We believe secure by design should extend to all devices

Konica Minolta were looking for an independent cybersecurity consulting firm to test and validate the safety of their new bizhub i-Series multifunction printers. They partnered with our Security division and NTT DATA to perform a series of advanced penetration tests to identify vulnerabilities in the new Konica Minolta printer line. As a result, they were able to make code enhancements to increase the security of the devices and future-proof their products. These steps enable them to proactively allay buyer fears about potential security risks, with the use of third-party testing increasing their credibility with partner channels and end customers. In addition, the testing and validation now allows them to expand their product reach into sensitive markets.

Putting security first

Network connected devices offer end users tremendous opportunities for collaboration and ease of use. Unfortunately, those same devices are attractive targets for hackers — by exploiting a security vulnerability in a connected device, a skilled hacker can expose an entire network to data theft, business disruption and financial turmoil.

As a global provider of award-winning multi-function printers, Konica Minolta is highly aware of customer concerns about the security of network-connected devices.

‘There is more discussion than ever about devices as an endpoint vulnerability,’ says Chris Bilello, Vice President, Business Solutions Development at Konica Minolta. ‘For many of our customers, device security represents as much as 50% of their purchasing decision. We go through great efforts to make sure our printers are rock-solid before they ship.’

Konica Minolta puts their products through rigorous internal cybersecurity tests to protect their systems and ensure they meet PCI, HIPAA, FERPA and GDPR regulations. But to further allay customer concerns, Konica Minolta invests in an extra layer of threat protection — penetration tests provided by our Security division and NTT DATA Security Services.

Sharing icon

Which services?

  • Consulting Services
  • Penetration testing
  • Hands shaking icon

    Which partners

  • NTT Data
  • ‘In an environment where customers are increasingly and rightfully concerned with security, NTT’s stamp of approval continues to put us over the top.’ 
    Chris Bilello , Vice President, Business Solutions Development, Konica Minolta Business Solutions U.S.A. 

    Making 100% sure their devices are secure

    Using their internal testing teams, Konica Minolta validates that their printers meet the industry standard Common Criteria for IT security, ISO/IEC 15408. In addition to this, Konica Minolta further hardens their printers through their bizhub SECURE service. Prior to sending a device to a client’s network, bizhub SECURE configures the device with additional encryption and security settings. Together, the Common Criteria validation and the bizhub SECURE service enable Konica Minolta to assure customers that their devices are highly secured.

    ‘The problem is that for many customers, especially in government, healthcare and finance, even 99.9% isn’t secure enough,’ says Bilello. ‘So, in 2016, we decided to make our products even safer for our customers. We looked for an independent company to provide brute force device penetration tests beyond the normal Common Criteria industry standards.’

    Bring in the white hats

    While several organizations offer ‘white hat’ IT hacking services that include device penetration tests, Bilello reached out to NTT DATA Security Services. ‘It was a no-brainer to choose NTT DATA for the job,’ Bilello says. ‘They have global credibility — their name is synonymous with technology, security and integrity. NTT DATA leverages advanced hacking techniques from NTT Ltd.’s Security division in addition to scripts, so their tests are more creative and aggressive than other penetration tests.’

    Konica Minolta provided a line of their multifunction printers and their source code to NTT DATA for penetration testing. ‘After spending about 80 hours trying to hack into the devices we sent, the engineers could not find any major security vulnerabilities,’ says Bilello. This validation fortified Konica Minolta’s reputation for offering secure products and helped drive the product line’s success.

    New printers — new tests

    Konica Minolta recently announced its new line of multifunction printers, the bizhub i-Series. The bizhub i-Series features multiple next-generation technologies, including solid state storage, a new code base, firmware and integrated cloud services. To ensure that the product line is compliant with the highest data privacy and end-point security standards, Konica Minolta once again turned to NTT for penetration tests.

    Bilello says, ‘We have a strong relationship with NTT based on our last success together. And importantly, they were very responsive in pen testing our new i-Series to help us get to market faster.’

    NTT’s penetration tests of the i-Series line suggested modifications that would amplify device security and future proof the product. Anticipating an enthusiastic customer response, Konica Minolta acted on those suggestions before releasing the product to market.

    Validated security creates competitive advantage

    By again obtaining an endorsement of the highest-security standards from a market- leading independent company, Konica Minolta continues to enhance their reputation and competitive position. Bilello says, ‘In conversations and RFPs, our clients are asking us more frequently than ever for penetration tests of our products. I don’t know of a competitor that has contracted a Fortune 500 company with the penetration testing capabilities that NTT has. In an environment where customers are increasingly and rightfully concerned with security, NTT’s stamp of approval continues to put us over the top.’

    Team strategizing in a meeting room

    99.9% not secure enough 

    To ensure they could meet their customers’ demands for secure infrastructure Konica Minolta looked for additional ways to ensure their devices were secure.

    Probing source code

    After 80 hours of testing the team couldn’t find any major security vulnerabilities in the devices

    A competitive advantage

    Being able to show the lengths they went to to ensure their devices are secure provides customers with additional piece of mind.