What does "least privilege" mean in access control?

The principle of "least privilege" in access control means that users are granted the minimum level of access necessary to perform their job functions. This approach helps to enhance security by reducing the risk of unauthorized access or misuse of sensitive information. By limiting user permissions strictly to what is required for their specific tasks, it minimizes the potential for accidental or malicious actions that could compromise the system or data integrity.

Implementing least privilege ensures that even if an account is compromised, the damage that can be done is restricted because the attacker would have limited access to resources. This security model is widely recognized as a fundamental practice in safeguarding information systems, aligning with various compliance regulations and best practices in cybersecurity.