What principle is indicated by 'least privilege' in user accounts?

The principle of 'least privilege' emphasizes that users should be granted only the minimum level of access necessary to perform their job functions effectively. This approach is designed to enhance security by limiting the potential damage that could occur if an account is compromised or misused. By restricting user permissions to only what is essential for their tasks, organizations can reduce the risk of accidental or malicious alterations to sensitive information and system settings.

For example, if a user only needs to view a specific dataset to perform their duties, providing access solely to that dataset — and not to the entire database — exemplifies the least privilege principle. This fundamental security practice helps in minimizing the attack surface and safeguarding against unauthorized access and data breaches, ultimately contributing to a more secure system environment.