“Morey Haber, CTO & CISO at BeyondTrust, said “The most critical step organizations should perform when trying to protect their data is to adopt a least privilege strategy for all access to sensitive data and supporting resources. As a part of privileged access management, least privilege ensures that only the appropriate privileges are given to data, systems, applications, and resources, on a need-to-know basis, to prevent excessive privileges from being used to compromise a sensitive resource. This prevents lateral movement and protects against inappropriate access by delegating access to only the owners of data and not employees or machine identities at large.”

Higher the factors, stronger the security