Account privileges

Use a less privileged account

The Principle of Least Privilege

The principle of least privilege (PoLP; also known as the principle of least authority) is an important concept in computer security, promoting minimal user profile privileges on computers, based on users' job necessities.

This principle can also be applied to processes on the computer: each system component or process should have the least authority necessary to perform its duties. This precaution helps reduce the "attack surface" of the computer by eliminating unnecessary privileges that can result in network exploits and computer compromises.

You can apply this principle to the computers you work on by normally operating without administrative rights.

Resources from the UITS Knowledge Base

What is the principle of least privilege?

On a computer, what are administrators and administrative rights?

In Windows, how can I complete a task or run a program as administrator while logged in as a regular user?

In Unix, what are the sudo and su commands?

Account privileges

Use a less privileged account

The Principle of Least Privilege

Resources from the UITS Knowledge Base

Information Security & Policy resources