Polyinstantiation is a cybersecurity strategy where multiple instances of a shared resource are created to prevent a user without the correct privileges from seeing the more sensitive information. In simpler terms, Polyinstantiation’s main purpose is to make a copy of one object or document and modify the attributes of the second copy, leaving the original document or object untouched. Polyinstantiation provides unique views into a record based upon the viewers own rights, clearance levels, or specific attributes. Please watch the video below for a real-world database example.
Related Readings: Solutions to the Polyinstantiation Problem
What should you do as a SMB Owner?
Polyinstantiation is another strategy that government organizations use to limit information to certain employees. Similar to administrative rights, polyinstantiation can be used to restrict access to individuals that do not have a clearance or need to know without tipping them off that something more exists.