Practice of giving users, services, and systems only the access they need to reduce blast radius.
Least privilege is the security principle that people, applications, and services should receive only the access they actually need. In plain language, it means not handing out broad permissions “just in case” when a smaller, more specific level of access will do the job.
Least privilege matters because excessive permissions turn small mistakes into bigger incidents. A compromised help-desk account should not be able to delete production data. A script that only needs to read one storage location should not also have administrator rights across the environment.
It also matters because access sprawl is common. Over time, organizations add temporary permissions, forget to remove them, and accumulate broad standing access. Least privilege is one of the clearest ways to reduce unnecessary exposure and shrink the blast radius of misuse or compromise.
This principle appears in IAM design, cloud role assignments, database permissions, endpoint administration, API authorization, and privileged account review. Teams apply it when they define Role-Based Access Control, scope service identities, and require elevation only for specific administrative tasks.
It also appears during audits and incident investigations. Reviewers often ask whether an account had more access than it should have and whether that extra access increased the damage of an event.
| Identity type | Right-sized access example | Over-permissioned version |
|---|---|---|
| Employee | Read-only reporting access | Broad admin rights across finance tools |
| Service account | Access to one queue or storage path | Full control over the whole cloud project |
| Administrator | Temporary elevation for a change window | Standing unrestricted privilege |
A finance analyst needs monthly reporting dashboards and export tools but does not need the ability to manage payroll roles or approve administrator changes. By granting only reporting permissions, the company reduces the chance that one compromised account can affect unrelated sensitive systems.
Least privilege does not mean giving people so little access that they cannot work. The point is right-sized access, not arbitrary restriction.
It is also different from Authentication. Authentication proves who someone is. Least privilege is mostly about Authorization: deciding what that authenticated identity should be allowed to do.