Least privilege

The principle of least privilege means that users only receive the access rights they absolutely need for their work.

What does Least Privilege mean in detail?

Instead of assigning comprehensive rights, access is deliberately restricted. This prevents systems or data from being unnecessarily compromised.

The principle is often used for user accounts and system access.

Where do I come across this issue in my day-to-day work?

• When accessing files or folders
• When using software or tools
• For administrative tasks (e.g. installation of programs)
• When working in teams or projects (e.g. shared drives)

Practical example:

An employee from the accounting department has access to financial data, but not to technical systems. This reduces the risk of inadvertently or deliberately making incorrect changes.

What can I do to improve my safety?

1. Request only necessary access rights

2. Do not share access with others

3. Report unnecessary or obsolete authorizations

4. Actively check whether rights are still required when changing roles

5. Do not use “admin rights” if they are not required

Remember: Less access usually means more security.