Least Privilege refers to the access that is given to a user on a device or computer. Giving a user least privilege is to give a user account only the essential functions on the device needed to do their job. Giving a user least privilege helps protect individuals and companies from accidental disclosure of sensitive information, and sometimes the compromise of the computing environment users are operating within.
One of the best ways to protect your SMB from a major security breach is to implement the principle of Least Privilege by removing Administrator Rights from each employee operating a desktop computer. This single action can mean the difference between a major ransomware compromise incident and no incident at all.
Why? When your employee is tricked by a hacker into downloading and running malware on their computer, not having Administrative Rights should prevent the malware from installing. This lack of local computer system rights could prevent the malware from encrypting that users files as well as the files they can access to on network file servers!
Related Terms: Availability, Confidentiality, Integrity, Need to Know, Ransomware
Source: DABCC Inc.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
OAuth tokens don't expire when employees leave, passwords change, or apps go rogue. Your security program needs...
Read more
Most breaches don't start with a hacker in a hoodie cracking code at 3am. They start with your username and a...
Read more
Article Updates: As of May 6th 2026, every major U.S. AI lab, including Google DeepMind, Microsoft, xAI,...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
