One of our customers let us know that his former planning software alerted him to changes they were making to address risk with PII (Personally Identifiable Information.) The customer was wondering if we were taking similar measures. (Here's a link to the original email: http://bit.ly/1BxfxM6)
The email from the vendor is a little surprising because it's common knowledge in software vendor circles that first & last name can be PII. For example, I bet there aren't many "Xander Berkeley"'s in the US; first and last name is PII for him. For someone named "Bill Johnson", they have more leeway.
The approach the vendor is suggesting is sound, although it is potentially trading off usability for security. (You might have a problem if you have two clients, Tom Sales and Tom Salvatore - both "Tom Sal".)
RetireUp's focus is not just on PII data loss but to ensure we never lose any data. After all, even if PII isn't compromised, you probably don't want your password, AUM, annuity production, etc. exposed.
The approach that we take is twofold:
- Limit the amount of PII that can be stored in RetireUp. Technically, an advisor can run a plan with a set of initials and approximate age.
- Implement a rigorous security architecture and testing protocol. In addition to rigorous technical security, we pay an external security firm to attempt to compromise our site security on a weekly basis.
We believe that our approach will help us actively prevent any data loss. If something did occur, we have the mechanisms in place to detect the loss, stop it quickly, and to report it appropriately.