"Potentially there's personal information in both an email and an attachment, so both need to be encrypted," said Warren Mackensen, a certified financial planner and president of Pro Tracker Software in Hampton, N.H.
Mackensen, who was the featured speaker at the T3 session focused on the new Massachusetts law, said people need to put more thought into creating passwords because hackers can quickly crack simple password codes of fewer than eight digits by using software readily available online.
He said a potentially good password could be something like: "Amongtheclouds9000." This is an actual password (but the number changed to protect the innocent) that represents a certain mountain that's 9,000 feet high and with a peak that's often shrouded in clouds. The point being is it's an easy-to-remember password that's not easy for a hacker to crack.
"Think about old sayings, or non-English by shortening the spelling of words or using symbols for letters such as '@,'" Mackensen said.
A good part of the T3 session dealt with encryption, which is an algorithm that scrambles data to make it unreadable. The minimum standard is 128-bit encryption, which is two to the 128th power, which equals 3.4 x 10 to the 38th power number of possible combinations.
At the end of the day, even if the new Massachusetts law is copied by other states and starts a trend around the country that forces advisors to invest in tools and processes to safeguard their clients' personal information, the best intentions can be undermined by human laziness and sloppiness.
"Personal information is everywhere in the office," Mackensen said. "We can have all of the technology barriers, but everyone of us is the biggest [security] hole. We're the weak link."