Putting security first
Network connected devices offer end users tremendous opportunities for collaboration and ease of use. Unfortunately, those same devices are attractive targets for hackers — by exploiting a security vulnerability in a connected device, a skilled hacker can expose an entire network to data theft, business disruption and financial turmoil.
As a global provider of award-winning multi-function printers, Konica Minolta is highly aware of customer concerns about the security of network-connected devices.
‘There is more discussion than ever about devices as an endpoint vulnerability,’ says Chris Bilello, Vice President, Business Solutions Development at Konica Minolta. ‘For many of our customers, device security represents as much as 50% of their purchasing decision. We go through great efforts to make sure our printers are rock-solid before they ship.’
Konica Minolta puts their products through rigorous internal cybersecurity tests to protect their systems and ensure they meet PCI, HIPAA, FERPA and GDPR regulations. But to further allay customer concerns, Konica Minolta invests in an extra layer of threat protection — penetration tests provided by our Security division and NTT DATA Security Services.
‘In an environment where customers are increasingly and rightfully concerned with security, NTT’s stamp of approval continues to put us over the top.’, Vice President, Business Solutions Development, Konica Minolta Business Solutions U.S.A.
Making 100% sure their devices are secure
Using their internal testing teams, Konica Minolta validates that their printers meet the industry standard Common Criteria for IT security, ISO/IEC 15408. In addition to this, Konica Minolta further hardens their printers through their bizhub SECURE service. Prior to sending a device to a client’s network, bizhub SECURE configures the device with additional encryption and security settings. Together, the Common Criteria validation and the bizhub SECURE service enable Konica Minolta to assure customers that their devices are highly secured.
‘The problem is that for many customers, especially in government, healthcare and finance, even 99.9% isn’t secure enough,’ says Bilello. ‘So, in 2016, we decided to make our products even safer for our customers. We looked for an independent company to provide brute force device penetration tests beyond the normal Common Criteria industry standards.’
Bring in the white hats
While several organizations offer ‘white hat’ IT hacking services that include device penetration tests, Bilello reached out to NTT DATA Security Services. ‘It was a no-brainer to choose NTT DATA for the job,’ Bilello says. ‘They have global credibility — their name is synonymous with technology, security and integrity. NTT DATA leverages advanced hacking techniques from NTT Ltd.’s Security division in addition to scripts, so their tests are more creative and aggressive than other penetration tests.’
Konica Minolta provided a line of their multifunction printers and their source code to NTT DATA for penetration testing. ‘After spending about 80 hours trying to hack into the devices we sent, the engineers could not find any major security vulnerabilities,’ says Bilello. This validation fortified Konica Minolta’s reputation for offering secure products and helped drive the product line’s success.
New printers — new tests
Konica Minolta recently announced its new line of multifunction printers, the bizhub i-Series. The bizhub i-Series features multiple next-generation technologies, including solid state storage, a new code base, firmware and integrated cloud services. To ensure that the product line is compliant with the highest data privacy and end-point security standards, Konica Minolta once again turned to NTT for penetration tests.
Bilello says, ‘We have a strong relationship with NTT based on our last success together. And importantly, they were very responsive in pen testing our new i-Series to help us get to market faster.’
NTT’s penetration tests of the i-Series line suggested modifications that would amplify device security and future proof the product. Anticipating an enthusiastic customer response, Konica Minolta acted on those suggestions before releasing the product to market.
Validated security creates competitive advantage
By again obtaining an endorsement of the highest-security standards from a market- leading independent company, Konica Minolta continues to enhance their reputation and competitive position. Bilello says, ‘In conversations and RFPs, our clients are asking us more frequently than ever for penetration tests of our products. I don’t know of a competitor that has contracted a Fortune 500 company with the penetration testing capabilities that NTT has. In an environment where customers are increasingly and rightfully concerned with security, NTT’s stamp of approval continues to put us over the top.’
99.9% not secure enough
To ensure they could meet their customers’ demands for secure infrastructure Konica Minolta looked for additional ways to ensure their devices were secure.
Probing source code
After 80 hours of testing the team couldn’t find any major security vulnerabilities in the devices
A competitive advantage
Being able to show the lengths they went to to ensure their devices are secure provides customers with additional piece of mind.