Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Baron Machine Company Sees Writing On The Wall To Be CMMC Cybersecurity Compliant


It was 1957 when Jeremy Baron’s grandfather started Baron Machine Company out of his garage in Laconia, New Hampshire, manufacturing machined components for commercial markets. From its humble beginnings, Baron Machine Company has grown to 44 employees working out of a 30,000 square foot facility to manufacture the highest quality machined components for their customers world-wide. Today, still in Laconia, they have expanded into industries such as aerospace and defense, alternative energy, medical devices and communications to name a few. Jeremy’s father took over the company in 1972 and, about 7 years ago, Jeremy became owner and president of Baron Machine Company.

The Challenge

“A lot of our customers in the defense industry have made CMMC cybersecurity compliance a requirement,” said Jeremy Baron, President of Baron Machine Company. “I saw the writing on the wall and decided to make sure we were in the proper place when CMMC becomes enforced.” But now came the daunting task of finding an organization who could get them to CMMC compliance.
Around that time a representative from NH MEP, part of the MEP National Network™, reached out to Jeremy, letting him know NH MEP could help with CMMC compliance. NH MEP also connected Baron Machine Company with the CARES Act grant program to help offset the cost of the required Phase 1 and Phase 2 CMMC assessments.
We couldn’t be happier with the results from our collaboration with NH MEP with working towards NIST and CMMC. Their team of professionals are easy to work with. NH MEP paired us up with Mainstay Technologies to get us started in this otherwise tedious process. We feel we have truly made leaps and bounds with our cybersecurity. Because of this collaboration Baron Machine has become an approved supplier for its first prime contractor. We can’t thank you enough for all your help, and we can’t wait for our next opportunity to collaborate with NH MEP.
— Jeremy Baron, President

MEP's Role

NH MEP, with the support of its third-party service provider Mainstay Technologies, took Baron Machine Company through the requirements of CMMC, beginning with phase one, a gap analysis, and then performing phase two, reviewing policy, procedures and program design. For the gap analysis the Mainstay Information security team worked with Baron Machine Company to perform an assessment and identify compliance, noncompliance or partial compliance with each of the 110 components required of CMMC. After this review Mainstay provided Baron Machine Company with a compliance report, along with in-person and over the phone consultations about the findings. This included consultation on a plan of action and milestone creation (POAM). For phase two the Mainstay Information Security Team created the appropriate corporate information security policies, procedures, strategies and plans for Baron Machine Company to align their operations with CMMC. Mainstay also made cost-effective, CMMC compliant technical mitigation recommendations.
Created April 5, 2023