Security Encyclopedia

Principle of Least Privilege (PoLP)

The Principle of Least Privilege (PoLP) is an approach to information technology or information security that states that every part of a system — user, device, application, etc. — be granted no more than the minimum degree of authority required to function.

The PoLP helps admins optimize their infrastructure in three main ways. It enhances system availability through the offsets created by far fewer admin, write (vs. read-only), and other aspects of the fuller control admins have. The It also helps increases security through the aforementioned efficiency but also limits the threat vector, and the ripple effect of security incidents. The PoLP also, in regards to applications especially, makes it easier to deploy applications when most users do not have complex roles and responsibilities.

The PoLP is also known as the principle of least authority or the principle of minimal privilege.


"I know you're running into some access issues that are hindering your work. Right now your permissions are our default least privilege ones. As soon as we get through some red tape, we'll get your permissions sorted and you'll have visibility into and editing power for most everything you've requested. Within reason, of course."