area is increasing at an equal rate. As any basketball coach will tell you, the easiest way to defeat a zone defense is by moving the ball and attacking the gaps in the zone. Another easy lay-up.

Trility takes a different approach to Cloud Security: the pack line.

Pack Line Defense, created by Dick Bennett of Wisconsin-Stevens Point, is commonly used in some form by many coaches including Tom Izzo at Michigan State and Tony Bennett at Virginia. It is a variation of man-to-man defense with the biggest difference being off-ball defenders play in the gap instead of pressuring their player and denying the pass. Everyone except the player guarding the ball plays inside an imaginary line 16 feet from the rim also known as the pack line. As the ball moves around the perimeter, it is the responsibility of each defender to close out on the ball and aggressively pressure while the remaining defenders adjust their position accordingly to see both man and ball and prepare to help their teammates – five against the ball.

Cloud Security is everyone’s responsibility and while we are aggressively providing man-to-man defense on the active products, the rest of the team is continuously adjusting to find and fill gaps in the defensive strategy. We react to changing conditions and close out on threats while keeping business goals front of mind. 

The ephemeral and elastic nature of the public cloud along with software-defined infrastructure and platforms provide an opportunity for service-specific architectures. Trility utilizes two patent-pending tools to help provide high quality customized security for cloud services: IronBench Compliance Navigator and IronBench Cloud Config.

IronBench Compliance Navigator empowers organizations to develop highly customized compliance guidelines for products and services. Throughout the product lifecycle, IronBench Compliance Navigator uses standards and regulatory information updated as regulatory compliance laws and standards change to provide a solid foundation for product development teams.

IronBench Cloud Config is an enterprise framework and provides the source code for the entire implementation. Product teams can utilize a customizable secure framework based on industry standards and practices on which to build secure supporting infrastructure. Compliance Navigator helps you aggressively challenge the ball handler while Cloud Config supports the team by helping them adjust to changing product needs efficiently and securely working from a library of standards-based templates.

No easy lay-ups.