We have been writing about the PCI requirements that systems that touch cardholder data must be current, supported by the software vendor and most importantly must receive security updates from the OS vendor.   In the case of Windows XP which Microsoft announced last year will be going End of Life and End of Service this month many merchants and banks will be out of compliance and consumers will be at risk.

We will see a lot of press coverage on this topic in the coming days as most ATM machines run on the Windows XP platform.  PrivacyAtlas is also aware that many hotels run their front desk applications on XP as well.

We are confident banking institutions will address the software upgrades in a timely manner but what about the hotels?  If we have learned anything from our consulting work the smaller hotels will ignore this change.

Posted in: Hospitality