The principle of least privilege aims to give users all the rights they need to do their work, but nothing more. This prevents a compromised account or infected machine from getting access to data or programs.
The model of least privilege for access to information allows the window of attack of a corrupted account to be reduced without harming users’ daily requirements. It denies access to data not relevant to the user profile.
There are few techniques to implement in order to ensure the principle of least privilege :
- HR should conduct a privilege audit : By assessing who has access to what regarding the privileges involved, we make sure no one has access to more than (s)he should have. This process should happen regularly.
- All account should start with least privilege : the high privileges should only be added when it's necessary instead of starting all accounts with admin access.
- A time frame should follow temporary higher privilege : expiring privileges and one-time-use credentials can be used in this context.
- Separation of privileges should be enforced : standard accounts must be separated from admin accounts as well as higher level system from lower ones.
As NIST says : "Standards, guidelines, reference implementations and validation programs related to Personal Identity Verification (PIV) of employees and contractors are critical for securing access to computing devices and physical facilities."