What is Least Privilege & Why Do You Need It?

Least privilege is a cornerstone IT security concept that pertains to restricting access rights for users, accounts, and computing processes to the minimal amount necessary to perform authorized activities. When effectively implemented, least privilege can vastly reduce organizational risk, enable user productivity, enhance systems stability, and simplify and support compliance initiatives. In practice, least privilege can be complex to effectively implement, especially when accounting for heterogeneous systems (Windows, Mac, Unix, Linux, etc.), diverse computing environments (cloud, virtual, on-prem, hybrid), diverse endpoint types (desktop, mobile, IoT, etc.), and different types of users (both internal and vendor). Over-provisioning of privileges broadens the attack surface, expands the scope of breaches when they do occur, and can negatively impact system stability. On the other-hand, if the pendulum swings too far in the other direction, user workflows and productivity can be hindered. This “back-to-basics” white paper will provide a broad overview of the cyber security context of least privilege and cover the following topics:

• Definition of least privilege and related terms
• Examples of privileged and non-privileged accounts
• Privileged threat vectors and real-world examples of attacks involving privileged accounts
• Challenges to applying least privilege
• Benefits of applying least privilege
• Least privilege strategies & best practices
• How to implement least privilege
• Helpful, related resources

Read this white paper for a broad overview of how least privilege fits across your environment, and benefit from insights into how you can incrementally implement additional least privilege measures to improve your security posture.