Least privilege, also known as principle of minimal privilege, refers to the practice of limiting access rights of modules like users and accounts to only those who are required for the company processes. It is a principle that aims to only provide the minimum access rights needed for a user to do his job. Least privilege can help improve security and productivity.
- By keeping access rights to a minimum, the attack surface that exploiters can use are greatly diminished.
- Least privilege prevents malware infection. Malware won’t be able to propagate since it will not be able to elevate processes that are required for its execution.
- Implementing least privilege will not only minimize downtime risks but also boost your operational performance.
- Least privilege can make audits easier since the activities that needs to be assessed are reduced.
- It is easier to achieve and maintain compliance to regulatory standards like HIPAA, PCI DSS, SOX and more.