Daniel Bales, National Manager - Technology Operations - Konica Minolta Australia
The Background
I joined Konica Minolta in 2019 as an Infrastructure Manager, and one of my top three priorities was to enhance security. This was for several reasons:
Konica Minolta is an award-winning global company that’s headquartered in Japan. From Australia, we provide integrated print hardware and software solutions to enterprise businesses as well as government and defence. Ensuring our dealings with these clients, and data held is secure, is paramount.
We are also in possession of research and development coming out of our Japan headquarters, which of course is highly valuable intellectual property. Moreover, due to COVID-19, many of our staff now work from home, which has necessitated a heightened level of security across the business.
The Goal
When I joined Konica Minolta, I made it clear that I would take a proactive approach to security. There’s no room to sit back and wait for things to happen. We need to be constantly working on identifying risks and taking action to protect the business and our clients.
Right from the start, I could see the potential to improve infrastructure security as the company was having small but regular security-related issues. However, I needed data as evidence to show the executive team so they’d understand my plan and the investment required.
With this in mind, I brought in The Missing Link to do conduct a Penetration Test as part of a broader assessment of where the company was at. I briefed them to assess our level of security maturity and identify what we were doing right and what we were doing wrong.
Ultimately, I wanted to engage The Missing Link as an extension of my internal security resources. My in-house team is small and always will be small – I’ll never have two or three people on the ground solely focussed on security, so it’s crucial that I’m able to leverage their expertise and to call upon them when the need arises.
The Selection Process
We had some existing IT partners – some of the big players in the market who we still work with – but for our security strategy and service, I wanted a company that could offer more specialist expertise. And, because I wanted a provider that would act as an extension of my security team, I wanted to work with a company where relationships would be stable and develop over time.
The Missing Link was my first choice. I’d worked with them before, and I knew they had a good deep level of technical knowledge.
As it turns out, engaging them was a good decision. I feel like all the people I’ve worked with – architects, analysts and account managers – have really deep technical knowledge and experience.
Our Relationship
Over the last year, I’ve worked with the same four people pretty regularly, and the relationship has developed as I’d hoped. They’re professional but not ultra-serious, they’re consultative so I’m comfortable about throwing ideas out for discussion, they’re flexible and most importantly, they get things done (with the occasional joke thrown in 😜).
Our initial security assessment was a great example of how effective our relationship has been from the start. Within a short time, they were able to show us how much we had to do and where we were at, from a security maturity point of view. This was helpful for me in creating a good business case for engaging their services.
Pretty soon after, we implemented a SIEM project, which has provided a high level of visibility in terms of who’s logging in, when and from where, the documents they’re accessing and how they’re being shared. It’s not as Big Brother as it sounds; however, it does alert us to what is happening and will enable us to quickly identify any unauthorised data access. This gives us confidence that there are no cybercriminals poking around – if there were, we’d find them pretty quickly.
Recently, we’ve been working on a few projects, one of which is achieving ISO 27001 status. I’m glad I’m not alone in this massive task as this would normally be a tedious process, however, The Missing Link has structured it well and we’re working through it with ease.
The Difference
Engaging The Missing Link has definitely made a difference at Konica Minolta. They’ve got a good deep set of technical skills and they’re proactive when it comes to identifying risks and taking steps to resolve them. We’re working to a program which is regularly reviewed and revised as needed.
I like the fact that they’re always there – if I have an issue that I’m not sure how to approach, I pick up the phone and they sort it out. My boss has the same level of confidence in their expertise. This is massive in today’s times and I believe this is what sets them apart from other competitors in the market.
When it comes to IT security, you need to find the right partner for the size of your business. The Missing Link matches us well in terms of business size and culture.
They’re a bit like a security blanket really – knowing I’ve got them as our partners mean I can sleep better at night.
