Baron Machine Company Sees Writing On The Wall To Be CMMC Cybersecurity Compliant

It was 1957 when Jeremy Baron’s grandfather started Baron Machine Company out of his garage in Laconia, New Hampshire, manufacturing machined components for commercial markets. From its humble beginnings, Baron Machine Company has grown to 44 employees working out of a 30,000 square foot facility to manufacture the highest quality machined components for their customers world-wide. Today, still in Laconia, they have expanded into industries such as aerospace and defense, alternative energy, medical devices and communications to name a few. Jeremy’s father took over the company in 1972 and, about 7 years ago, Jeremy became owner and president of Baron Machine Company.

“A lot of our customers in the defense industry have made CMMC cybersecurity compliance a requirement,” said Jeremy Baron, President of Baron Machine Company. “I saw the writing on the wall and decided to make sure we were in the proper place when CMMC becomes enforced.” But now came the daunting task of finding an organization who could get them to CMMC compliance.
Around that time a representative from NH MEP, part of the MEP National Network™, reached out to Jeremy, letting him know NH MEP could help with CMMC compliance. NH MEP also connected Baron Machine Company with the CARES Act grant program to help offset the cost of the required Phase 1 and Phase 2 CMMC assessments.

NH MEP, with the support of its third-party service provider Mainstay Technologies, took Baron Machine Company through the requirements of CMMC, beginning with phase one, a gap analysis, and then performing phase two, reviewing policy, procedures and program design. For the gap analysis the Mainstay Information security team worked with Baron Machine Company to perform an assessment and identify compliance, noncompliance or partial compliance with each of the 110 components required of CMMC. After this review Mainstay provided Baron Machine Company with a compliance report, along with in-person and over the phone consultations about the findings. This included consultation on a plan of action and milestone creation (POAM). For phase two the Mainstay Information Security Team created the appropriate corporate information security policies, procedures, strategies and plans for Baron Machine Company to align their operations with CMMC. Mainstay also made cost-effective, CMMC compliant technical mitigation recommendations.