Konica Minolta Business Solutions beats hackers at their own game
Konica Minolta were looking for an independent cybersecurity consulting firm to test and validate the safety of their new bizhub i-Series multifunction printers. They partnered with our Security division and NTT DATA to perform a series of advanced penetration tests to identify vulnerabilities in the new Konica Minolta printer line. As a result, they were able to make code enhancements to increase the security of the devices and future-proof their products. These steps enable them to proactively allay buyer fears about potential security risks, with the use of third-party testing increasing their credibility with partner channels and end customers. In addition, the testing and validation now allows them to expand their product reach into sensitive markets.
Putting security first
Network connected devices offer end users tremendous opportunities for collaboration and ease of use. Unfortunately, those same devices are attractive targets for hackers — by exploiting a security vulnerability in a connected device, a skilled hacker can expose an entire network to data theft, business disruption and financial turmoil.
As a global provider of award-winning multi-function printers, Konica Minolta is highly aware of customer concerns about the security of network-connected devices.
‘There is more discussion than ever about devices as an endpoint vulnerability,’ says Chris Bilello, Vice President, Business Solutions Development at Konica Minolta. ‘For many of our customers, device security represents as much as 50% of their purchasing decision. We go through great efforts to make sure our printers are rock-solid before they ship.’
Konica Minolta puts their products through rigorous internal cybersecurity tests to protect their systems and ensure they meet PCI, HIPAA, FERPA and GDPR regulations. But to further allay customer concerns, Konica Minolta invests in an extra layer of threat protection — penetration tests provided by our Security division and NTT DATA Security Services.
Consulting Services, Penetration Testing
‘In an environment where customers are increasingly and rightfully concerned with security, NTT’s stamp of approval continues to put us over the top.’, Vice President, Business Solutions Development, Konica Minolta Business Solutions U.S.A.
Making 100% sure their devices are secure
Using their internal testing teams, Konica Minolta validates that their printers meet the industry standard Common Criteria for IT security, ISO/IEC 15408. In addition to this, Konica Minolta further hardens their printers through their bizhub SECURE service. Prior to sending a device to a client’s network, bizhub SECURE configures the device with additional encryption and security settings. Together, the Common Criteria validation and the bizhub SECURE service enable Konica Minolta to assure customers that their devices are highly secured.
The problem is that for many customers, especially in government, healthcare and finance, even 99.9% isn’t secure enough,’ says Bilello. ‘So, in 2016, we decided to make our products even safer for our customers. We looked for an independent company to provide brute force device penetration tests beyond the normal Common Criteria industry standards.
Bring in the white hats
While several organizations offer ‘white hat’ IT hacking services that include device penetration tests, Bilello reached out to NTT DATA Security Services. ‘It was a no-brainer to choose NTT DATA for the job,’ Bilello says. ‘They have global credibility — their name is synonymous with technology, security and integrity. NTT DATA leverages advanced hacking techniques from NTT Ltd.’s Security division in addition to scripts, so their tests are more creative and aggressive than other penetration tests.’
Konica Minolta provided a line of their multifunction printers and their source code to NTT DATA for penetration testing. ‘After spending about 80 hours trying to hack into the devices we sent, the engineers could not find any major security vulnerabilities,’ says Bilello. This validation fortified Konica Minolta’s reputation for offering secure products and helped drive the product line’s success.
New printers — new tests
Konica Minolta recently announced its new line of multifunction printers, the bizhub i-Series. The bizhub i-Series features multiple next-generation technologies, including solid state storage, a new code base, firmware and integrated cloud services. To ensure that the product line is compliant with the highest data privacy and end-point security standards, Konica Minolta once again turned to NTT for penetration tests. Bilello says, ‘We have a strong relationship with NTT based on our last success together. And importantly, they were very responsive in pen testing our new i-Series to help us get to market faster.’
NTT’s penetration tests of the i-Series line suggested modifications that would amplify device security and future proof the product. Anticipating an enthusiastic customer response, Konica Minolta acted on those suggestions before releasing the product to market.