What is the principle of least privilege?

The principle of least privilege states that users, processes, and systems should be granted only the minimum access rights necessary to perform their assigned tasks and no more. This limits the damage that can result from accidents, errors, or unauthorized use. A database administrator who only needs to run reports should not have write access to production data. Least privilege applies to user accounts, service accounts, application permissions, and network access. It is implemented through role-based access control, just-in-time access, and regular access reviews.