least privilege

term

securitygovernance & risk

Stands for: principle of least privilege (PoLP)

Giving each user or process only the access it needs to do its job, and no more.

The principle of least privilege shrinks the blast radius of any compromise: an account that can do little is worth little to an attacker. It is simple to state and endlessly hard to maintain, which is why access reviews exist.

Also known as: least-privilege, polp, principle of least privilege

All glossary entries