What principle is described by "least privilege" in network security?

The principle of "least privilege" in network security stipulates that users should be granted the minimum level of access necessary to perform their job functions. This approach reduces the potential damage that could be caused by accidental or malicious actions, as users are not given access to resources or data that are irrelevant to their role. By limiting access, organizations can enhance security by minimizing exposure to sensitive information and reducing the risk of unauthorized access to critical systems.

For instance, if a user only requires access to a specific database to perform their duties, applying the least privilege principle means they should not have access to other databases or administrative functions. This targeted access reduces the attack surface and helps protect against data breaches.