Many love to bash the standard as the “low bar” for security, but when it comes to “install and maintain a firewall configuration to protect cardholder data,” special attention to these five components (out of 21 outlined in Requirement 1), will a set a high, sustainable standard (yes&really!) for both security and PCI compliance. Many organizations still don’t have a change process in place or, if they do, it is too loose or relies on good will rather than formal procedures.”]