Enforcing the Principle of Least Privilege
Another core security principle is the principle of least privilege. Users, resources, and applications should be given the rights and permissions to perform necessary tasks, and nothing else.
For example, if users need access to project data on a computer, they should be given minimal access to that data. A gross violation of the principle is to give these users full administrator access. Yes, they will be able to access the project data with administrator access, but they can also do anything else on the computer. Some administrators may be tempted to give everyone administrator access instead of managing the permissions. Admittedly, this is easier in the short term. However, people can accidentally ...
Get Microsoft® Windows® Security: Essentials now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
