The Concept of Least Privilege

Least privilege essentially means to provide access to only what is required for a user to perform their job functions and nothing more.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

The Concept of Least Privilege

The fundamentals are often the most underappreciated part of the job in cyber security. In order to achieve a well-managed, secure environment, there must be focus on limiting exposure to risk by reducing the amount of rights and access provided. This is often described as limiting your threat surface.

Least privilege essentially means to provide access to only what is required for a user to perform their job functions and nothing more. An example is that if a user role is sales, they likely do not require access to any of the data associated with the finance team. Broadly distributed access to shared resources is the easiest way for a ransomware attack to impact a much larger part of the environment.  

A corollary to this, but perhaps the greatest source of risk, is administrative rights to a computer. Admin rights, or more specifically the ability to install software or edit operating system registry settings, should never be directly associated with a user account. Instead, this should require an elevation which challenges for a password and ideally a second factor authentication.  

LeastPrivilege_Technium

Simple tips to practice least privilege:

  1. Document the user role types you require and try to keep the list as small as possible

  2. Define rights required for each role type to only the required needs

  3. Establish authentication groups to match the role types and use-only groups in assigning privilege

  4. Ensure that no user has direct admin rights on a PC

  5. Create a checklist for yourself to regularly review and make modifications as required to the groups

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »