A security principle holding that users should be allocated the least possible set of privileges on a computer system. For security reasons, users should be given only the amount of privileges needed to complete their tasks.
Without question, least-privilege is a critical area in security. Accepting that organizations, university and medical institutions, as well as government agencies have in recent years adopted the Internet as a key means of conducting important transactions—often involving sensitive information—one important factor these organizations and agencies have had to address is an unprecedented demand for security measures to guarantee the confidentiality, integrity, and availability of sensitive online information. A great place to begin building sound security measures to protect information assets, note security experts, is to install network perimeter-based protection with capabilities consistent with the security expectations of the organization.