Given the recent theft of passwords and other sensitive customer information at banks and big retailers like Target (NYSE:TGT) and Home Depot (NYSE:HD), if you think it cant happen to your financial advisory firm, youre wrong. And thats something you simply cant afford to be.

Large banks and investment houses pour millions into cybersecurity. But there are some simple, cost-effective steps that even small financial-adviser practices can take to make it tougher for hackers and thieves to get at your clients data and finances.

One area that many advisers are lax about is simply restricting physical access to computers and devices that contain sensitive information. Look around your office. Do you find employees borrowing a computer terminal for a moment to look something up? Do they store passwords in plain sight or in obvious places like desk drawers?