// THREAT DETECTION AND DATA PRIVACY TERM
Least Privilege
Least privilege is a security principle that dictates users, programs, or systems should only be granted the absolute minimum permissions needed to perform their intended functions. This approach limits the potential damage if an account or system is compromised.
TECHNICAL DEFINITION
Least Privilege is a foundational cybersecurity principle and access control mechanism where every subject (user, process, application) is granted only the essential authorization rights and access permissions required to execute its legitimate functions, thereby reducing the attack surface, mitigating the impact of security breaches, and preventing unauthorized actions.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Principle of Least Privilege
- PoLP
- Minimum Necessary Permissions
- Need-to-Know Access
- Restricted Access
- Limited Privileges
USAGE NOTE
Implementing least privilege is crucial for reducing an organization's attack surface and is a cornerstone of zero-trust security architectures.
DEVELOPERS
Organizations developing technology related to Least Privilege.
CyberArk is a global leader in Identity Security, specializing in Privileged Access Management (PAM) solutions that are foundational for enforcing least privilege principles across enterprises.
BeyondTrust provides comprehensive solutions for privileged access management, remote access security, and vulnerability management, all designed to enforce least privilege and reduce attack surfaces.
Delinea (formed by the merger of Thycotic and Centrify) offers cloud-ready Privileged Access Management (PAM) solutions that help organizations achieve least privilege by securing privileged credentials and controlling access.
Microsoft offers a wide range of security products, including Azure Active Directory and Microsoft Defender for Identity, which provide identity and access management capabilities crucial for implementing and maintaining least privilege.
AWS provides robust Identity and Access Management (IAM) services that allow customers to define granular permissions and enforce least privilege access to cloud resources and services.
SailPoint specializes in identity governance solutions that help organizations manage digital identities and access, ensuring that users have only the necessary permissions to perform their job functions, thereby enforcing least privilege.
Okta is a leading independent provider of identity for the enterprise, offering solutions for single sign-on and access management that enable organizations to enforce granular access policies consistent with least privilege principles.