The Answer Squad

Wikipedia states:

In information security, computer science, and other fields, the principle of least privilege, also known as the principle of minimal privilege or just least privilege, requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user or a program on the basis of the layer we are considering) must be able to access only such information and resources that are necessary to its legitimate purpose.

But what does that all mean really? Lets break it down in the most simple way possible and get a bit more granular. You are the admin, Administrator, root, Superuser, however you slice it, you are Master of the Universe (MOTU from here on) You have access to hidden shares, special options, secret check boxes, all those rock star like things you got into IT for in the first place. But you do not allow your users that same level of,  shall we say ‘power’. Why? For a multitude of reasons really, they don’t need it, they wouldn’t know what to do with it if they had it, and more importantly your average end user can’t really be trusted with it. I would much rather clean up a virus from one machine than fifty, or two hundred and fifty.

So lets get into this a bit deeper using least privileges means only giving a user what is absolutely necessary for them to complete their objective. If a user only needs access to one directory on a shared drive, there is no reason to give them access to the entire drive. More importantly if that user only needs read access to to that directory, why give them full control?

Let me give you an example, Shareen needs access to a to a directory called ‘Sales’ on a shared drive that everyone has full control of. Only the sales people have full control of the Sales directory because it houses a lot of important client data as well as sales pricing. Shareen needs to be able to read that data but should never be able to write to it. For a quick fix you give Shareen full control over the share folder and tell her everything should be good. A few days later you get a call from sales, all the data is gone, there is not even a sales folder. Come to find out Shareen has accidentally deleted the sales folder from the share.

Who’s fault is that, Shareens for not paying attention and deleting the data, or yours for giving her the ability to delete the data? Sure this is kind of a silly example and you should be able to fix the problem easy with a recent backup ( you DO have a good backup, don’t you?) but it gets the message through.

In closing don’t allow your users to fail, don’t give them more than they need to get the job done, when you give someone access and rights to something you are saying that you trust them enough and you think they are responsible enough to have it, you wouldn’t just give anyone a key yo your house would you?