least privilege

(redirected from Principle of least privilege)
Also found in: Acronyms, Wikipedia.

least privilege

A basic principle in information security that holds that entities (people, processes, devices) should be assigned the fewest privileges consistent with their assigned duties and functions. For example, the restrictive "need-to-know" approach defines zero access by default and then opens security as required. All data in a corporate network would be off-limits except to specific people or groups (see role-based access control).

In contrast, a less-restrictive strategy opens up all systems and closes access as required; for example, allowing employees access to all systems except human resources and accounting, which would be limited to only employees in those departments.
References in periodicals archive ?
However, this violates the principle of Least Privilege and presents significant security problems; end-users have the ability to circumvent all local computer security," said John Moyer, DesktopStandard's President and CEO.
Privileged User Trends: Allows organizations to manage the principle of least privilege by identifying database user privilege levels and tracking privilege level trends over time.
Microsoft's introduction of User Account Control (UAC) in Windows Vista brought the principle of Least Privilege to the forefront for security professionals and spotlighted some of the challenges of removing administrative privileges from end-users.
The Principle of Least Privilege is a security best practice that states each subject in a system should be given the most restrictive set of privileges necessary to complete their authorized tasks in order to limit damage from accident, error or unauthorized use.
The Principle of Least Privilege suggests that all users should be limited to only the privileges necessary for required tasks.
The Principle of Least Privilege is a security best practice developed by the Department of Defense over 30 years ago.
Originally developed by the Department of Defense over 30 years ago, the Principle of Least Privilege states that each subject in a system should be given the most restrictive set of privileges necessary to complete their authorized tasks in order to limit the damage resulting from accident, error or unauthorized use.
Follow the Principle of Least Privilege in setting user access controls, permissions, and rights
Keith Brown, Network Administrator for Gwinnett Health System, a Georgia Medical Center that serves nearly a half million patients per year, stated, "PolicyMaker Application Security is an invaluable part of our strategy to enforce the Principle of Least Privilege.

Full browser ?