Company Background:
It was 1957 when Jeremy Baron’s grandfather started Baron Machine Company out of his garage in Laconia, New Hampshire. Staying in Laconia, Baron Machine moved into their current location in the late 1960’s. Jeremy’s father took over the company in 1972 and about 7 years ago Jeremy became Owner and President of Baron Machine Company.
Baron Machine Company started out by manufacturing machined components for commercial markets. Today they have expanded into industries such as aerospace and defense, alternative energy, medical devices and communications to name a few.
From its humble beginnings, Baron Machine Company has grown to 44 employees working out of a 30,000 square foot facility to manufacture the highest quality machined components for their customers world-wide.
Situation:
“A lot of our customers in the defense industry have made CMMC cybersecurity compliance a requirement,” said Jeremy Baron, President of Baron Machine Company. “I saw the writing on the wall and decided to make sure we were in the proper place when CMMC becomes enforced.” But now came the daunting task of finding an organization who could get them to CMMC compliance.
Just around that time a representative from NH MEP reached out to Jeremy letting him know NH MEP can help them with CMMC compliance. NH MEP even offered Baron Machine Company a CARES Act Grant to help offset the cost of the required Phase 1 and Phase 2 CMMC assessments.
Solution:
NH MEP with the support of its 3rd party service provider Mainstay Technologies would take Baron Machine Company through the requirements of CMMC first with the Phase 1 – GAP Analysis, and then the Phase 2 – Policy, Procedures, and Program Design.
For the Phase 1 – GAP Analysis the Mainstay Information Security Team worked with Baron Machine Company to perform an assessment and identify compliance, noncompliance, or partial compliance with each of the 110 components required of CMMC. Mainstay provided Baron Machine Company a compliance report, along with in-person and over the phone consultations about the findings. This included consultation on a Plan of Action and Milestones Creation (POAM).
For Phase 2 – Policy, Procedures, and Program Design the Mainstay Information Security Team created the appropriate Corporate Information Security Policies, Procedures, Strategies and Plans for Baron Machine Company that aligned with CMMC. Mainstay also made cost-effective, CMMC compliant technical mitigation recommendations.
Results:
“After having gone through CMMC we now have a 95+ rating which means we are almost fully compliant. This allowed us to be approved by Northrup Grumman and begin talks with General Dynamics,” said Baron. “Thanks to NH MEP, Mainstay Technologies, and NH MEP’s CARES Act Grant to help with the cost, we would in no way be as far along as we are today.”
The following results for Baron Machine Company can be credited to having gone through the Phase 1 and Phase 2 CMMC cybersecurity requirements:
- $100,000 in new sales over the last 12 months
- Retained sales of $1,000,000 over the last 12 months that otherwise would have been lost
- Added 4 new jobs over the last 12 months
- Increased investment of $10,000 in new products or processes over the last 12 months
- Increased investment of $225,000 in plant or equipment over the last 12 months
- Increased investment of $15,000 in information systems and software over the last 12 months
- Increased investment of $5,000 in workforce practices or employee skills over the last 12 months
- Increased investment of $5,000 in other areas of business over the last 12 months
“We couldn’t be happier with the results from our collaboration with NH MEP with working towards NIST and CMMC. Their team of professionals are easy to work with. NH MEP paired us up with Mainstay Technologies to get us started in this otherwise tedious process. We feel we have truly made leaps and bounds with our Cybersecurity. Because of this collaboration Baron Machine has become an approved supplier for its first Prime Contractor. We can’t thank you enough for all your help, and we can’t wait for our next opportunity to collaborate with NH MEP.”