POLP (Principle of least Privilege)= The main idea behind the least privilege is the restricting the access rights for users (i.e. Endpoint users, Employees) ,accounts ,and legitimate activities.
We are talking about Privileges here.
What exactly does POLP mean?
Privilege means authorization to certain security constraints. For example: We all use our personal computer(pc, laptops). We all know we can create guest accounts in it for other purposes. At that particular moment we have two accounts one is Admin account second is Guest account. Admin has rights to set privileges over guest accounts.what resources can guest accounts access.
Another Question arises here where are these Privileges used?
Privileges applied to people, processes ,applications, devices (such as IOT), in that each should have only those privileges that are authorized to perform certain activities.
Why POLP(Principle of Least Privilege) so Important?
In recent studies it has been found that 70% of cyber attacks are done or can be done because of human error, lack of security awareness. We all are humans, it’s not possible to not make mistakes. Thus , CISO’s need a better way then the least privilege principle comes to light. Where cyber attacks can be reduce in industry that happen because of human errors.
Least Privilege Best Practice
As you Implement principle of least privilege keep best practice in your mind, and following thins:
- Make sure account privileges are based on the requirement of task or job required =All users have least privilege account according to their part of work.
- Minimize privilege account for service account= Review every vendor documentation to minimize the privilege required by each application on the system. It’s best practice when it says you need Admin permission to access this application.
- Perform periodic access review to ensure principle of least privilege is implement and working well: It’s common when employee changes their department make sure changes over privilege according to their job role must be change as fast as possible.
Related Best Practice
As we have seen, the principle of least privilege or POLP is one of the most important ways to reduce attack surface and enhance security. However, this only is not sufficient we have to make sure of following thing:
- Make sure administrators use separate accounts on the basis of tasks they are performing:for example admin use user account and standard account to access email and the use of the Internet. IT related tasks must be perform under the grant permissions.
- Log and monitor all the activities of all accounts specially privilege accounts:Pinpoint every change in the working environment.
- Implement Multi Factor authentication on IT administrative accounts:Such as biometric scan ,user id or password to access their account.
Example how POLP Improve Security
For example in a bank where many employees work in different departments with different job roles if the bank has not implemented the principle of least privilege or POLP everyone can access the vault this increases the risk .when we implement the principle of least privilege we know exactly who can access the vault in case of any theft we know who is responsible.
This structure follow in every Industry/
Conclusion
By strictly enforcing Principle of least privilege or POLP, we can enhance the security of our Organization. IT administrator and HR department has to work together to determine permissions to account reduce of risk and attack surface.
written by: Deepak Rathour
reviewed by: Sayan Chatterjee
If you are Interested In Machine Learning You Can Check Machine Learning Internship Program
Also Check Other Technical And Non Technical Internship Programs
