PCI Compliance Email from QuickBooks: What Do You Need to Do?

If you’re a business owner, you likely use QuickBooks to manage your finances and run things efficiently and effectively. Recently, a PCI compliance email from QuickBooks appeared in QuickBooks users’ inboxes, urging them to become PCI compliant. But what does it all mean? And how can you find the right MSP to partner with you to become compliant? 

PCI Compliance Email from QuickBooks: The Message

QuickBooks users recently had this message appear in their inboxes:

“You are receiving this communication because you have an active Intuit QuickBooks Payments account.”

“PCI compliance is a global card brand requirement with the ultimate goal to help protect your customers and your business from a cardholder data breach. While Intuit products are PCI compliant, you also need to validate your business is handling payment card data safely. As a part of the Intuit Terms of Service, it is required that your business is PCI compliant.”

So, what does this all mean?

PCI compliance stands for Payment Card Industry Data Security Standard (PCI SSC). In simple terms, it’s a set of rules and regulations designed to ensure that businesses handling credit card transactions maintain a secure environment. 

Compliance is essential to prevent data breaches and safeguard sensitive financial information, such as credit card numbers and personal data. To become PCI compliant, you’ll need to follow specific security measures laid out by the payment card industry council. 

Becoming PCI Compliant: Steps and MSP Partnership

The first step to PCI compliance is to assess your current security practices and infrastructure. You’ll identify potential vulnerabilities and areas where improvements are needed. 

This process involves filling out self-assessment questionnaires or undergoing on-site audits, depending on your business’s size and the number of transactions you handle.

Next, you’ll implement security measures and best practices. This may include encryption of cardholder data, maintaining secure network configurations, regularly updating software and enforcing access controls to restrict sensitive data access only to authorized personnel.

QuickBooks tells its users that “Intuit has partnered with SecurityMetrics to help merchants become PCI compliant” and offers a discounted rate for a national managed service provider (MSP), but this isn’t the greatest idea for your business.

When you partner with a nationwide MSP, you become a cog in the machine. Response times can be slow, they might not fully understand your business or needs, and they might lack the empathy necessary to help you effectively navigate your specific PCI compliance needs.

So, how do you find the right local MSP partner to help you achieve and maintain PCI compliance? 

Finding a Local MSP: What to Look For

1. Experience and specialization. Ensure the MSP you choose has a proven track record in PCI compliance services. They should be well-versed in the specific requirements of the payment card industry and have experience working with businesses like yours.
2. Communication is crucial. Your MSP partner should be approachable and responsive to your questions and concerns. They should be willing to explain technical jargon in a way that you understand, ensuring you have full transparency in the compliance process.
3. Custom-tailored services to your unique needs. PCI compliance isn’t a one-size-fits-all solution, so the provider should work with you to address the specific security challenges of your business.
4. Consider their ongoing support capabilities. Maintaining PCI compliance is an ongoing effort, not a one-time thing. The right MSP will offer continuous monitoring, updates and support to keep your security measures up to date and effectively protect against emerging threats.
5. Don’t forget about the human factor. The best MSP partners combine technical expertise with empathy and understanding. They should empathize with the challenges you face as a business owner, especially when it comes to handling sensitive customer data.

Partnering with a knowledgeable, communicative and empathetic MSP will provide the expert support you need to achieve and maintain compliance, giving you peace of mind and allowing you to focus on what matters most: growing your business and serving your customers securely.

If you’re looking for a high-quality, local MSP to help you with PCI compliance, we highly recommend our skilled MSP clients:

Intrust IT, managed IT services in Cincinnati, OH

Aeko Technologies, IT compliance services in Dallas/Fort Worth, TX

Internos Group, business IT projects in Miami, FL

OrlanTech, managed compliance services in Orlando, FL

Merit Technologies, IT compliance and HIPAA in NC, SC and GASkyTerra Tech, digital transformation consulting in Nashua, NH and Vancouver, BC