Our Business:
Duffy Compliance is a consulting firm with an enterprise-level background based in Maryland, serving companies nation-wide. We provide the guidance businesses need to get and stay compliant.
Our main goal is simple: to simplify your compliance process, safeguard your information systems, and help you achieve accreditation with as little stress on your part as possible.
We bring decades of enterprise-level experience and knowledge to our current clients. We have several solutions to meet a multitude of different environments. We have been working with NIST 800-171 since its inception. We do our best to offer our extensive experience at an affordable rate.
Our Experience:
- Consulting:
- Fractional Compliance Officer
- IT Services Companies
- DR / COOP planning
- Financial Loan Office security architecture and compliance mandates
- Assessments:
- Large Professional Entertainment Organization
- IT Service Companies
- Commercial SaaS Web Applications
- Insurance Companies
- Compliance:
- Compliance with FTC Safeguards Rule
- Compliance with CMMC
- Risk and Compliance Audits
- Compliance with Protecting DFAR / CUI
- Compliance with Cybersecurity Framework (CSF)
- Compliance with FISMA
Executives:
Shawn Duffy, CISSP
President
Duffy Compliance Services President and CEO Shawn Duffy has been involved in the IT security industry since the moment he left college in 1992. In one of his first roles, he became the lead administrator in support of an environment containing 250 remote sites. He has worked with early firewall appliances and built some of the first Access Control Lists (ACLs) before many network devices even had the capability to use them.
Shawn Duffy has a proven track record with extensive experience in leading and supporting Information Assurance and System Security programs. He has experience in sales, security engineering, and as a contributor with large contractors, such as Northrop Grumman and General Dynamics, as well as in risk and vulnerability management and government compliance. Focus areas include: CMMC, DFARS/CUI, FISMA, Threat Management, Vulnerability, Assessments and Penetration Testing.
“I believe every business should be as knowledgeable about their systems as possible. Whether you are looking to validate the work of your IT staff or just looking to augment their capabilities, we want to be a part of your solution as trusted consultants. Risk is not about which products you choose to protect your network, it is about your resistance to exposure.”
– Shawn Duffy, President, Duffy Compliance Services, LLC.
Our Team:
Dawn Shuler
Integrator
Dawn Shuler is the Integrator for Duffy Compliance Services. (Integrator is akin to Chief Operating Officer and comes from the EOS – Entrepreneurial Operating System – made famous by Gino Wickman in his book Traction.) As Integrator, Dawn coordinates the three main areas of the business: Marketing & Sales, Operations, and Finance & Administration. She brings more than two decades of experience assisting, managing, and leading businesses, and she has a deep passion for systems and processes. She loves being creative, and she gets excited creating a spreadsheet or new system. Dawn lives in Virginia with her husband Mark and cat Kojo, and occasionally is visited by her two adult daughters. In her spare time, she hikes, quilts, and paints.
Steve Medellin
Director of Client Services
Steve is our Director of Client Services at Duffy Compliance Services, bringing a wide array of skills and experiences. He is a seasoned ISO Auditor with over 25 years of experience in a variety of ISO/IEC Standards, conducting external and internal audits, strategic marketing, business development, sales, and program development/leadership efforts. Steve was also an integral part of the team who launched and grew the A2LA FedRAMP Accreditation program. At Duffy Compliance, he appreciates that the work we do has a positive impact on individuals and businesses by helping them protect what is important to them. In his spare time, Steve likes spending time with his family and enjoys mountain biking.
Clarence Labor
Senior Compliance Consultant
Clarence comes to Duffy Compliance Services as our Senior Compliance Consultant with more than 15 years of active security, compliance, and DR/BCP work. With a BS in Business Administration and Computer Science, he also has an MIT Certificate in Technology/Management. In addition, he has a wide array of certifications, including CMMC Registered Practitioner. At Duffy Compliance, he enjoys assisting our clients and the continuous learning experience. In his spare time, he is an avid soccer fan, running in marathons and triathlons, playing drums and bass guitar, and, most of all, spending time with family and friends.