Skip to content

Principle of Least Privilege

Important

The Principle of Least Privilege is the only path to success.

The most important cybersecurity measure that exists is the adherence to the principle of least privilege at all layers of IT. The least privilege approach states that no person or program should have more rights in the IT systems than they need to do their jobs. In practice, this means that nobody but the IT team should have administrator privilege access to any systems.

Microsoft produced an excellent paper on this topic in 2006 - Applying The Principle of Least Privilege To User Accounts On Windows.

The reason that adherence to the principle of least privilege is the most important measure is that failure to do so may result in the failure of all other layers. This is because users with administrator level privileges may disable or otherwise bypass other cybersecurity measures. E.g. a user account with domain administrator level privileges may be used to turn off malware protection, or to embed keystroke logging software on every machine in the business.

With every infrastructure build performed by Bitstream, we start from nothing and build up while never violating this principle. It’s used in constructing all systems including: workstation operating systems, server operating systems, routers, firewalls, email systems, domain registrars, DNS servers, and all other various cloud service providers.