Your shipyard runs on a Retool app no auditor will let near controlled unclassified information
Custom internal tools for a Norfolk defense or maritime operation run $35k to $110k and take 2 to 6 months depending on how many workflows you replace. You move off Retool, Airtable, and spreadsheets when the data they touch becomes controlled unclassified information, because a CMMC assessor will not bless a third-party SaaS dashboard sitting between your network and your CUI.
Every Norfolk shipyard and defense shop has the same hidden layer: a Retool dashboard a sharp ops lead built to track availabilities, an Airtable base running the parts queue, and a wall of spreadsheets reconciling labor against work orders. It works, until your contract picks up a CMMC Level 2 requirement and suddenly that data is CUI flowing through tools you do not control and cannot fully audit.
Now the workaround is a liability. The assessor wants to know where the data lives, who can see it, and how access is logged. Retool and Airtable cannot give you the answers you need on a CMMC enclave, and the air-gapped side of the shipyard cannot reach them at all. The very tools that made you fast are the reason your assessment stalls.
Where the off-the-shelf tools fall short
- Retool and Airtable apps touching availability and parts data that becomes CUI under a CMMC Level 2 requirement
- Spreadsheets reconciling labor against work orders with no access logging an assessor will accept
- Air-gapped or restricted shipyard networks that cannot reach cloud SaaS internal tools at all
- Tribal-knowledge tools owned by one person, so the operation breaks when they are out or leave
Custom internal tools: what Norfolk teams actually get
You build custom internal tools when the workflows are real but the platform is the problem. A custom build can live inside your CMMC enclave or on-prem, handle CUI with proper access control and logging, and replace the spreadsheet-and-Retool layer with something an assessor accepts. You keep the speed that made the workarounds valuable and lose the audit and continuity risk.
Feature priorities for Norfolk teams
Norfolk internal tools: the full scope
The engagements Norfolk teams bring us most often:
- Your internal Retool or Airtable apps now touch CUI under a CMMC requirement
- Critical workflows depend on a single person's spreadsheet or low-code app
- Parts of your operation run on air-gapped networks cloud tools cannot reach
- You are re-keying the same data between an internal tool and your ERP
- The data your tools touch is non-sensitive and outside any CMMC scope
- You need something running this week and Retool genuinely fits
- Your workflows change weekly and low-code iteration speed matters more than control
- You have no enclave or on-prem requirement and a small, stable team
The honest cost picture for Norfolk
| Project scope | Typical cost | Timeline |
|---|---|---|
| Single workflow tool replacing one Retool or Airtable app | $35k to $55k | 2 to 3 months |
| Multi-tool ops suite for availabilities and parts | $60k to $90k | 3 to 4 months |
| Enclave-deployed suite with CMMC-grade access control | $90k to $130k+ | 5 to 6 months |
Timeline: what happens, and when
Exactly what you get
The same speed your ops lead got from Retool, but in a tool that lives where CUI is allowed to live, logs who touched what, and keeps running when that ops lead is on leave. You replace the spreadsheet reconciliation with dashboards that read directly from your ERP and inventory management software, and you deploy it where the shipyard network actually permits. It is the boring infrastructure that turns a clever workaround into an auditable system.
How to choose a developer in Norfolk
Hire a team that has deployed inside a compliance boundary before, not just one that ships React dashboards. Ask where the data sits, how access is logged, and how they would handle an air-gapped portion of the yard. If their answer to a CMMC question is to wave at Retool, keep looking. The right partner builds internal tools that plug into your custom software stack and survive an assessment.
- Internal tools that run inside your CMMC enclave or on-prem, so CUI never flows through unvetted SaaS
- Access control and audit logging built to satisfy a CMMC assessor instead of explaining away a Retool app
- Workflows that survive a key person leaving, because logic lives in maintained software not one ops lead's head
- Deployable to restricted or air-gapped shipyard networks that cloud tools cannot reach
- Tools that connect directly to your ERP and inventory data rather than re-keying between spreadsheets
- Custom tools cost more upfront than a Retool or Airtable seat and take longer than wiring up a SaaS dashboard
- You own maintenance and updates; there is no vendor pushing features while you sleep
- Building for an air-gapped enclave constrains your tech choices and slows iteration
- If the data is genuinely not sensitive, custom internal tools are overkill versus low-code
- !They propose Retool for CUI data; ask how they would pass a CMMC assessment with it
- !No experience with on-prem or air-gapped deployment; ask where the data physically lives
- !They cannot describe audit logging an assessor accepts; ask for a concrete example
- !They treat continuity as an afterthought; ask what happens when the tool owner leaves
- !They quote before understanding your CMMC scope; ask how scope changes the architecture
Teams investing in internal tools in Norfolk usually scope it next to custom software, wordpress, accounting, since these systems share data and budgets.
Rohan advises mid-market and enterprise teams on ERP, CRM and custom software, and has led delivery on dozens of business-software builds.
Writes for Digital Heroes, shipping business software for 2,000+ brands across 55+ countries since 2017.
Frequently asked questions
Why can't we just keep using Retool and Airtable for our shipyard tools?
You can until the data becomes CUI under a CMMC requirement. At that point a third-party SaaS dashboard sitting between your network and controlled data is a finding waiting to happen. Custom internal tools let you keep the workflow while keeping the data where an assessor allows it.
Can custom internal tools run on an air-gapped shipyard network?
Yes. A custom build can be deployed on-prem or inside an enclave with no cloud dependency, which is exactly what restricted and air-gapped portions of a Norfolk yard require. Off-the-shelf low-code tools generally cannot reach those networks at all.
What happens to our workflows when the person who built them leaves?
That is one of the strongest reasons to move off one-person Retool apps. Custom internal tools put the workflow logic into maintained, documented software so the operation does not break when its informal owner is out or moves on.