Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Magento meet-up

Pod1 Magento developers meet-up
July 28th 2010 at Brilliant's offices in Shoreditch

  • Loggen Sie sich ein, um Kommentare anzuzeigen.

  • Gehören Sie zu den Ersten, denen das gefällt!

Magento meet-up

  1. 1. Magento meet-upJuly 28th 2010<br />
  2. 2. About Pod1 and Brilliant – the Pod1 Group<br />Established 2001<br />About 100 people in London, New York, Cape Town<br />Full service digital agency: strategy, design & build, marketing<br />Magento Enterprise Partner<br />Delivered more than 20 Magentosites (15 currently in production across the Pod1 Group)<br />
  3. 3. Format<br />Nominate topics and vote<br />Brief talks, followed by discussion (maximum of 15 minutes each)<br />Closing discussion: what we love and hate about Magento<br />
  4. 4. Topics for discussion – so far?<br />Magento and PCI compliance<br />Performance tuning Magento<br />Magento localization - language translations<br />The Magento theme hierarchy<br />Other suggestions<br />
  5. 5. Magento and PCI compliance<br />What is PCI compliance?<br />What is Varien’s position on PCI compliance?<br />What are your options as a solution provider?<br />
  6. 6. What is PCI compliance?<br />Payment card security – global standard<br />PCI-DSS covers a business (e.g. a retailer)<br />applies infrastructure, software, business processes, manual records, databases<br />PA-DSS covers an application (e.g. Magento, or a chip and pin terminal)<br />applies to any application that handles card data<br />It will become a business survival issue in the next 2 years<br />
  7. 7. Varien’s position<br />Community Edition – no Varien offering on PCI compliance, you have to ensure it yourself<br />Professional and Enterprise Edition – strong encryption, security, audit trails in Magento, plus Payment Bridge (perhaps not for PE)<br />Payment Bridge – abstracts card handling into inaccessible, secure application, separate from Magento<br />
  8. 8.
  9. 9. Options as a solution provider<br />Need to get infrastructure and processes right anyway:<br />Firewalls, DMZs, IDS, IPS, scans, securing servers<br />Development, QA, deployment processes<br />Business processes<br />Community Edition is risky for PCI-DSS (limited audit and access control)<br />Professional (TBC) and Enterprise:<br />Use Payment Bridge<br />Use payment extension that doesn’t retain card data (this will need to be verifiable) – for example the Sagepay extension<br />
  10. 10. Performance tuning Magento<br />How far are people taking Magento performance-wise?<br />How are they achieving it?<br />
  11. 11. Magento localization - language translations<br />Arabic case study<br />Top tips and things to avoid<br />
  12. 12.
  13. 13. Closing discussion<br />What do you love about developing for Magento?<br />And what do you hate?<br />