Welcome Alex to New Role!

Trility Consulting hires Alex T. Hart as Vice President of Risk and Compliance.

Trility Consulting, a Trility Group Holdings company, is proud to announce Alex T. Hart has joined the Trility Consulting team in a new role as Vice President of Risk and Compliance. In this role, Alex will be responsible for growing the risk, compliance and information security division of the company. Alex will build, sell and service clients in these facets of the business, as well as, work with the Trility leadership team to grow strategic customer accounts and leverage partner relationships that align with Trility Group Holdings’ core business objectives.

Alex takes on this new role at Trility Consulting after serving as an Information Security Advisor to the firm for the past two years. Alex brings a wide variety of regulatory compliance and privacy experience with him in the health care, insurance, financial services (fintech) and government industries. He also previously served as a staff member to the United States Senate Committee on Finance focused on health policy, finance and information technology.

“Alex brings a great deal of regulatory compliance, threat detection and privacy experience with him which greatly applies to the digital transformation needs of today’s companies,” said Matthew D Edwards, Chief Executive Officer for Trility Group Holdings. “I have worked with Alex in multiple past chapters. I know he thoroughly enjoys working with clients to determine what compliance standards apply to their organizations and to help put operational frameworks in place guiding their compliance behaviors thereafter. It is no small task and Alex enjoys the journey. We’re excited to have him on the team!”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise and advanced technical solutions for forward thinking global businesses.

For more information, contact Alex directly via alex@trility.io or 312-574-0939.

Welcome Kori to the Team!

Trility Consulting hires Kori Long as Talent Delivery Lead for Iowa-based and national teams!

Trility Consulting, a Trility Group Holdings company, is proud to announce Kori Long has joined the Trility Consulting team as Talent Delivery Lead based in Des Moines. In this role, Kori will be responsible for developing talent acquisition strategies and hiring plans to ensure our team grows methodically to serve the needs of our family of companies and our clients. Kori will be an integral part of our team identifying new talent, locally and nationally, as Trility Consulting expands.

Kori brings a broad range of experience from Client Service Management, Project Management and Recruiting, as well as, being an active member in many community organizations in the technology and quality spaces. Kori will apply her former experiences to her new role at Trility Consulting focusing on engaging with great people in the Business Management and Technology Consulting spaces. Kori’s work will additionally help ensure our company growth, client and employment outcomes are consistently met because of great people, great teams.

“We are very excited to have Kori on the team,” said Brenton Rothchild, Chief Operations Officer at Trility Group Holdings. “Kori has a reputation of finding great people and working with great clients. She is also an active member of the greater Des Moines community working to make Iowa one of the best places to live and work. We’re happy she chose to work with us and look forward to our team and company growth as a result of her work!”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise, and advanced technical solutions for forward thinking global businesses.

For more information about the Trility Consulting team or open opportunities, please contact Kori Long at Kori@trility.io or 641-431-1779.

Welcome Cari to the Team!

Trility Consulting hires Cari Thompson as Director of Business Development for the Des Moines and Iowa market!

Trility Consulting, a Trility Group Holdings company, is proud to announce Cari Thompson has joined the Trility Consulting team as Director of Business Development for the greater Des Moines and Iowa market. In this role, Cari will be responsible for direct sales and client engagements in Des Moines and throughout the state of Iowa. Cari has also been entrusted to grow strategic customer accounts and referral partner relationships that tactically meld with Trility Group Holdings’ core business objectives.

Cari Thompson

Cari brings a broad range of experience to her new position at Trility Consulting, including selling enterprise software and leading client implementations, to leading new business efforts and managing the Des Moines market for a national technology resource and solutions company, to launching a new sales channel to support Fortune 1000 clients with the Top 10 national recruitment advertising agencies in the US.

“We are very excited about Cari’s plans for our direct sales efforts,” said Peder Malchow, Chief Revenue Officer at Trility Group Holdings. “Cari has a stellar track record of successful engagements and is a true trusted advisor for many clients in and around the Des Moines market. She is a driven professional capable of delivering creative solutions to achieve our client’s desired outcomes.”

Trility Consulting is a leading provider of measurable outcomes for C-Suite executives. Trility provides strategic management consulting, digital transformation expertise and advanced technical solutions for forward thinking global businesses.

For more information or to connect with Cari Thompson, she can be reached at cari@trility.io or 515-707-3967.

Growth Requires a Plan

Everyone must relate their role, work to achieving the strategic roadmap.

Achieving growth, change, and success without a plan is a blessing. And these blessings lead many to believe they don’t need a plan. Said folks may even believe they are smarter than most and didn’t have a plan in the first place.

For the rest of us, achieving growth, change, and success over and over again in a predictable, repeatable manner that consumers and shareholders can bank on requires a plan.

In our personal lives, we refer to this structure as goals and plans. In companies, we tend to state things in the form of strategic objectives and roadmaps.

Plans and Goals Evolve with Age, Wisdom

When we ask kids what they want to be when they grow up, they often (understandably) have no idea, let alone what it will take to get there. Yet, they are exploring and dreaming – limited only by their imagination (Figure 1 below).

When we ask young adults how far they want to go in the sport of their choice. They often state, “We want to win it all.” And they go on the journey with an idea of a plan (the season schedule), objectives (win all of the time), and a goal (be the best). They may not understand everything necessary to get there, but they are on the road to understanding. Experience helps. These young adults are only limited by their will to win and dedication to the journey.

We ask professionals in organizations about their personal and professional goals and the answers are often crystallized into promotions, higher salary, more responsibility, bonuses, achieving professional certifications, and recognition. These folks often understand goals are composed of one or more objectives that require tasks to achieve them and are limited only by time, opportunity, and a plan. Experience breeds wisdom.

A Strategic Roadmap that Spans Organizations and People

Now consider companies themselves. Do they have strategic objectives for the coming year or years? Are there roadmaps spanning the organization that help the company achieve those objectives?

If there are strategic objectives, does everyone in the company know what they are? Should they? And if there are roadmaps, do they map to fulfilling the corporate objectives? Do all of the team members know how their projects relate to the roadmap which leads to achieving the strategic objectives?

Not having strategic objectives and a roadmap is one class of problem.

Have objectives and roadmaps without general population knowledge and understanding of what they are, what they mean, and how we’re all getting there together? Different class of problem to solve.

Can you imagine a company that has no clear objectives, no roadmap, has experienced intermittent growth, change, and success without a plan and believes working hard and being busy is actually the plan?

Figure 1. The relationship between age, wisdom, plans, and goals.

Ask any adult their plans for a holiday. They will most likely tell you exactly when it starts, where they are going, how they will get there, what they plan to do with a timeline, when they start for home, when they will be back at work, and generally how much the whole endeavor will cost.

We need to see the same attention to detail incorporate strategic objective setting, roadmaps, and projects.

“Would you tell me, please, which way I ought to go from here?”

“That depends a good deal on where you want to get to,” said the Cat.

“I don’t much care where – ” said Alice.

“Then it doesn’t matter which way you go,” said the Cat.

“– so long as I get SOMEWHERE,” Alice added as an explanation.

“Oh, you’re sure to do that,” said the Cat, “if you only walk long enough.”

Dodgson, Charles Lutwidge (pseudonym, Lewis Carroll). Alice’s Adventures in Wonderland. London. Macmillan and Co.1865. Chapter 6.

A parting thought: whether we discuss children, young adults, professionals or corporations, the journey will require much of us – including money. Most people are happy to spend money on children, young adults, and ourselves in pursuit of goals. And most folks are happy to spend their company’s money as well.

Question: If this were your company and your money, how would you feel about the company and people spending your money without clear strategic objectives and a roadmap to get there?

Pack Line Cloud Security

Cloud Security is everyone’s responsibility requires aggressive defense.

Basketball season is in full swing. I have been lucky for the last seven years to coach different levels of basketball ranging from Youth teams through the local High School team. Coaching continues to be a rewarding experience and many of the lessons I have learned working with athletes and other coaches apply directly to my work with product teams.

It doesn’t matter how much you work to perfect your craft, be it system architecture or coaching a team of fifth-grade athletes, there are always new challenges to tackle. A core tenant of sports is continuous improvement which should be applied to everything we do with technology. No one starts playing basketball ready to play in the pros, but everyone has it in them to be successful. It takes a tremendous amount of practice, a dedication to learning new things from others, and celebrating the little victories along the journey.

It is not surprising there are so many different Cloud Security analogies available on the Internet. Cloud Security is a difficult concept to describe given the wide range of tools, services, and seemingly infinite combinations organizations can utilize to solve business problems.

Playing Cloud Security Defense

If you are a fan of basketball, using different defensive schemes is a great way to describe different views on Cloud Security processes. In all cases, the goal is to prevent the offense, or in this case bad actors, from scoring while providing dynamic responses to a constantly changing product architecture and threat landscape.

Typical Cloud Security frameworks today can be compared to two classic defenses: man-to-man and zone.

Man-to-Man

Man-to-Man Cloud Security involves security controls developed around individual services of products. Each control is focused on denying the service from sending or receiving information to other services in the system and aggressively focusing on protecting a single service. Firewalls, both web application and network, focus on denying traffic to block bad actors from easily accessing services. Logging and application specific analytics can be used to build a profile of a service and alert when the service profile is not followed. The disadvantage with man-to-man Cloud Security is in its aggressive focus on the individual service and a lack of real understanding of the big picture. There is a general lack of information on what other services are doing and because of this, any weakness in the focus on a single service can lead to breakdown of the security in general and, in basketball terms, an easy lay-up.

2-3 Zone

Zone Cloud Security primarily revolves around the frameworks in place for infrastructure deployed to support a wide variety of services. We still see organizations bringing the rigid security frameworks utilized for years in brick and mortar data centers and trying to apply them to Cloud Security. Deployed like a 2-3 zone in basketball, the defensive posture is to watch a specific area of the infrastructure and report back to a central service for monitoring and support. As information travels through the zone, communication is critical to ensure nothing gets lost in the shuffle. Each position in the zone is devoted to a specific task supporting a number of different services including both perimeter and core defense. The disadvantage with any zone defense is the gaps and in the public cloud space, gaps are appearing every day.

Server-less architectures are an exciting approach to utilizing the true power of elastic capacity while providing developers easier and easier ways to deploy features to production environments. However, in reducing the amount of infrastructure under direct monitoring the threat surface area is increasing at an equal rate. As any basketball coach will tell you, the easiest way to defeat a zone defense is by moving the ball and attacking the gaps in the zone. Another easy lay-up.

Trility takes a different approach to Cloud Security: the pack line.

Pack Line Defense, created by Dick Bennett of Wisconsin-Stevens Point, is commonly used in some form by many coaches including Tom Izzo at Michigan State and Tony Bennett at Virginia. It is a variation of man-to-man defense with the biggest difference being off-ball defenders play in the gap instead of pressuring their player and denying the pass. Everyone except the player guarding the ball plays inside an imaginary line 16 feet from the rim also known as the pack line. As the ball moves around the perimeter, it is the responsibility of each defender to close out on the ball and aggressively pressure while the remaining defenders adjust their position accordingly to see both man and ball and prepare to help their teammates – five against the ball.

Cloud Security is everyone’s responsibility and while we are aggressively providing man-to-man defense on the active products, the rest of the team is continuously adjusting to find and fill gaps in the defensive strategy. We react to changing conditions and close out on threats while keeping business goals front of mind. 

The ephemeral and elastic nature of the public cloud along with software-defined infrastructure and platforms provide an opportunity for service-specific architectures. Trility utilizes two patent-pending tools to help provide high quality customized security for cloud services: IronBench Compliance Navigator and IronBench Cloud Config.

IronBench Compliance Navigator empowers organizations to develop highly customized compliance guidelines for products and services. Throughout the product lifecycle, IronBench Compliance Navigator uses standards and regulatory information updated as regulatory compliance laws and standards change to provide a solid foundation for product development teams.

IronBench Cloud Config is an enterprise framework and provides the source code for the entire implementation. Product teams can utilize a customizable secure framework based on industry standards and practices on which to build secure supporting infrastructure. Compliance Navigator helps you aggressively challenge the ball handler while Cloud Config supports the team by helping them adjust to changing product needs efficiently and securely working from a library of standards-based templates.

No easy lay-ups.

Don’t Forget the “V” in MVP

Security, operational readiness, reproducibility, and scalability must validate the viability of a product.

Minimum Viable Product, or MVP, is a common term used by business leaders and product owners to help drive quick, iterative, product development to get products released to market faster. The goal is to release just those core features necessary to put the product in front of customers to learn about customer needs and validate assumptions prior to larger investments in a new product. Release quickly, release often, and adjust the product based on feedback from customers.

Product teams today do a great job of focusing on the M, Minimal. Constantly asking the team and business stakeholders when new feature requests are made, “Is this a requirement for MVP?”, helps prioritize development efforts and keep the team focused on making a timely and relevant release. Business stakeholders on a regular basis can see the features being developed during frequent demos and can provide direct feedback which goes back through the same intake process grounded by the same question focused on releasing the MVP. When the cycle is managed by a proactive Product Owner, it can be an extremely efficient way to get ideas from a napkin at lunch to a product in front of customers.

Where Product teams struggle is with making sure the V, Viable, is taken into consideration as a team. Security, operational readiness, reproducibility, and scalability are all important parts of any product which helps validate the viability of a product. Unfortunately in the race to production, these items fall by the wayside and show up on the backlog. When the team does release the product and receive customer feedback, they’re often stuck in a challenging position of either picking up the items in the backlog tagged as After MVP or continuing to refine the product to keep customers engaged. As it should, the focus remains on the customer and meeting the business objectives for the product. The weight of the backlog eventually causes cracks in the team, cracks in the product, and a new round of questions for business stakeholders to consider regarding whether to refactor, rewrite, or sometimes, a new MVP to fix the problems from the previous MVP.

Continuous Integration, Continuous Deployment, Security by Design, Test Driven Development, Performance Testing, Infrastructure as Code – these are all terms many development teams are familiar with and actively promote inside organizations today. However, many of these items are the first things added to the backlog during MVP development when teams are racing against the clock. We need to do a better job as Engineers communicating to business stakeholders that each of these items are individually, and collectively, an important part of making a product viable.

We can still meet the needs of a minimal product by constraining the conversation in each case to the product being developed. The product may not have a need to support a thousand requests a second for the MVP, but we should ensure performance testing frameworks are in place and exercise the product on a regular basis so issues can be discovered early and often during the development process. The product may only require a small amount of simple infrastructure to be deployed to support the MVP, but the infrastructure should be built and deployed in code alongside the rest of the product so as needs change the foundation is already in place to support rapid growth. The product may not have a requirement to support a security standard for the MVP, but the application should be built following a set of standard security practices and validated regularly with automated testing to support a growing customer base. 

Viable – the ability to work successfully and securely.

Product teams need to ensure when MVP is defined, the product’s ability to work successfully after release is front and center during the development process. Minimal helps you get to the first release; Viable ensures you make it to the second.

Compressing Time-to-Value Requires Understanding What’s Valuable

Knowing the cost of all the things in a software delivery chain doesn’t mean you’ve provided value to the customer.

The definition of value is subjective. Measuring expenditures is objective. If you ask someone in your company or team to define value, what do you think they will say? Will they discuss financials? Will they discuss projects, software releases or widgets created? Do you or your team define value to a customer by counting things?

As a quick exercise, define the value of your pants; not in terms of money, but in terms of value to you. Simply put, can you measure the value of your pants? Simpler yet, define the word itself – value. Like choosing wine, art, and music, defining value is subjective to whoever is shopping.

In business, we use cost accounting to count things. Ironically, cost accounting does not define value for a customer, nor does it delight a customer. It simply counts things.

When we use cost accounting to measure, we’re being fiscally responsible. However, the focus on the cost of things leads companies, teams, and individuals to perceive that cost of acquisition, cost of ownership and return on investment math defines value. While the company that sold you pants can measure their investment throughout the entire supply chain down to the point of sale, that math doesn’t define how you value pants, their brand or company. Were you able to measure the value of your pants? What would make you purchase a second pair of those pants?

Taking software projects and breaking them down into people, time, and cost helps us count things. In order to deliver product and service solutions to customers, we count things. Does that seem weird? Does it seem weird we can count all of the things in a project, feel good about ourselves, and still have no idea what the customer actually values?

Does knowing the cost of all the things in a software delivery chain mean we know when we’ve provided value to the customer? Unfortunately, it does not. It only suggests we know how to count.

If we can objectively count money, but we cannot easily measure a customer’s perceived value of things, as business and technology leaders and team members, how do we increase the probability of making first-time and recurring sales? Most of us are in business to make a living. Making a living requires money, which requires sales. If we don’t know what a customer values, how do we make sales?

“What!?” you say to me. “I’m not a sales, advertising or marketing person. That’s their job to do that rubbish. I just deliver stuff.” I’m not a marketing, advertising or sales expert either. However for those who are, as a technology leader I can help them do their jobs better by providing shorter time to revenue windows which helps them discover shorter time to value windows for both the company and the customer.

In other words, marketing, advertising, and salespeople need options every moment of every day to adapt to varying customer scenarios, gain market-share, crush competitors and make money to pay our salaries and business expenses. And they need them now, not when the business and/or technical teams can get to it.

What is the time between having an idea and delivering the idea in order to delight a customer and generate revenue?

In your company, is the flow of a product solution from beginning to end smooth like fresh ice on a hockey rink and as fast as a hockey puck? Or is it more comparable to the starts and stops of a muddy, variably pothole laden road? Figuring out time-to-revenue and time-to-value factors depends on understanding how product solutions flow through your company.

If you build software solutions and/or run software operations for a living, what do you think about the following questions?

  • Why are there so many steps to get from idea on a napkin to implementation?
  • Why are there so many tools in the delivery chain?
  • Why does it take so long to find out if we broke something that worked yesterday?
  • Why can’t we know whether the product meets company standards all of the time?
  • Why do we test so late in the process potentially delaying our project?
  • Why can’t we know if we’re compliant with industry regulations every time we build software, every day of every week instead of during third-party audits performed quarterly and annually in arrears?
  • Why can’t we deliver small portions of the larger solution that can be marketed, advertised and sold along the way instead of waiting for everything to be finished before we can even begin advertising, selling and making money?
  • Why can’t we find a way to deliver at the highest quality and highest velocities at the same time? Why are they treated as mutually exclusive?
  • Is information security and performance really something I have to kick down the road until later?
  • Why does it seem like our projects are black boxes of magic until the very end?

Consider this: Sales people are expected to provide verifiable value that is daily, weekly, monthly, quarterly, and annually measured in qualified leads, follow-ups, sales and revenue with non-negotiable baseline margins, but people who build software products take as long as they take and spend as much as they spend?

If you're responsible for delivering solutions that enable customer delight resulting from sales, marketing and advertising successes, the distance between having an idea and realizing the ability to make money with said idea is called – time to revenue. 

The distance between having a product and knowing what product the customer actually wants to buy is called – time to value.

Question: Organizationally and operationally, what do you need to change in order to realize shorter and more frequent time-to-value discoveries?

If you’d like help figuring out how to compress the time it takes to get from an idea to making money while also including security, performance, quality and reliability from the beginning (instead of later), we’d like to help. Or if you’d like help determining how to more quickly and frequently discover, rediscover and provide recurring value for your customers, the teams at Trility Consulting know how to help you get from where you are to where you’d like to go.

We evaluate your business goals and current state of operations. Then we work with you to implement solutions which help you get there. We use 100% software-defined, continuous delivery behaviors including continuous test-driven development, continuous inspection, continuous compliance, continuous vulnerability assessments, continuous penetration testing, software-defined infrastructure, serverless architectures, secure enterprise-class cloud ecosystems and more. This is simply what we do and how we live even for our own projects – and we’ve been doing it for quite awhile.

We’ll help you discover what time to value looks like in your team and operation. And your customers will thank you for it.

ShowPal Launches Another Product

New Iowa-based startup offer product for showing a home without an agent or homeowner.

ShowPal, a Des Moines, Iowa based start-up founded by Chad Torstenson, recently launched its next product which enables showing a home without an agent or homeowner present.

Adding to the existing Property IQ product, ShowPal now provides the additional abilities to list, show, buy and sell your home without an agent should you choose to do so. And if you decide a bit of help along the way would be handy, ShowPal will provide the additional service of a broker!

The ability to perform autonomous home showings is the next in a series of products and services planned by ShowPal designed to make the process of selling, showing and buying properties safer, easier and cheaper for everyone involved.  To custom build these products and services, ShowPal engaged Trility, to help design, build and deliver their cloud and on-premises based software solutions. 

Trility Consulting focuses on helping companies adopt, build and operate in secure enterprise cloud ecosystems so companies can focus on serving customers.

Visit ShowPal’s site or follow on Twitter and Facebook.

Nick Cardamon joins Trility Consulting

Serving as Senior Account Manager Nick will work with new and existing clients.

Trility Consulting is happy to announce that Nick Cardamon has agreed to join the organization as a Senior Account Manager responsible for client relationship management!

Nick comes to us with a long history of managing relationships and projects with other companies including his own. And in our interactions with him through time and different situations, we knew we wanted to work him!

Nick is involved with acquiring new clients, projects and teams, as well as, staying involved with existing clients to ensure Trility Consulting is consistently performing at and above commitment in each and every relationship.

Our entire leadership team is always available to serve our present and future customers. And with the addition of Nick Cardamon our team is a bit larger and more capable to bring value to you and your organization.

Welcome Nick Cardamon to Trility Consulting!

Eric Gerling joins Trility Consulting as CTO!

He’ll continue to work with clients in determining what problems or goals they seek to address.

Trility Consulting is happy to announce that Eric Gerling has agreed to become the Chief Technology Officer for the organization!

Eric has been acting in the capacity of Chief Cloud Product Architect, Principal DevOps Engineer and Principal Software Engineer helping our Fortune 500 and SMB customers determine how to adopt and evolve into predictable, repeatable, secure enterprise cloud architectures, platforms, and operations.

Eric is typically one of the first people working with customers to help determine what problems or goals they seek to address, provide multiple options to meet those needs and then be part of the leadership team that implements the solution path alongside the customer.

While continuing to work in the aforementioned capacities, in his new role Eric will also spend time exploring business growth opportunities for Trility Consulting, consult with Trility Consulting’s partner company, IronBench, as well as, work to ensure that business and technology solutions provided by Trility Consulting are consistent with today’s and tomorrow’s industry best practices.