Principle of Least Privileges (PoLP)

In information security,  the principle of least privilege (PoLP), AKA the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in users in the organization should only be granted resources according to the immediate requirement of the task at hand.

What is the principle of least privilege Why is it important?

The Least Privilege Principle declares that a subject should have access to the minimum privilege required to complete a specific task. If no access right is needed, the subject won’t have it. Moreover, the functional management of the subject will control the assignment of rights. 

FAQs

  • What violates the principle of least privilege?

    The Least Privilege Principle declares that a subject should have access to the minimum privilege required to complete a specific task. If no access right is needed, the subject won’t have it. Moreover, the functional management of the subject will control the assignment of rights. In addition, the principle is also interpreted for the application of advancing discretionary access control (DAC) permissions. For instance, if you provide subject U with read/write access to a particular file F, the least privilege principle is violated since U can complete the tasks using only read permission. 

  • How do you implement the principle of least privilege?

    Here’s how you can apply the Least Privilege Principle for cloud space:
    – Explore and organize the sensitive data
    – Apply the Role-Based Access Control (RBAC) policy
    – Remove inactive user accounts from the system
    – Kee real-time tracking of privileged accounts
    – Allow Just-in-time (JIT) access and execute dynamic access controls