Privilege Creep

Category: business

The gradual accumulation of access rights and permissions by an employee over time, exceeding their actual job requirements.

Privilege creep occurs when an associate switches roles within a firm or joins a special project team: they receive new software permissions but their legacy access keys are never deleted, resulting in a bloated profile that violates least-privilege standards.

Common Examples

  • Executing a bi-annual access control sweep allows our infrastructure group to identify and eliminate privilege creep across our server cluster.
  • Privilege creep significantly expands an organization's internal surface risk if an account profile is compromised by ransomware.

AvoCoLab – Community, News & Market Intelligence