Principle of Least Privilege (PoLP)

Category: infrastructure

The security practice of limiting user access rights to only the absolute minimum necessary to perform their job.

PoLP ensures that standard user profiles lack administrative execution capabilities. By segmenting permissions granularly, a compromise of a standard account limits the threat actor's blast radius, preventing systemic file alterations or unauthorized mass data exports.

Common Examples

  • We audited our database permissions according to the principle of least privilege, stripping structural delete rights from analytics profiles.
  • Applying PoLP across the network prevents contractors from viewing sensitive customer payroll directories.

AvoCoLab – Community, News & Market Intelligence