Page 1 of 1
PCI Compliance
Posted: Tue Mar 25, 2014 10:52 am
by wildman
I received the notice that Windows XP will no longer be PCI compliant once Microsoft ends it. Will we still be PCI compliant if the XP machine is not set up for credit card processing? It's the office and is used for po's and reports. Out Registers are Windows 7 & Windows 8. All three machines are on the same network.
Re: PCI Compliance
Posted: Tue Mar 25, 2014 12:19 pm
by RetailEdge Moderator
We are of the mind that all XP machines should be upgraded/replaced. If you have an XP machine that is on the network and it gets compromised then you have the potential for malware, etc. to get to the other machines on the network. It really is up to your processor to make the assessment that your network is PCI compliant or not. So if you have specific questions about PCI compliance you should direct your questions to them. Our processing partners will most likely tell you that the XP machines have to go. But since they are the ones that are providing breach insurance and helping you fill out the SAQs, I will defer to them.
wildman wrote:I received the notice that Windows XP will no longer be PCI compliant once Microsoft ends it. Will we still be PCI compliant if the XP machine is not set up for credit card processing? It's the office and is used for po's and reports. Out Registers are Windows 7 & Windows 8. All three machines are on the same network.