What the “Principle of Least Privilege” does for you? (pt. 1)

This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first!

Let’s start with a simple definition.

The Principle of Least Privilege (PoLP) is a fundamental concept in cybersecurity. It ensures that users are granted only the minimum necessary access rights required to perform their job functions.

By using this principle of information control an organisation can start to create an effective cyber security plan.

Before We Start

The first thing you have to do if PoLP is going to be part of your cyber security planning is categorise your information and organise your people. However we will be covering those topics in a future article, for today I just want to look at some of the benefits of PoLP.

Principle of Least Privilege – The Benefits

Here are some of the major reasons PoLP is a great concept to work with.

Operational Efficiency

This is a good place to start. For many managers and board members any spend on cyber security, outside of anti-virus, is looked upon as an expense not an investment. Using Principle of Least Privilege the business gains and the cyber security gains. You get the operational efficiency because PoLP limits the distractions. An example of this is; I always advocate – but not always successfully – that staff should not use the internet for anything by work related tasks. No personal internet use, no sneaking in a check of the sports results, looking at Amazon between tasks or visiting sites infected with malware.

Limit Human Error

Here is another benefit where both the business and cyber security wins. By limiting access, staff will not make a mistake and access something they are not trained to use. This reduces the risk of errors and system downtime to fix those errors, enhances overall system stability and fault tolerance. Systems that are used correctly are at less at risk of being compromised.

To be continued…

Our quick look at the benefits of the Principle of Least Privilege continues on CyberAwake where we will look at the more cyber security focused benefits.

Clive Catton MSc (Cyber Security) – by-line and other articles

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.