What’s the best way to handle Windows XP-based point-of-sale systems and ensure PCI DSS compliance?

Eric Parizo Eric B. Parizo, Executive Editor Profile: Eric Parizo
Tags:
PCI DSS
Windows XP

4 Replies to this discussion

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members reply.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • SRamaiah
    Enumerate the risks and possible compensating controls at the organization level. QSA should make the organizations aware of the possible risks. Compensating controls may depend upon each country, organization and the local environment it operates.
    20 pointsBadges:
    report
  • Eric Parizo
    Thanks for the comment! Unfortunately there may be no viable compensating controls for XP-based POS systems. I think the SSC should provide more specific guidance for QSAs, but it sure seems like it'd be hard for a QSA to approve any compensating control given the risk effectively unpatchable XP-based POS systems present.
    2,555 pointsBadges:
    report
  • Genderhayes
    POS systems be running out-of-date operating systems, Microsoft will also stop providing services such as security patch updates essential to keeping the system safe from cyber attacks. Without these updates, POS system that run XP are no longer PCI compliant resulting in increased susceptibility to viruses and credit card fraud.
    6,605 pointsBadges:
    report
  • Eric Parizo
    Correct. The cost of replacing or upgrading XP POS systems is untenable for all but the largest retailers, and yet the risk of keeping it seems equally unacceptable. Very tough situation for retailers. It's a storyline we'll be following closely on SearchSecurity.
    2,555 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following