The principle of least privilege is a guideline of information security that states any entity or module in an information system must be given access only to the information or privileges required to function properly, and no more. The concept is useful when building or organizing a safe and secure infrastructure or system.
When applied to everyday computer usage, every user in a system receives the rights and access to the system resources that are necessary and sufficient to be able to execute all tasks he or she is required to do. The user is denied access to all other privileges and system resources. This way, the user is prevented from accessing sensitive and critical sections of the system and from potential malicious behavior.
For example, an employee in a corporation is given just enough rights as is required for him to perform his job activities. Access to the control panel of the computer, authority to change network settings and rights to install additional software are a few examples of activities that a company would want to restrict rights to.
This concept could also apply to home users, such as when young family members need to have restricted privileges or be monitored for safety purposes. For example, children should not be given the right to change the privacy settings of the Internet browser, but they should be given just enough rights needed to use the Internet productively.
For more tips on securing workplace resources, refer to A Workplace Danger: The Insider Threat.
Share your comments, feedback or questions about this article and other topics. Go to our blog 
or our Facebook group .
Print view
Email to a friend
Submit to Reddit
Save to del.icio.us
Submit to Digg.com
Stumble It!