least privilege

Least privilege is a security principle that means giving people only the access they need to do their specific job—all other permissions are restricted. For example, an employee handling customer service might be able to view customer records but not alter them or access sensitive financial data. This approach minimizes the risk of accidental or intentional damage, theft, or breaches by limiting unnecessary access. By restricting permissions, organizations better protect their systems and data from potential threats, ensuring that users can perform their roles efficiently without exposing sensitive information or systems to unnecessary risk.