Giving Away A Little Too Much?
On a near weekly basis, The Credit Union Journal's Community Page includes reports of credit unions that have donated used personal computers to various charities.
But could a credit union unknowingly send along member data with those donations? IT managers interviewed by
The caution taken by some credit unions runs counter to the findings of one recent report, which found nearly half of
One reason many credit unions say they feel safe that member information hasn't been unwittingly given away is
"Our members' personal and financial files are kept with a service bureau, so there's nothing stored on a computer
"But you never know what people put on a computer, so I guess there's always a possibility that it might hold
That's why Merck Sharp & Dohme didn't take chances with a recent donation of 17 Compaq DeskPros with
For example, if the computer ran on Windows 98 before the CU reformatted the hard drive, then Windows 98 is
But not everyone is so careful. Personal information was recovered on almost 40% of the used hard drives bought
Other CU executives echoed Spachman's opinion: It seems unlikely that members' financial information could be
Travis Credit Union, Vacaville-Calif., uses a terminal emulator program to store member data, said Craig Beaudry,
The risk is higher depending on who has been using the computer, according to Adam Lambert, information systems
"Only a few of my machines would require some extra processing to remove data. For example, management-level
Both $1.1-billion Travis CU and the $110-million Palisades FCU make efforts to clean up their hard drives before
Palisades FCU donated 18 PCs with Pentium and 486 processors in 2001 to charity.
"I checked for any Microsoft Word documents with information and found none, so that wasn't a problem," said
Of course, Lambert then runs "low-level" formatting to wipe the hard drives.
However, to err on the side of caution, he said future machines set aside for donation will undergo a "more vigorous
As a matter of practice, Palisades stores critical data on a file server and host mainframe server, not only to protect
Travis CU also plays the safe side, running a program that "wrote ones and zeros over every piece of the hard drive
"This process was run at least 10 times on each drive."