• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Magento meet-up

Magento meet-up



Pod1 Magento developers meet-up

Pod1 Magento developers meet-up
July 28th 2010 at Brilliant's offices in Shoreditch



Total Views
Views on SlideShare
Embed Views



6 Embeds 285

http://blog.pod1.com 274
http://www.pod1.com 5
http://translate.googleusercontent.com 2
http://www.linkedin.com 2
http://pod1.pod1local.com 1
https://www.linkedin.com 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Magento meet-up Magento meet-up Presentation Transcript

    • Magento meet-upJuly 28th 2010
    • About Pod1 and Brilliant – the Pod1 Group
      Established 2001
      About 100 people in London, New York, Cape Town
      Full service digital agency: strategy, design & build, marketing
      Magento Enterprise Partner
      Delivered more than 20 Magentosites (15 currently in production across the Pod1 Group)
    • Format
      Nominate topics and vote
      Brief talks, followed by discussion (maximum of 15 minutes each)
      Closing discussion: what we love and hate about Magento
    • Topics for discussion – so far?
      Magento and PCI compliance
      Performance tuning Magento
      Magento localization - language translations
      The Magento theme hierarchy
      Other suggestions
    • Magento and PCI compliance
      What is PCI compliance?
      What is Varien’s position on PCI compliance?
      What are your options as a solution provider?
    • What is PCI compliance?
      Payment card security – global standard
      PCI-DSS covers a business (e.g. a retailer)
      applies infrastructure, software, business processes, manual records, databases
      PA-DSS covers an application (e.g. Magento, or a chip and pin terminal)
      applies to any application that handles card data
      It will become a business survival issue in the next 2 years
    • Varien’s position
      Community Edition – no Varien offering on PCI compliance, you have to ensure it yourself
      Professional and Enterprise Edition – strong encryption, security, audit trails in Magento, plus Payment Bridge (perhaps not for PE)
      Payment Bridge – abstracts card handling into inaccessible, secure application, separate from Magento
    • Options as a solution provider
      Need to get infrastructure and processes right anyway:
      Firewalls, DMZs, IDS, IPS, scans, securing servers
      Development, QA, deployment processes
      Business processes
      Community Edition is risky for PCI-DSS (limited audit and access control)
      Professional (TBC) and Enterprise:
      Use Payment Bridge
      Use payment extension that doesn’t retain card data (this will need to be verifiable) – for example the Sagepay extension
    • Performance tuning Magento
      How far are people taking Magento performance-wise?
      How are they achieving it?
    • Magento localization - language translations
      Arabic case study
      Top tips and things to avoid
    • Closing discussion
      What do you love about developing for Magento?
      And what do you hate?