The principle of least privilege means that the access of an organization’s or company’s data is limited to a few individuals by their identity. What this principle means is that any person that has no authority to access data will not be able to do so since their identity will not be recognized by the system and thus rendering their efforts to access the data unfruitful. And therefore we have to understand that there are risks that necessitate the use of the principle of least privilege. In this article, we are going to look at some of the risks that are involved in the principle of least privilege.
One of the risks that are involved in the principle of least privilege is dormant identities. Dormant identities means that individuals that have been given the privilege to access very classified information about the company have not been active for a very long time and thus they are log in details become inactive. It may not be the fault of the individual with their logins it may just be probably that an individual may not see the need of constantly looking into such platforms to check anything that is going on there. The dormant identities are very risky for an organization because some individuals with evil motives can such inactivity in some of the people who have been privileged to access the company’s information and use their identity to access the data and information about the company which is very classified and may ruin the operations of that particular organization. Dormant identities pause a huge risk to the leakage of information about a company and the need put in check.
One of the risks that come with the principle of least privilege is privilege escalation. This type of risk can be viewed in two different dimensions one of which is horizontal privilege escalation and the other is vertical privilege escalation. In the area of horizontal privilege escalation, a person who does not have access to many functions in the cloud of an organization maneuvers his or her way to an account of an individual who has more ability and functions within the cloud. In vertical privilege escalation, this exists where a person who is of a lower authority within the structure of an organization manages to get access to the account of another individual who ranks higher in the organization and uses the privilege of that account in order for them to maliciously benefit themselves with the resources of the organization. The risk of the privilege escalation is very dangerous and always needs to be monitored.