Security Glossary

Principle of Least Privilege (PoLP)

The practice of giving each user or system the minimum level of access - permissions - necessary to do their job, and nothing more. By limiting privileges, you reduce the damage that can occur if an account is compromised or misused.

For example, an intern might only have read access to certain files, not edit or admin rights, since they don't need those to perform their role. Similarly, if an employee only uses a database to query information, they shouldn't have permissions to delete or modify data in that database.

Least privilege is a cornerstone of security because it contains potential incidents; even if a low-level account is hacked, the attacker hits a limited wall.

In small businesses, this might mean not everyone is an admin - you carefully assign admin rights only to those who truly need it. This principle helps prevent accidents and insider misuse as well, by reducing the "blast radius" of any single account.

Category:
Access Control & Identity Management
Let's Talk

Simplify your security, strengthen your business.

Not sure where to start? Book your free 15-minute chat and we’ll guide you through it.

Book a Call