Cybersecurity terms - least privilege
Updated: Mar 23
The concept of least privilege relates to users having an account on a computer/system that has the absolute minimum permissions needed to do their work.
If a criminal manages to access a computer or system via stolen administrative privileges they can more easily move laterally through the computer network, exfiltrate data, and remain undetected for a longer period of time. However, if a criminal gains access to the computer credentials of a person with limited access, then the criminal is restricted on what they can do.
While it is understandable that some computer users in a business environment may want the flexibility and freedom to download and update software on their work computer themselves, this can cause a significant cybersecurity risk to the computer, data, and system. For home users, good practice is to create two accounts on home computers, one with the administrative rights and a secondary account without administrative rights that serves as the everyday computer account
Restricting administrative rights, using the concept of least privilege, will allow users to continue their work while reducing the attack surface for criminals.
Written by A. Turner
© A. Turner 2021 https://www.demystifycyber.com.au/
Provided for general information and education purposes