We believe secure by design should extend to all devices

Konica Minolta were looking for an independent cybersecurity consulting firm to test and validate the safety of their new bizhub i-Series multifunction printers. They partnered with our Security division and NTT DATA to perform a series of advanced penetration tests to identify vulnerabilities in the new Konica Minolta printer line. As a result, they were able to make code enhancements to increase the security of the devices and future-proof their products. These steps enable them to proactively allay buyer fears about potential security risks, with the use of third-party testing increasing their credibility with partner channels and end customers. In addition, the testing and validation now allows them to expand their product reach into sensitive markets.

‘In an environment where customers are increasingly and rightfully concerned with security, NTT’s stamp of approval continues to put us over the top.’ 
Chris Bilello , Vice President, Business Solutions Development, Konica Minolta Business Solutions U.S.A. 

Making 100% sure their devices are secure

Using their internal testing teams, Konica Minolta validates that their printers meet the industry standard Common Criteria for IT security, ISO/IEC 15408. In addition to this, Konica Minolta further hardens their printers through their bizhub SECURE service. Prior to sending a device to a client’s network, bizhub SECURE configures the device with additional encryption and security settings. Together, the Common Criteria validation and the bizhub SECURE service enable Konica Minolta to assure customers that their devices are highly secured.

‘The problem is that for many customers, especially in government, healthcare and finance, even 99.9% isn’t secure enough,’ says Bilello. ‘So, in 2016, we decided to make our products even safer for our customers. We looked for an independent company to provide brute force device penetration tests beyond the normal Common Criteria industry standards.’

Bring in the white hats

While several organizations offer ‘white hat’ IT hacking services that include device penetration tests, Bilello reached out to NTT DATA Security Services. ‘It was a no-brainer to choose NTT DATA for the job,’ Bilello says. ‘They have global credibility — their name is synonymous with technology, security and integrity. NTT DATA leverages advanced hacking techniques from NTT Ltd.’s Security division in addition to scripts, so their tests are more creative and aggressive than other penetration tests.’

Konica Minolta provided a line of their multifunction printers and their source code to NTT DATA for penetration testing. ‘After spending about 80 hours trying to hack into the devices we sent, the engineers could not find any major security vulnerabilities,’ says Bilello. This validation fortified Konica Minolta’s reputation for offering secure products and helped drive the product line’s success.

New printers — new tests

Konica Minolta recently announced its new line of multifunction printers, the bizhub i-Series. The bizhub i-Series features multiple next-generation technologies, including solid state storage, a new code base, firmware and integrated cloud services. To ensure that the product line is compliant with the highest data privacy and end-point security standards, Konica Minolta once again turned to NTT for penetration tests.

Bilello says, ‘We have a strong relationship with NTT based on our last success together. And importantly, they were very responsive in pen testing our new i-Series to help us get to market faster.’

NTT’s penetration tests of the i-Series line suggested modifications that would amplify device security and future proof the product. Anticipating an enthusiastic customer response, Konica Minolta acted on those suggestions before releasing the product to market.