least privilege


Also found in: Medical.

least privilege

A basic principle in information security that holds that entities (people, processes, devices) should be assigned the fewest privileges consistent with their assigned duties and functions. For example, the restrictive "need-to-know" approach defines zero access by default and then opens security as required. All data in a corporate network would be off-limits except to specific people or groups (see role-based access control).

In contrast, a less-restrictive strategy opens up all systems and closes access as required; for example, allowing employees access to all systems except human resources and accounting, which would be limited to only employees in those departments.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
References in periodicals archive ?
While common security models should be applied to the cloud as they are on-premises, workloads running in the cloud require new solutions for least access and least privilege that are more dynamic and less reliant on managing shared accounts and static passwords.
Centrify Zero Trust Privilege helps customers grant least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment.
"This official also could not explain why administrators had not applied least privilege controls to the MarAd service account we accessed," according to the report.
Now integrated with BeyondTrust's BeyondInsight platform, organizations can achieve critical security and compliance requirements of enterprise-wide least privilege more quickly and easily than ever before.
You can't trust a static password anymore, and every organization should adopt a mindset of "Never Trust, Always Verify, Enforce Least Privilege."
There are a set of generally accepted security principles that should be implemented to reduce the risk of cyber-attack, they include: open design, compartmentalization, perimeter defence and minimisation of attack surface, defence in depth, and least privilege.
* Role-based access controls and permissions with least privilege based on function to do the tasks of the job
* Privileged Access Management - The management of all privileged access into the Blockchain environment-from operating system to web applications including password management, least privilege access, session management, keystroke logging, and application to application key and password management.
Pairing Avecto with Bomgar's privileged account and session management technology will enable businesses to fully implement the principle of least privilege and defend themselves against threats.
In the context of protecting personal information, which of the following is the best description of the principle of least privilege?
The objective of the Windows File Server Audit/Assurance Program is to ensure that auditors are mitigating network risks, enhancing operating-system security and providing administrator access based on the principle of least privilege, in an effort to ensure that data is properly stored and managed in Windows File servers.

Full browser ?