The Principle of Least Privilege (POLP)

Microsoft

(Part 1 of Andreas Wolter's series of articles on security principles in Microsoft SQL Servers & Databases)

 

The first security principle that I am going to discuss is one that most System Administrators are familiar with: the “principle of least privilege” (short: POLP). It demands that the required permissions for a task shall only grant access to the needed information or resources that a task requires. When permissions are granted, we shall grant the least privileges possible.

 

POLP is so crucial because initially it is the privileges that any attacker is targeting. When developing an application, using a least-privileged user account (LUA) is the first rule of engagement.

 

Note
User Account Control (UAC) in Windows is a feature that Microsoft developed to assist administrators in working with least-privileges by default and elevate to higher permission only when needed.

You may also know that Microsoft recommends separating service accounts. This security best practice is generally referred to as service account isolation and is related to POLP: Using distinct service accounts prevents increased privileges, which happens easily when you share an account to be used for multiple purposes and as a consequence, the privileges are merged. - This would violate the principle of least privilege. Both POLP and service account isolation help reducing the attack surface (aka attack surface reduction).

 

Continue reading

0 Replies