Business Musings of a Burbank CPA: Protecting Clients’ Credit Card Numbers

Does your business ask your customers for their credit card numbers at any time during the sales process? If so, it’s essential that you honor the privacy of your customers’ private data as well as stay in compliance with the Payment Card Industry rules.

 
Every business that has an account with a merchant services vendor is required to follow PCI (Payment Card Industry) compliance when collecting and storing credit card data. There are many different levels of compliance depending on the technology you use to capture and store credit card data. These levels depend on whether you use a point of sale terminal, the customer hands you their card, orders are entered through an online shopping cart, or a combination.
 
In all cases, there are several no-no’s that you’ll want to share with your staff to make sure they are properly trained:
  1. Never ask a client to send a credit card number via unsecure email.
  2. Never take down a credit card number over the phone on paper before entering it into your system. If you do, you need to shred the paper immediately.
  3. Don’t ask clients to take a photo of their credit card to send to you.
If you need to use credit card authorization forms in your business, you’ll need to consider the proper collection of these forms as well as the proper storage. Storing a credit card outside any system requires you to follow further PCI compliance steps.
  1. After a client has signed and completed the credit card authorization form, you will need to provide a secure, encrypted email connection for them to send it back to you. Alternately, you can set up a private client portal for them using Box, DropBox, ShareFile, or another generic portal or file transfer app. Just sending a pdf via email is not a great idea unless the PDF is password-protected and the password is sent via secure, encrypted email.
  2. Once you’ve received the form on your end, you’ll need to keep it in a secure place. If you print or download it, you’ll need to follow physical building security protocols to stay in compliance with PCI as well as to protect the customer data.
It’s not a surprise that so many credit cards get hacked each year. It’s inconvenient to customers and vendors when their credit card gets compromised, and much of this can be prevented through proactive and safe measures. Respect your customers and help them keep their credit card data safe.

 

 

Fraud - Online Dollar Pointing For financial,  accounting and tax musings,

You can count on us to count for you!

Email: bstonercpa@sbcglobal.net  Phone: 818-317-6035  Website: www.briantstonercpa.com

SELECTED TO THE FORBES TOP 100 MUST-FOLLOW TAX TWITTER ACCOUNTS FOR 2019 

ALSO CHOSEN AS ONE OF TOP 18 TAX SERVICES IN LOS ANGELES FOR 2019 BY EXPERTISE.COM!

 
StonerLogo122813   has been featured on
  
twitterhttps://twitter.com/bstonercpa

Musings of a Burbank CPA: Customer Portals and Are They For You?

If you have a business where you have to send documents of any kind to your customers, then you may benefit from a portal.  You can save time on customer service and possibly postage and labor.  You will also look most professional while increasing service delivery. 

 
What Is a Portal?
 
A portal is software in the cloud that allows users to upload and download files from a secure space that only they have access to.   For each client you have, you can set up a private virtual filing cabinet where only you and the client will have the key.  Your client will have their own user ID and password into their area of the portal.  There, they can upload and download documents.  Some portals also have secure signature capability to help you take the paperwork out of obtaining signatures. 
 
How Can I Use a Portal?
 
Think of all the paperwork that occurs between you and your customer, and that will give you several ideas about how to use a portal.  If your business is data-intensive, you will definitely benefit from a portal; imagine moving all of those documents out of email and into a clean, private filing folder in the cloud. 
 
Businesses that would benefit the most include:
 
  • Any small business with remote employees: a portal can be where they pick up and drop off work.
  • Mortgage companies where the loan officers are collecting a great deal of information for the underwriters.
  • Construction companies: each subcontractor could access the schedule, estimates, material details, invoices, and certificates of insurance.
  • Real estate agents to collect the details of home purchases and sales
  • Accountants, attorneys, consultants, coaches, and other professionals who deal with private customer information.
  • Web design, ad agency, and marketing companies
 
Types of documents and files you can upload and download from portals include:
 
  • Contracts, estimates, and legal documents
  • Invoices and credit card authorizations
  • Instructions and training materials and aids
  • Company policies and procedures
  • Brochures and marketing materials
  • Reports and spreadsheets
  • Forms and applications, blank and completed
  • Graphics, drawings, and photos
 
You don’t necessarily have to set up a portal for every client; perhaps it’s cost-effective to use a portal on your largest customers or vendors. 
 
Where Can I Find a Portal?
 
One of the leading vendors in the portal space is Citrix Sharefile.  You can find them here: 
 
http://www.sharefile.com/
 
Your industry may have specific solutions for you as well, especially if you have regulations such as HIPAA that you need to follow. 
 
You may also have heard of DropBox and Box.net.  These companies offer file transfer and don’t have a dedicated user area, so they are useful, but a bit different than a portal.    
 
Look for software that provides each user with their own unique login, and that will distinguish the software as a true portal. 
 
If you decide to implement portals for your business, you can private-label them with your logo and place a direct link to your portal login page for easy client access. 
 
Using portals will keep your inbox cleaner, save time looking for lost emails and documents, and help you look professional in the eyes of your clients. 
 
A Final Note:  As a CPA, I have used Citrix Sharefile for many years now as a tool for me to send tax documents to clients and third parties (with client permission) and provide a secure link to email me their documents.

 

Dollar in ComputerFraud - Online For financial,  accounting and tax musings,

You can count on us to count for you!

Email: bstonercpa@sbcglobal.net  Phone: 818-317-6035   Website: www.briantstonercpa.com

AWARDED BEST ACCOUNTANT IN BURBANK, CA BY BEST BUSINESSES 2016, 2015 AND 2014!

download_app  Android and the IPhone:

 
StonerLogo122813 Has been Featured On

CNN_v2MARKET WATCH LOGO MIAMI HERALD LOGO

twitterhttps://twitter.com/bstonercpa

Musings of a Burbank CPA: Working from home – how to stay productive.

As someone who flirted with using a home office when I started my CPA firm almost five years ago, I can appreciate ways to be productive in that situation.  See this post in The Christian Science Monitor by Dan Rafter for a list of five things to help with home office productivity:

http://www.csmonitor.com/Business/Saving-Money/2015/0720/Working-from-home-How-to-stay-productive?utm_campaign=Daily+Clips&utm_source=hs_email&utm_medium=email&utm_content=20702528&_hsenc=p2ANqtz-_pUVKUwG9KbyeYXKcUI-Sg3o-Br0QnvegdKnVz2lG_eJFKVo-ycQj8dAUVh03Dt-LUv6mBrp3Hm2HVNxYdYsAnUSxvFQ&_hsmi=20702528

The biggest problem with my home office was two-fold.  First it was impossible to sit down with clients at home, so I needed at least a conference room or small office to meet with people. Second and most important, the area used as an office was an extension of our den, where the big TV was.  It made working at home just about impossible, so I finally rented an office in an executive suite that I still have.  Working at home is great for many, just not for me.

 Strong Money Flexing 2012Tax Preparer  For financial,  accounting and tax musings,

You can count on us to count for you!

Email: bstonercpa@sbcglobal.net  Phone: 818-317-6035   Website: www.briantstonercpa.com

download_app  Android and the IPhone:

 
StonerLogo122813 Has been Featured On

CNN_v2MARKET WATCH LOGO MIAMI HERALD LOGO

twitterhttps://twitter.com/bstonercpa