Behind the Scenes

Cyber cops keep us safe from scams, online theft

By Hilary Waldman

While we can see and understand threats such as armed intruders, threats from cyber criminals are far more common. Damage from a single data breach can harm untold numbers of people and cost our system hundreds of thousands of dollars, maybe more.

That’s why HHC is building a cyber-defense system that includes sophisticated technology and vigilant IT experts to stop intruders before they reach our digital doors. But they cannot do it alone. Every HHC employee must be part of the digital Army, helping to keep our data safe.

Members of the HHC cyber security team stand ready.

Photo by Chris Rakoczy
From left to right, they are: Karen Eberl; Jessica Corbett; Mike Venturelli; Kelly Silvestro; Alex Rodriguez; Shasi Malipeddi; Chris Baldwin; Jonathan Cowles; Vinny Nunziante; Teja Loya; Mark Colk; Nhan Phan; Seth Baker; and Jason Lambert. Missing from the photo: Maria Daigle, Martin Krzemien, Jenny Lindfors and Sara Ferrero.

“I liken it to a medieval castle,’’ says Jonathan Cowles, program manager for information security. “You have the wall and the moat and the drawbridge and the guys defending the wall.

The 17-member cyber security team is led by Christopher Baldwin, with Cowles, Malipeddi and Alex Rodriguez heading up the battle on three fronts.

HHC hasn’t experienced a major hack yet, and with everybody’s participation, we never will, Cowles said. “By educating the users we’ve taken the 17 people in our department and made our department 22,000-strong.”

They don’t wear uniforms or patrol in marked cars, but Hartford HealthCare’s Information Security Department plays an unheralded role in keeping us, our customers and our private information safe.

The Wall

This includes your network user ID and passwords called access credentials and must never be shared with others. These control access to applications such as Epic and PeopleSoft and are essential to safeguarding our data and keeping patients safe. Strict controls help to make sure that your provider can see your medical chart, but the parking attendant cannot. Ever wonder why you have to log in to so many applications in our systems? It’s because your network user ID is like your fingerprint, telling our computers what information you have permission to see and what’s off limits. Imagine if a criminal broke into your ePayaccount, said Shasi Malipeddi, head of application security management. “Hackers want personal information because it can be monetized.”

The Moat

Here’s the part when we say “Open Sesame,” and a knight says “Wait, who are you and what kingdom are you from?” It’s also like a suit of armor; hardware and software that puts an extra layer of security between us and our data. This could include encryption, intruder detection systems and multi-step verification of our identity (much like you might see when you log into your bank or investment broker) to make sure we are who we say we are before we can access certain applications.

The Drawbridge

At HHC these are our email filters. Every day, 150,000 emails from external senders come through HHC’s circuits and our filters catch 125,000 of them as malicious. Another 25,000 are snagged as junk, leaving 10,000 to 15,000 to drop into our inboxes. The filters are good, but some fraudulent emails slip through.

The troops defending the wall

This is us. Being careful and deleting scam email is the best way to avoid being hacked. At home and at work it’s important to never open email or links you’re not sure about and never click on links you don’t recognize. Never provide your credentials or personal information over email and never, ever, ever share your password. Even if you are unable to login, never borrow another user’s credentials. If you need assistance, call the IT Help Desk at 860.545.5699.