Least Privilege

The Principle of Least Privilege (PoLP) says every identity should have only the minimum access needed to do its job, and nothing more.

It is a cornerstone of secure system design.

Least privilege limits the blast radius of a compromise.

If an over-privileged account is breached, attackers gain broad access. A tightly scoped account contains the damage.