Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Magento meet-up

Pod1 Magento developers meet-up
July 28th 2010 at Brilliant's offices in Shoreditch

  • Identifiez-vous pour voir les commentaires

  • Soyez le premier à aimer ceci

Magento meet-up

  1. 1. Magento meet-upJuly 28th 2010<br />
  2. 2. About Pod1 and Brilliant – the Pod1 Group<br />Established 2001<br />About 100 people in London, New York, Cape Town<br />Full service digital agency: strategy, design & build, marketing<br />Magento Enterprise Partner<br />Delivered more than 20 Magentosites (15 currently in production across the Pod1 Group)<br />
  3. 3. Format<br />Nominate topics and vote<br />Brief talks, followed by discussion (maximum of 15 minutes each)<br />Closing discussion: what we love and hate about Magento<br />
  4. 4. Topics for discussion – so far?<br />Magento and PCI compliance<br />Performance tuning Magento<br />Magento localization - language translations<br />The Magento theme hierarchy<br />Other suggestions<br />
  5. 5. Magento and PCI compliance<br />What is PCI compliance?<br />What is Varien’s position on PCI compliance?<br />What are your options as a solution provider?<br />
  6. 6. What is PCI compliance?<br />Payment card security – global standard<br />PCI-DSS covers a business (e.g. a retailer)<br />applies infrastructure, software, business processes, manual records, databases<br />PA-DSS covers an application (e.g. Magento, or a chip and pin terminal)<br />applies to any application that handles card data<br />It will become a business survival issue in the next 2 years<br />
  7. 7. Varien’s position<br />Community Edition – no Varien offering on PCI compliance, you have to ensure it yourself<br />Professional and Enterprise Edition – strong encryption, security, audit trails in Magento, plus Payment Bridge (perhaps not for PE)<br />Payment Bridge – abstracts card handling into inaccessible, secure application, separate from Magento<br />
  8. 8.
  9. 9. Options as a solution provider<br />Need to get infrastructure and processes right anyway:<br />Firewalls, DMZs, IDS, IPS, scans, securing servers<br />Development, QA, deployment processes<br />Business processes<br />Community Edition is risky for PCI-DSS (limited audit and access control)<br />Professional (TBC) and Enterprise:<br />Use Payment Bridge<br />Use payment extension that doesn’t retain card data (this will need to be verifiable) – for example the Sagepay extension<br />
  10. 10. Performance tuning Magento<br />How far are people taking Magento performance-wise?<br />How are they achieving it?<br />
  11. 11. Magento localization - language translations<br />Arabic case study<br />Top tips and things to avoid<br />
  12. 12.
  13. 13. Closing discussion<br />What do you love about developing for Magento?<br />And what do you hate?<br />