What Is the Principle of Least Privilege?

This short video explains what the principle of least privilege is and how it can help you minimize the insider threat.

The principle of least privilege is by no means new, but it remains one the most important concepts in IT security. Limiting the access rights of users to the bare minimum they need to do their jobs is highly effective in enhancing the security of today’s complex IT environments.

Remember Edward Snowden, who leaked sensitive data from the U.S. National Security Agency? Although many factors contributed to this incident, one thing is abundantly clear: He had far more privileges than he needed to do his job. Even though his highest-level task was creating database backups, he was given administrative access rights to critical data and systems. By abusing those excess privileges, Snowden was able to leak an estimated 1.7 million sensitive files. In response, the NSA announced the drastic action of revoking 90% of high-level permissions from system administrators in order to improve its least-privilege posture.

Adhering to the principle of least privilege brings solid benefits to your organization:

• Smaller attack surface — It’s harder for users to compromise what they don’t have access to.
• Better operational performance – Restricting privileges to the bare minimum reduces the chance of deliberate or accidental system changes that could lead to downtime.
• Improved compliance audits — Most regulatory standards require that users be given only the privileges required for their job responsibilities, so implementing least privilege is a critical step toward achieving compliance.