A-Z Popular New Security Search »
Information Security
 
Related Guides

What is the Principle Of Least Privilege?

 , updated on
The principle of least privilege is a security guideline that states that code and users are granted the minimum permissions they need to complete their work.

Basis

It is common for programmers and system administrators to grant strong privileges to code and users because it generally makes their job easier. A system admin who grants users minimal permissions from the start might get dozens of requests related to permissions each day. These can be mostly eliminated with a few commands to upgrade all users to strong permissions.
Overly strong permissions often contribute to the severity of information security incidents. If a user's password is compromised it is more dangerous if they have strong permissions across a wide range of systems.

Knowledge Waste

Knowledge waste is when teams and individuals fail to share knowledge within an organization causing others to duplicate research efforts and replay mistakes of the past.
It is common for organizations to seek an environment of open document repositories and systems in order to fully leverage investments in knowledge. As such, it is perfectly common for an organization to interpret least privilege in an extremely open manner. For example, an organization may adopt the principle that access to all knowledge is a basic requirement for employees to do their job. Such a policy typically has exceptions such as trade secrets and employee records.

Process Efficiency

Organizations that strictly adopt least privilege may find it becomes something of an efficiently bottleneck. Least privilege works well with mature organizational processes such as setting up employees with every permission they need from day one. If a new employee needs to email dozens of system administrators and follow up with each before they are full set up, it can be a drag on their productivity.
Overview: Principle Of Least Privilege
Type
Definition
The principle that code and users are granted the minimum permissions they need to complete their work.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Authentication

A list of authentication techniques and considerations.

Password Entropy

An overview of password entropy.

Identification vs Authentication

The difference between identification and authorization.

Authentication vs Authorization

A few examples of the difference between authentication and authorization.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map