least privilege


Also found in: Medical.

least privilege

A basic principle in information security that holds that entities (people, processes, devices) should be assigned the fewest privileges consistent with their assigned duties and functions. For example, the restrictive "need-to-know" approach defines zero access by default and then opens security as required. All data in a corporate network would be off-limits except to specific people or groups (see role-based access control).

In contrast, a less-restrictive strategy opens up all systems and closes access as required; for example, allowing employees access to all systems except human resources and accounting, which would be limited to only employees in those departments.
References in periodicals archive ?
The solution enables BeyondTrust customers to experience the benefits of end-to-end least privilege, faster and with less complexity across almost all environments, including critical network devices.
Castle recommends adopting the principle of least privilege.
Government agencies and enterprises can rely on PowerBroker to achieve least privilege on Unix and Linux systems, which nearly every recent Federal Cybersecurity mandate stresses as being a critical step to securing information systems.
Be granular: Implement granular least privilege policies to elevate applications, not users.
Now also available for ICS assets as part of the CyberArk Privileged Account Security Solution, CyberArk Viewfinity can help customers defend against malware and ransomware attacks by combining least privilege and application control to reduce the attack surface and block malware progression.
Staying up to date with software and operating system patches is one of the top ways to protect yourself from threats, along with running at least privilege and application whitelisting.
Account Weakness and Compliance ARC: Allows organizations to improve access control measures by developing and enforcing user management policies, including effective passwords, account transition and least privilege policies.
a Waltham, Massachusetts-based provider of Windows least privilege management and application control software for USD 30.
The principle of least privilege simply means that no person, machine, or system should have access to things they don't strictly need.
Using such a system in a least privilege setting offers a way of blocking harmful applications (which often ask for admin rights to gain control of a target) while allowing 'standard' users to elevate these privileges according to pre-defined policies.
During the theatre presentation, Brian Hanrahan, Avecto Senior Systems Consultant, will explain how least privilege management empowers users with the privileges they need to perform their roles, without compromising the security of the corporate network.
The business rules exist independent of the processes, enabling users to delegate the management of those rules in accordance with the principle of least privilege.

Full browser ?