Skip to main content

Posts

Showing posts from 2018

Beware the PCI compliance salesperson!

I've been having a conversation with a client about PCI compliance and realised that there's a basic fact that really should be made very clear. Any provider that tells you that they're going to solve all your PCI compliance issues only by switching payment providers is lying. PCI compliance cannot be solved purely by switching providers. PCI compliance involves how you handle credit card credentials everywhere, not just on your website. If you are inputting credit cards numbers that someone has sent you by email, phone, or letter, then you have a compliance issue. Anyone who is selling you a service to solve your PCI compliance issues and doesn't explain that to you is not trustworthy.In this case, it was a Braintree salesperson that I'm calling out. Braintree is a division of Paypal, and I would expect better of them. To be fair, some aspects of PCI compliance may be easier with some providers compared to others. But you're not off the hook, you can't sel…

Ontario PCs, get your email domain straight!

I've been working with SCI Ontario on a campaign to engage the candidates in the upcoming Ontario election on issues related to spinal cord injuries. Take a look at the main campaign page.

Part of the campaign is to provide a form that allows the public to send emails to the candidates of their riding. I've been using OpenNorth to get the candidate data, and it's great.

Except for the Ontario PCs, because almost none of their email addresses @ontariopc.ca work.

So this morning we noticed that Doug Ford is advertising his address @ontariopc.com, presumably touting his business-friendly attitude and assuming a ".com" is more business-like that ".ca".

So we retried the candidate addresses, this time using @ontariopc.com, and none of the candidates are setup at that domain.

What does this tell you about Doug Ford's potential administration? Leaving it as an exercise for the reader ...