briteskies-knowledge-base

What Happens When You Don't Hire a Certified Developer?

Navarr Barnier
November 2015

why_hire_certified_developerYou know it’s important to hire a certified Magento developer for all that they bring to the table: access to the Magento Resource Library and Technical Support, and experience in the Enterprise and Community. But what happens when you don’t use a certified developer? Unfortunately for a recent client, our Magento team found out during a site audit.

We inherited a recent B2C client’s Magento Community environment, which had been initially implemented by an offshore development partner. When it was time to update their site, the client came to our team of certified Magento developers for the job.

To kick off the project, our team executed a full site audit. Below are some of the issues that they came across:

Credit Card Skimming

The client had been using the default credit card module in Magento but upon our team’s audit, a core code modification was discovered. With this modification, a customer’s billing information was sent off to a third party’s email address upon checkout.

Given the setup of the modified code, it is very unlikely that the site had been hacked. This means that the previous development team had set up a code to collect credit card information as well as the customer’s personal information. A certified Magento developer would not illegally distribute customer information, and they would ensure that everything involving payment methods is PCI Compliant.

Additional Code Changes

Additional core code modifications were made that distributed admin and customer credentials to a third-party email address. This meant that each time someone logged into the site, whether admin or customer, their username and password was being sent off to an unknown party.

This customer login information was being sent to one email address, while admin login information and the previously mentioned credit card info were being sent to a different email address.

Incorrect Theme Implementation

This Community site was running the basic Magento Ultimo theme, however when it was installed it was not properly extended. Instead, when updates or changes were made, they simply overrode the theme without making it duplicate.

This setup makes it difficult to update the site without accidentally overriding any changes made to the theme.

The Solution

In order to fix these preventable issues, our Magento team will have to complete a full Magento reimplementation. The code could have been compromised even more than what was previously discovered, and a full-site code review would take just as much time as, if not more than, a reimplementation. This fix will also ensure that the site theme is extended correctly.

The cost of properly setting up an eCommerce site can seem prohibitive, but it is always better to hire a certified professional than a low-cost, uncertified alternative, as cleaning up after them can often cost more than hiring the right development team from the start. As our developers like to say, “If you think professionals are expensive, wait until you hire an amateur.”

Read more about the key benefits of partnering with a company that uses  certified developers. Click to Download

A Great Offer, Just a Click Away

Lorem ipsum dolor sit amet, consectetur adipiscing elit

Subscribe by Email

No Comments Yet

Let us know what you think