Least privilege is a cornerstone IT security concept that pertains to restricting access rights for users, accounts, and computing processes to the minimal amount necessary to perform authorized activities. When effectively implemented, least privilege can vastly reduce organizational risk, enable user productivity, enhance systems stability, and simplify and support compliance initiatives.
In practice, least privilege can be complex to effectively implement, especially when accounting for heterogeneous systems (Windows, Mac, Unix, Linux, etc.), diverse computing environments (cloud, virtual, on-prem, hybrid), diverse endpoint types (desktop, mobile, IoT, etc.), and different types of users (both internal and vendor).
Over-provisioning of privileges broadens the attack surface, expands the scope of breaches when they do occur, and can negatively impact system stability. On the other-hand, if the pendulum swings too far in the other direction, user workflows and productivity can be hindered.
This “back-to-basics” white paper will provide a broad overview of the cyber security context of least privilege and cover the following topics:
Read this white paper for a broad overview of how least privilege fits across your environment, and benefit from insights into how you can incrementally implement additional least privilege measures to improve your security posture.