Beating Hackers at Their Own Game
Konica Minolta sought an independent cybersecurity consulting firm to test and validate the safety of its new bizhub i-Series multifunction printers.
NTT DATA and NTT Security performed a series of advanced penetration tests to identify vulnerabilities in the new Konica Minolta bizhub multifunction printer (MFP) line.
Network connected devices offer end users tremendous opportunities for collaboration and ease of use. Unfortunately, those same endpoint devices are attractive targets for hackers — by exploiting a security vulnerability in a connected device, a skilled hacker can expose an entire network to data theft, business disruption and financial turmoil.
As a global provider of award-winning multi-function printers, Konica Minolta Business Solutions (Konica Minolta) is highly aware of customer concerns about the security of network-connected devices. “There is more discussion than ever about devices as an endpoint vulnerability,” says Konica Minolta's Vice President of Business Solutions Development Chris Bilello. “For many of our customers, device security represents as much as 50% of their purchasing decision. We go through great efforts to make sure our multi-function printers are rock-solid before they ship.”
Konica Minolta puts their products through rigorous internal cybersecurity tests to protect their systems and ensure they meet PCI, HIPAA, FERPA and GDPR regulations. But to further allay customer concerns, Konica Minolta invests in an extra layer of threat protection — penetration tests provided by NTT DATA Security Services.
- Recommends code enhancements to increase the security and future proof the product
- Proactively allays buyer fears about potential security risks
- Increases credibility with partner channels and customers with third-party testing
- Expands product reach into sensitive markets through testing and validation
99.9% isn’t good enough
Using its internal testing teams, Konica Minolta validates that its printers meet the industry standard Common Criteria for IT security, ISO/IEC 15408. In addition to delivering to the latest ISO/IEC 15408 standards, Konica Minolta further hardens its printers through its bizhub SECURE service. Prior to sending a device to a client’s network, bizhub SECURE configures the device with additional encryption and security settings. Together, the Common Criteria validation and the bizhub SECURE service enable Konica Minolta to assure customers that its devices are highly secured.
“The problem is that for many customers, especially in government, healthcare and finance, even 99.9% isn’t secure enough,” says Bilello. “So, in 2016, we decided to make our products even safer for our customers. We looked for an independent company to provide brute force device penetration tests beyond the normal Common Criteria industry standards.”
Bring in the white hats
While several organizations offer “white hat” IT hacking services that include device penetration tests, Bilello reached out to NTT DATA’s Security Services. “It was a no-brainer to choose NTT DATA for the job,” Bilello says. “They have global credibility — their name is synonymous with technology, security and integrity. NTT DATA leverages NTT Security’s advanced hacking techniques in addition to scripts, so their tests are more creative and aggressive than other penetration tests.”
Konica Minolta provided a line of its multifunction printers and their source code to NTT DATA for penetration testing. “After spending about 80 hours trying to hack into the devices we sent, the engineers could not find any major security vulnerabilities,” says Bilello. The validation from NTT DATA fortified Konica Minolta’s reputation for offering secure products and helped drive the product line’s success.
New printers — new tests
Konica Minolta recently announced its new line of multifunction printers, the bizhub i-Series. The bizhub i-Series features multiple next-generation technologies, including solid state storage, a new code base, firmware and integrated cloud services. To ensure that the product line is compliant with the highest data privacy and end-point security standards, Konica Minolta once again turned to NTT DATA for penetration tests.
Bilello says, “We have a strong relationship with NTT DATA based on our last success together. And importantly, they were very responsive in pen testing our new i-Series to help us get to market faster.”
NTT DATA's penetration tests of the i-Series line suggested modifications that would amplify device security and future proof the product. Anticipating an enthusiastic customer response, Konica Minolta acted on those suggestions before releasing the product to market.
Validated security creates competitive advantage
By again obtaining an endorsement of the highest-security standards from a market-leading independent company, Konica Minolta continues to enhance its reputation and competitive position. Bilello says, “In conversations and RFPs, our clients are asking us more frequently than ever for penetration tests of our products. I don’t know of a competitor that has contracted a Fortune 500 company with the penetration testing capabilities that NTT DATA has. In an environment where customers are increasingly and rightfully concerned with security, NTT DATA’s stamp of approval continues to put us over the top.”
About Konica Minolta Business Solutions U.S.A., Inc.
Konica Minolta partners with NTT DATA and NTT Security for penetration testing on its new bizhub i-Series multifunction printers to assure customers that the printers exceed industry standards for cybersecurity compliance.